discountscards.ru Open in urlscan Pro
54.36.135.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://discountscards.ru/
Effective URL:
https://discountscards.ru/
Submission Tags: discord.fish
Submission: On July 30 via api (July 30th 2022, 12:18:07 am UTC) from FI — Scanned from FR

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 65 HTTP transactions. The main IP is 54.36.135.235, located in Paris, France and belongs to OVH, FR. The main domain is discountscards.ru.
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.

This is the only time discountscards.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	54.36.135.235 54.36.135.235	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	104.248.199.158 104.248.199.158	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.36.130 142.251.36.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
65	14

25 54.36.135.235 (Paris, France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip235.ip-54-36-135.eu

discountscards.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.248.199.158 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bropush.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.dlyarek22.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.130 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	discountscards.ru 1 redirects discountscards.ru	428 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	267 KB
10	dlyarek22.site www.dlyarek22.site	40 KB
7	gstatic.com fonts.gstatic.com	189 KB
6	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	73 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	5 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 24785	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	650 B
1	bropush.site bropush.site	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
65	11

	Domain	Requested by
25	discountscards.ru	1 redirects discountscards.ru
10	www.dlyarek22.site	discountscards.ru
8	pagead2.googlesyndication.com	discountscards.ru pagead2.googlesyndication.com tpc.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
6	mc.yandex.ru	1 redirects discountscards.ru mc.yandex.ru
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	bropush.site	discountscards.ru
1	fonts.googleapis.com	discountscards.ru
65	13

This site contains no links.

Subject Issuer	Validity	Valid
discountscards.ru R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
bropush.site R3	`2022-07-29` - `2022-10-27`	3 months	crt.sh
www.dlyarek22.site R3	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://discountscards.ru/
Frame ID: A1C3B824810818345D74DF3A40CFA3C0
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html
Frame ID: FE18D259D230CCAA60D9282A80DF2589
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6143086816499790&output=html&adk=1812271804&adf=3025194257&lmt=1659138545&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiscountscards.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659140282299&bpp=5&bdt=561&idt=178&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2151268674402&frm=20&pv=2&ga_vid=1980323318.1659140282&ga_sid=1659140282&ga_hid=706912131&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067984%2C31068260%2C31068639%2C44768757%2C42531608%2C44764002%2C44769661&oid=2&pvsid=3489657428878293&tmod=1049360857&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=196
Frame ID: 8A7D8E823056D50FB8D765650599028E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 16DB63C316B245E8F9F1FC489E4F7969
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA60AB1C36E6C9313A70D1531BDAEEF6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дисконтные карты магазинов и скидочные карты гипермаркетов

Page URL History Show full URLs

http://discountscards.ru/ HTTP 301
https://discountscards.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

65
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

14
IPs

6
Countries

1018 kB
Transfer

2550 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://discountscards.ru/ HTTP 301
https://discountscards.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://mc.yandex.ru/watch/53472100?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A37926845755%3Ahid%3A1006463635%3Az%3A0%3Ai%3A20220730001802%3Aet%3A1659140282%3Ac%3A1%3Arn%3A124475388%3Arqn%3A1%3Au%3A1659140282433437387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659140281368%3Ads%3A0%2C59%2C55%2C41%2C239%2C0%2C%2C202%2C0%2C%2C%2C%2C597%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1659140282%3At%3A%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D0%BD%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%D0%B2%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%B3%D0%B8%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/53472100/1?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A37926845755%3Ahid%3A1006463635%3Az%3A0%3Ai%3A20220730001802%3Aet%3A1659140282%3Ac%3A1%3Arn%3A124475388%3Arqn%3A1%3Au%3A1659140282433437387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659140281368%3Ads%3A0%2C59%2C55%2C41%2C239%2C0%2C%2C202%2C0%2C%2C%2C%2C597%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1659140282%3At%3A%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D0%BD%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%D0%B2%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%B3%D0%B8%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

65 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
discountscards.ru/
Redirect Chain

http://discountscards.ru/
https://discountscards.ru/

346 KB
57 KB

115ms
56ms

Document
text/html

54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

e4f418936545542f4bb401b3d36301338f317ec93b510b6fbafd2ef7512015ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3, must-revalidate, public
content-encoding: gzip
content-length: 57924
content-type: text/html; charset=UTF-8
date: Sat, 30 Jul 2022 00:18:01 GMT
etag: "e244-5e4fa4b9cbed0"
expires: Sat, 30 Jul 2022 00:49:05 GMT
last-modified: Fri, 29 Jul 2022 23:49:05 GMT
pragma: public
referrer-policy: no-referrer-when-downgrade
server: nginx/1.20.2
strict-transport-security: max-age=31536000;
vary: Accept-Encoding,Cookie

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Sat, 30 Jul 2022 00:18:01 GMT
Location: https://discountscards.ru:443/
Server: nginx/1.20.2

GET
H2 200 lazyload.min.js Show response
discountscards.ru/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
3 KB 35ms
34ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 19 Dec 2021 20:47:58 GMT
server: nginx/1.20.2
etag: "1883-5d385e3275814-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2356
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 1b198.js Show response
discountscards.ru/wp-content/cache/minify/ 66 KB
19 KB 63ms
61ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/1b198.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

92814894afad50d89b2aa30f12841859904366f523ce417bd5abe4cd980704aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:33:26 GMT
server: nginx/1.20.2
etag: "4b6d-5e4e448a955bf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 19309
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 56fbe.css
discountscards.ru/wp-content/cache/minify/ 5 KB
3 KB 63ms
62ms Stylesheet
text/css 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/56fbe.css

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

04baba7855bde4192e69bd81cc020eba2070318564f52178aa8fd3dec5793a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:48 GMT
server: nginx/1.20.2
etag: "a03-5e4e46691142e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2563
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 e46bd.css
discountscards.ru/wp-content/cache/minify/ 105 KB
11 KB 44ms
43ms Stylesheet
text/css 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/e46bd.css

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

713c8c62dc325bbc749c67c9f407eaf64bec98513e9970da8a00910fbd265655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:48 GMT
server: nginx/1.20.2
etag: "2baf-5e4e46691336e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 11183
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 99ms
38ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

21f04b5d18d03d93a2370be15118428572e838ffecb83a1ccd0a6225c779a8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 00:18:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Jul 2022 00:18:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Jul 2022 00:18:01 GMT

GET
H2 200 4114f.css
discountscards.ru/wp-content/cache/minify/ 226 KB
43 KB 35ms
34ms Stylesheet
text/css 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/4114f.css

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

7150fbceb88c8ca07f84b3caa3e14d60e507f7649119b6107867f9c551d62a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:48 GMT
server: nginx/1.20.2
etag: "aada-5e4e46691336e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 43738
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 3a550.js Show response
discountscards.ru/wp-content/cache/minify/ 92 KB
32 KB 63ms
62ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/3a550.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

bf97709854273376fbaa00a78eb133e2f705941919196638afe00df1c5f554f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:48 GMT
server: nginx/1.20.2
etag: "7d94-5e4e46691336e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 32148
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 gyzdeytdhe5ha3ddf4zdgoju Show response
bropush.site/code/ 13 KB
14 KB 208ms
31ms Script
application/javascript 104.248.199.158
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://bropush.site/code/gyzdeytdhe5ha3ddf4zdgoju

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.248.199.158 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

77270c3c2e847da9b0168edf0240e429b1946203bdf8e54741ee7ad9cf4cd556

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 30 Jul 2022 00:18:02 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 wpshop-core.ttf
discountscards.ru/wp-content/themes/reboot/assets/fonts/ 57 KB
26 KB 64ms
63ms Font
application/x-font-ttf 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/themes/reboot/assets/fonts/wpshop-core.ttf

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://discountscards.ru/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 16:40:51 GMT
server: nginx/1.20.2
etag: "e52c-5da80cf484ec4-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/x-font-ttf
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 25966
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 1mx6l.json Show response
www.dlyarek22.site/ 59 B
269 B 274ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/1mx6l.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

314fd96d75b11251bff9c554b41579fca09bec60b2ffd173e158948b383c9dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 325cc.js Show response
discountscards.ru/wp-content/cache/minify/ 54 KB
14 KB 43ms
42ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/325cc.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

e684ab1d0cf4ab8fa69412a8f762725dc5a5b273c0abaf51803aac961390d112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:50 GMT
server: nginx/1.20.2
etag: "3636-5e4e466b90e88"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 13878
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 986c3.js Show response
discountscards.ru/wp-content/cache/minify/ 51 KB
10 KB 42ms
42ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/986c3.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

ce29617437dd18739d6ae9d119ff943623838d35e23f4657c651ee40a066ac35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:52 GMT
server: nginx/1.20.2
etag: "2704-5e4e466d6a8a4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 9988
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 505f8.js Show response
discountscards.ru/wp-content/cache/minify/ 19 KB
5 KB 43ms
43ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/505f8.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

ac102e5ac32bf9d04852bd46b1ed524a61e99ea7216b222f990a61ad937a7d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:52 GMT
server: nginx/1.20.2
etag: "11cd-5e4e466d6a8a4"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 4557
expires: Sun, 30 Jul 2023 00:18:01 GMT

GET
H2 200 c5700.js Show response
discountscards.ru/wp-content/cache/minify/ 6 KB
3 KB 33ms
33ms Script
application/x-javascript 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://discountscards.ru/wp-content/cache/minify/c5700.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

66a7ae828f56ebf9055ebddb4b1ada55b023963e66c32ef158e591bf0e338a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Jul 2022 21:41:57 GMT
server: nginx/1.20.2
etag: "a0f-5e4e4672370d8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3, must-revalidate, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 2575
expires: Sun, 30 Jul 2023 00:18:01 GMT

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 222ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

26d893c4b9d564d39a43aec47a2484ce2dac3c0e55f650ae047323bec5686ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1mx6l.min.js Show response
www.dlyarek22.site/ 66 KB
19 KB 256ms
86ms XHR
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/1mx6l.min.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

7c3b28eb96611694e3fc9177cf94ea3b8e37d7bc3099461c41da5b1a9f0c969a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
duration: 315995
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Sat, 30-Jul-2022 03:23:02 EEST

GET
H2 200 1mx6l.min.js Show response
www.dlyarek22.site/ 66 KB
19 KB 222ms
85ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/1mx6l.min.js?85cba18

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

7c3b28eb96611694e3fc9177cf94ea3b8e37d7bc3099461c41da5b1a9f0c969a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
duration: 317923
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Sat, 30-Jul-2022 03:23:02 EEST

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
28 KB 118ms
55ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:43:18 GMT
x-content-type-options: nosniff
age: 189283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:45:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:43:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 90ms
27ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 228792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 08:44:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 166ms
104ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 354386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 21:51:35 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 157ms
95ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:59:57 GMT
x-content-type-options: nosniff
age: 188284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:59:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 85ms
35ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 144970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jul 2023 08:01:51 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 131ms
84ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:28:45 GMT
x-content-type-options: nosniff
age: 190156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:28:45 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
44 KB 116ms
72ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans%3A400%2C400i%2C700%7CRoboto%3A400%2C400i%2C700%7CMontserrat%3A400%2C400i%2C700&subset=cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 19:26:35 GMT
x-content-type-options: nosniff
age: 190286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 19:26:35 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2c5ec720589f442589df568f5dc92932bb95482274cff3d7acf8a9ec37663f9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: deb124b2fbbeada3079fbe8dc204493f3e0f2e34516205b967bcc37587bf7747

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2ac030152e6a59fd8df90098b7020863751c99ce7d60369695f0b6c8740c61d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32fa92b34c3d3f9ebbc566d8126f93404b9e126558a07df9d4d839cbbfd71178

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 822dd22bc8ba0ecf3c09b15968193214c3d0148c3816e6e25e92b5aaf55dc8df

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ee9d9a06461ea9edff2cae6cbc37494b34c8df11f5d2f4f4a78c0e22774c49f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 283ms
143ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/c5700.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a218dafefeb720637baa5c82516fd7499367d6795240402e1eb92b38a1f4a391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-118b9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71865
expires: Sat, 30 Jul 2022 01:18:02 GMT

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 2 KB
711 B 108ms
86ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

62fa76710c955becf3eb5254354d88736aff63d2bd69231843a7335ea54a6e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 artlight-osveshchenie-magazinov-kosmetiki-riv-gosh-19-335x220.jpg
discountscards.ru/wp-content/uploads/2022/05/ 23 KB
23 KB 40ms
36ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/05/artlight-osveshchenie-magazinov-kosmetiki-riv-gosh-19-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

088ceedc224c07ab42b363634cdc3ed10217bd1acbdb62768eaad35fb4dc30da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 09 May 2022 22:24:55 GMT
server: nginx/1.20.2
etag: "5c97-5de9bad76c8d3"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 23703
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 18-335x220.jpg
discountscards.ru/wp-content/uploads/2022/05/ 13 KB
14 KB 37ms
34ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/05/18-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

f3398f1797c80890b9a7d0a079f010ba7091b3a79f702a1125f2554e492f0c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 07 May 2022 13:15:30 GMT
server: nginx/1.20.2
etag: "3512-5de6bc4ead3d8"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 13586
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 20-1-1-335x220.jpg
discountscards.ru/wp-content/uploads/2022/05/ 10 KB
10 KB 40ms
37ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/05/20-1-1-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

43c89a470d5d9bd3b56bbc9944c6962e687c89f31f6b31b782c425a5bdc64cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 08 May 2022 10:40:54 GMT
server: nginx/1.20.2
etag: "276c-5de7db9e65ac5"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 10092
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 f8182a8484a590e6c3e0636b7a8ed6fd-335x220.jpg
discountscards.ru/wp-content/uploads/2022/05/ 9 KB
9 KB 44ms
41ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/05/f8182a8484a590e6c3e0636b7a8ed6fd-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

3bd9cdd7eaa57132683530a3afdfc6684897e1f2c337697596fb423955445f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 12 May 2022 16:54:13 GMT
server: nginx/1.20.2
etag: "22e8-5ded36851b1a5"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 8936
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 1020x0_bzplapzibyojhnlp_jpg_4a8b-335x220.jpg
discountscards.ru/wp-content/uploads/2022/03/ 14 KB
15 KB 40ms
37ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/03/1020x0_bzplapzibyojhnlp_jpg_4a8b-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

da75b2c122c7401c98eaa5880853afaff89d8fc6948c3f9829041bd493e1cb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 15:00:41 GMT
server: nginx/1.20.2
etag: "3937-5d9296dbe16da"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 14647
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 scale_1200-335x220.jpg
discountscards.ru/wp-content/uploads/2022/02/ 25 KB
25 KB 41ms
39ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/02/scale_1200-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

d6100fcda37a3db13ffd04ab81c97427731719f3a8fdc0d428ccd378a16cd380

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Feb 2022 13:17:13 GMT
server: nginx/1.20.2
etag: "6219-5d6f4b8203929"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 25113
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 i-335x220.jpg
discountscards.ru/wp-content/uploads/2022/03/ 9 KB
9 KB 41ms
39ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/03/i-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

33c1a5c20abb9302106293ae233f061e4a2c45416dc56a3fbe23fedd8c7f36a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 15:41:36 GMT
server: nginx/1.20.2
etag: "23cf-5d92a000a17de"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 9167
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 brjsybyfffzc5ma1qkqqtzix2h751l6dw8otducx-335x220.jpeg
discountscards.ru/wp-content/uploads/2022/02/ 21 KB
21 KB 50ms
49ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/02/brjsybyfffzc5ma1qkqqtzix2h751l6dw8otducx-335x220.jpeg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

71a66f736a154730d39a89215879ca1669a87e813d330937d084fe05ba0d4d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Feb 2022 11:54:37 GMT
server: nginx/1.20.2
etag: "548f-5d8356e3c8e3a"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 21647
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 p3ra7lplyrq-335x220.jpg
discountscards.ru/wp-content/uploads/2022/03/ 20 KB
20 KB 47ms
46ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/03/p3ra7lplyrq-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

23e25cac82d43cbbbe5fbda06679753fea32119d03e698cc75f069253c92cb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:01 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Mar 2022 15:19:59 GMT
server: nginx/1.20.2
etag: "506f-5d9a265d428d0"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 20591
expires: Sun, 30 Jul 2023 00:18:02 GMT

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 44ms
44ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

fa20be0c0697ca1552c39359d62d9e8a371bf32f332ae657f435278e6cf6d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 114ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6143086816499790

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a3802602603325d0f7ee69894dcda87c457aa734ee131bb33acaae7810b084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discountscards.ru/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56805
x-xss-protection: 0
server: cafe
etag: 5505014538785195510
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 00:18:02 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/ 338 KB
119 KB 106ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6143086816499790&plah=discountscards.ru&ama_t=adsense&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&easpi=false&asro=false&easai=false&bust=31068639

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6143086816499790

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

879b2c7dc8a4ae4b2eb95878ca7d1bdfeeb6e8d93b654091180e1a7d29f7eb8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122088
x-xss-protection: 0
server: cafe
etag: 3366229321508308534
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 00:18:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/ Frame FE18 10 KB
5 KB 88ms
26ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220727/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6143086816499790

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discountscards.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 15889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 19:53:13 GMT
etag: 8616628553774171045
expires: Fri, 12 Aug 2022 19:53:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 43ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

a743ceb4b495d577a757c214f580a366e7576059015ec4fc062687b9169f6648

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6143086816499790

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32950a00c1d79b14c732f4749f2c42cdc4a5c9de6ef61468ebfb50ab4106c741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discountscards.ru/
Origin: https://discountscards.ru
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56805
x-xss-protection: 0
server: cafe
etag: 14156876065266821415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Jul 2022 00:18:02 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/53472100/
Redirect Chain

https://mc.yandex.ru/watch/53472100?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.ru/watch/53472100/1?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8...

357 B
439 B

70ms
70ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53472100/1?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A37926845755%3Ahid%3A1006463635%3Az%3A0%3Ai%3A20220730001802%3Aet%3A1659140282%3Ac%3A1%3Arn%3A124475388%3Arqn%3A1%3Au%3A1659140282433437387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659140281368%3Ads%3A0%2C59%2C55%2C41%2C239%2C0%2C%2C202%2C0%2C%2C%2C%2C597%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1659140282%3At%3A%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D0%BD%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%D0%B2%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%B3%D0%B8%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

663a55fa2512a97af5251549b6ff67bc2509380a24f9d45c648772caa17ebdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 00:18:02 GMT
x-content-type-options: nosniff
last-modified: Sat, 30-Jul-2022 00:18:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discountscards.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sat, 30-Jul-2022 00:18:02 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Jul 2022 00:18:02 GMT
last-modified: Sat, 30-Jul-2022 00:18:02 GMT
location: /watch/53472100/1?wmode=7&page-url=https%3A%2F%2Fdiscountscards.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1hc9dnhfark4nldxqmebc%3Afp%3A515%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A850%3Acn%3A1%3Adp%3A0%3Als%3A37926845755%3Ahid%3A1006463635%3Az%3A0%3Ai%3A20220730001802%3Aet%3A1659140282%3Ac%3A1%3Arn%3A124475388%3Arqn%3A1%3Au%3A1659140282433437387%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1659140281368%3Ads%3A0%2C59%2C55%2C41%2C239%2C0%2C%2C202%2C0%2C%2C%2C%2C597%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1659140282%3At%3A%D0%94%D0%B8%D1%81%D0%BA%D0%BE%D0%BD%D1%82%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%BC%D0%B0%D0%B3%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE%D0%B2%20%D0%B8%20%D1%81%D0%BA%D0%B8%D0%B4%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B0%D1%80%D1%82%D1%8B%20%D0%B3%D0%B8%D0%BF%D0%B5%D1%80%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://discountscards.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 30-Jul-2022 00:18:02 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 75ms
75ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
last-modified: Fri, 29 Jul 2022 10:22:34 GMT
etag: "62e38aba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 30 Jul 2022 01:18:02 GMT

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 52ms
52ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

0f563bc99f3c795555f9b2eca80fadc6ff9325e1fdf4423d50fa63e0a059bd45

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 screenshot_16-335x220.jpg
discountscards.ru/wp-content/uploads/2022/01/ 17 KB
17 KB 35ms
34ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/01/screenshot_16-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

b9eaa48effbedcfc763e67bcbe4cb196b7d0b3e8465db3166f3f228d6e78a395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Feb 2022 12:15:52 GMT
server: nginx/1.20.2
etag: "448a-5d6f3dcbc9e17"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 17546
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 scale_1200-335x220.jpg
discountscards.ru/wp-content/uploads/2022/03/ 15 KB
15 KB 34ms
33ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/03/scale_1200-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

b39d960197502c7e4bfe433d7fa0eecdafb6e95525a648ae1e952fc08f6f18ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Mar 2022 14:58:37 GMT
server: nginx/1.20.2
etag: "3a2f-5d9a2195f7bf5"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 14895
expires: Sun, 30 Jul 2023 00:18:02 GMT

GET
H2 200 tild3066-3936-4530-b062-323266653737__rtrr-335x220.jpg
discountscards.ru/wp-content/uploads/2022/01/ 23 KB
24 KB 35ms
35ms Image
image/jpeg 54.36.135.235
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://discountscards.ru/wp-content/uploads/2022/01/tild3066-3936-4530-b062-323266653737__rtrr-335x220.jpg

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.36.135.235 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ip235.ip-54-36-135.eu

Software

nginx/1.20.2 /

Resource Hash

103f43ff46805b4645532a137c6f3bfee490d15557956ba72439e654b40af1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: public
date: Sat, 30 Jul 2022 00:18:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Feb 2022 11:35:21 GMT
server: nginx/1.20.2
etag: "5cfb-5d6f34bd9a22b"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, public
strict-transport-security: max-age=31536000;
accept-ranges: bytes
content-length: 23803
expires: Sun, 30 Jul 2023 00:18:02 GMT

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 44ms
44ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

e339a2158ad3600027af804197b194837375e9184f4854360861b9034191a7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
650 B 144ms
48ms Script
text/javascript 142.251.36.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=discountscards.ru&callback=_gfp_s_&client=ca-pub-6143086816499790

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6143086816499790&plah=discountscards.ru&ama_t=adsense&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=0&asnd=0&asnp=0&asns=0&asmat=1&asptt=1&easpi=false&asro=false&easai=false&bust=31068639

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ddf0f17e5d332cb6af9fea21309dccc905685a6e5da9c66324cc3b56f9c4b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 148ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=discountscards.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 97ms
35ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=discountscards.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdiscountscards.ru%2F&tn=DIV&id=clearfy-cookie&cls=clearfy-cookie%20clearfy-cookie--bottom&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 00:18:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A7D 0
19 B 156ms
102ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6143086816499790&output=html&adk=1812271804&adf=3025194257&lmt=1659138545&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdiscountscards.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659140282299&bpp=5&bdt=561&idt=178&shv=r20220727&mjsv=m202207260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2151268674402&frm=20&pv=2&ga_vid=1980323318.1659140282&ga_sid=1659140282&ga_hid=706912131&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31067984%2C31068260%2C31068639%2C44768757%2C42531608%2C44764002%2C44769661&oid=2&pvsid=3489657428878293&tmod=1049360857&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discountscards.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 00:18:02 GMT
expires: Sat, 30 Jul 2022 00:18:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 xcin49yxrlg4.json Show response
www.dlyarek22.site/ 59 B
268 B 43ms
43ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dlyarek22.site/xcin49yxrlg4.json

Requested by

Host: discountscards.ru
URL: https://discountscards.ru/wp-content/cache/minify/1b198.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

091c6082511bd1c6ce9a8faaf86270d75534c57ed8c481130bbc3c5b918eba4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 40ms
40ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220727&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98497c7dd86fbb958a15a4801a07ab15a991fcb1da3a08053ad07739476274a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10600
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 118ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 00:18:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 16DB 13 KB
5 KB 88ms
26ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discountscards.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 8828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Jul 2022 21:50:54 GMT
expires: Sat, 29 Jul 2023 21:50:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DA60 783 B
1 KB 115ms
37ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c97a7497e0611d2fdbbca8ebc82f6dfdb0624770911e3a0f50fc4184442afdc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sMnYHKLgSaWIt3mgDSZxyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discountscards.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-sMnYHKLgSaWIt3mgDSZxyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 30 Jul 2022 00:18:03 GMT
expires: Sat, 30 Jul 2022 00:18:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js Show response
pagead2.googlesyndication.com/bg/ Frame 16DB 36 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/V6DtokwJh9Fgiqydg7O-dbjnh59Yi9_n4aBMW1s9fk8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 28 Jul 2022 19:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13875
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jul 2023 19:24:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DA60 0
0 76ms
75ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220727&jk=3489657428878293&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 16DB 0
9 B 26ms
26ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VEOGKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 00:18:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220727&jk=3489657428878293&bg=!ExClEFTNAAacadVKvGk7ACkAdvg8WhqiHZWHToiG72PFwVfd5pyOV3xjwHeFZX_o-NefQsAsSQ77owIAAABKUgAAAARoAQeZApjjMft9qsySDnDFGMVwnbyK_RGYX5cQQO5OSdIIgTfiv2VUZ5lsX6SQpepHvvXPEnPe1lxlGIwrA_X6nrETJJA6PRFEaKbGctIig2Y7eh1b9wHPlDxhgTyivXt8HxkBw57gyOocLUJCmFPPz6S8MbQCaeGJhki1f6Tupf0Q-Hf8Y65_5b4NI1dhn9sACuYbhfpW9grb2F_xQnpA3GK5kWBFRvbBNdk8FOrsWH29U7LQXPnMSQi1CuWOR-JYHPN1r6U3LjChBIkIUHwC1wqyLO656212a9vrsdgiF4cGIW1w9cwbxgr6BcFSdY6_A9jGzLBGFvLTajoG7IKVym0npRaHRxNphE8-LvUVlnCXDstfDgSvAYapiGhtk19ZnrvGY-ktp_4likv3mrFmUB2E57J9oV40gGlcO8qfy9Es582kKpygA9ultylODGeEdoKvVg9FVMLNGePDrWbeKJEBCVF1b_6MhFGS5dp0-3EnfrMXSSCaUtkebnHK99bhYemuXhDTNa-12n1nLQKmslTknh2ADL6OB17nNvsUEpMdq3LylDzUEIniq4Qmkxq08CjebplXAotkWgDV1mVz_K0B2V8Q4pNl20qrcRkLYmgDZEA0MN2FdCri1Ew4AhIdky3hk9n1MkIUVnzLm8tfkSmxL1cW5pyFBinZ8Ct2PON2uurgBqq8XBCsrDNEBz-ZCmcvnN1ntdREdgS2xkWtZlyZwwlnXN0Lw6sYq-TjSWEo8-XLb8Y6bTfce7EG_dj_9RLop2ei1ds2FZERe8500saXZWFzgLFgHdVUf6_r25uTzNBt227sSpM2kORZg2n59EkDvqxdLjJE1CSLVbMb3a0H3rLboPcM1JLowBhyaaAX3Q3EE14kHZadcg_C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://discountscards.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

POST
H2 200 53472100 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 615ms
71ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53472100?wmode=0&wv-part=1&wv-hit=1006463635&page-url=https%3A%2F%2Fdiscountscards.ru%2F&rn=388816083&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1659140286%3Aw%3A1600x1200%3Av%3A850%3Az%3A0%3Ai%3A20220730001805%3Au%3A1659140282433437387%3Avf%3A1hc9dnhfark4nldxqmebc%3Awe%3A1%3Ast%3A1659140286&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 00:18:06 GMT
last-modified: Sat, 30-Jul-2022 00:18:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://discountscards.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 30-Jul-2022 00:18:06 GMT

POST
H2 200 53472100 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 80ms
69ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/53472100?wmode=0&wv-part=1&wv-hit=1006463635&page-url=https%3A%2F%2Fdiscountscards.ru%2F&rn=444471112&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1659140286%3Aw%3A1600x1200%3Av%3A850%3Az%3A0%3Ai%3A20220730001805%3Au%3A1659140282433437387%3Avf%3A1hc9dnhfark4nldxqmebc%3Awe%3A1%3Ast%3A1659140286&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discountscards.ru/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Jul 2022 00:18:06 GMT
last-modified: Sat, 30-Jul-2022 00:18:06 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://discountscards.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 30-Jul-2022 00:18:06 GMT

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bropush.site/	1970-01-20 05:35:32	Name: uuid Value: 4bd7b69a-5515-4513-a11c-95abd53bfef9
.discountscards.ru/	1970-01-20 13:37:56	Name: _ym_uid Value: 1659140282433437387
.discountscards.ru/	1970-01-20 13:37:56	Name: _ym_d Value: 1659140282
.yandex.ru/	1970-01-20 13:37:56	Name: yandexuid Value: 7206145981659140282
.yandex.ru/	1970-01-20 13:37:56	Name: yuidss Value: 7206145981659140282
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 366071901659140282
.yandex.ru/	1970-01-23 20:28:20	Name: i Value: yIBkc/qWop7F6DDMD3WVJmG5sbLrSlYhdhfamftsLls9/+lfok6WP51DJW02LqKzSoOO7dSlw7hbMlgAb4FEviXnDGQ=
.yandex.ru/	1970-01-20 13:37:56	Name: ymex Value: 1690676282.yrts.1659140282#1690676282.yrtsi.1659140282
.discountscards.ru/	1970-01-20 04:53:32	Name: _ym_isad Value: 2
.discountscards.ru/	1970-01-20 04:52:22	Name: _ym_visorc Value: w
.discountscards.ru/	1970-01-20 14:13:56	Name: __gads Value: ID=fa68bc05ce9f3a02-226cdb1cdfcd0018:T=1659140282:RT=1659140282:S=ALNI_MZkgoT2cXHd1G2RmNyayvDEo2Cmjw
.doubleclick.net/	1970-01-20 04:52:21	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.fr
bropush.site
discountscards.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.dlyarek22.site
www.google.com
104.248.199.158
142.251.36.130
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a02:6b8::1:119
54.36.135.235
95.216.65.102
04baba7855bde4192e69bd81cc020eba2070318564f52178aa8fd3dec5793a9f
088ceedc224c07ab42b363634cdc3ed10217bd1acbdb62768eaad35fb4dc30da
091c6082511bd1c6ce9a8faaf86270d75534c57ed8c481130bbc3c5b918eba4f
0f563bc99f3c795555f9b2eca80fadc6ff9325e1fdf4423d50fa63e0a059bd45
103f43ff46805b4645532a137c6f3bfee490d15557956ba72439e654b40af1c0
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1a3802602603325d0f7ee69894dcda87c457aa734ee131bb33acaae7810b084c
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1c97a7497e0611d2fdbbca8ebc82f6dfdb0624770911e3a0f50fc4184442afdc
21f04b5d18d03d93a2370be15118428572e838ffecb83a1ccd0a6225c779a8b4
23e25cac82d43cbbbe5fbda06679753fea32119d03e698cc75f069253c92cb85
26d893c4b9d564d39a43aec47a2484ce2dac3c0e55f650ae047323bec5686ecb
314fd96d75b11251bff9c554b41579fca09bec60b2ffd173e158948b383c9dab
32950a00c1d79b14c732f4749f2c42cdc4a5c9de6ef61468ebfb50ab4106c741
32fa92b34c3d3f9ebbc566d8126f93404b9e126558a07df9d4d839cbbfd71178
33c1a5c20abb9302106293ae233f061e4a2c45416dc56a3fbe23fedd8c7f36a1
3bd9cdd7eaa57132683530a3afdfc6684897e1f2c337697596fb423955445f48
3ee9d9a06461ea9edff2cae6cbc37494b34c8df11f5d2f4f4a78c0e22774c49f
43c89a470d5d9bd3b56bbc9944c6962e687c89f31f6b31b782c425a5bdc64cce
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57a0eda24c0987d1608aac9d83b3be75b8e7879f588bdfe7e1a04c5b5b3d7e4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fa76710c955becf3eb5254354d88736aff63d2bd69231843a7335ea54a6e4f
663a55fa2512a97af5251549b6ff67bc2509380a24f9d45c648772caa17ebdee
66a7ae828f56ebf9055ebddb4b1ada55b023963e66c32ef158e591bf0e338a8e
713c8c62dc325bbc749c67c9f407eaf64bec98513e9970da8a00910fbd265655
7150fbceb88c8ca07f84b3caa3e14d60e507f7649119b6107867f9c551d62a2b
71a66f736a154730d39a89215879ca1669a87e813d330937d084fe05ba0d4d05
77270c3c2e847da9b0168edf0240e429b1946203bdf8e54741ee7ad9cf4cd556
7c3b28eb96611694e3fc9177cf94ea3b8e37d7bc3099461c41da5b1a9f0c969a
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
822dd22bc8ba0ecf3c09b15968193214c3d0148c3816e6e25e92b5aaf55dc8df
879b2c7dc8a4ae4b2eb95878ca7d1bdfeeb6e8d93b654091180e1a7d29f7eb8c
92814894afad50d89b2aa30f12841859904366f523ce417bd5abe4cd980704aa
973408bd1a1da181c7eaa9293c0cd095f3836a76b626bc76af21e1cd96b5dcde
98497c7dd86fbb958a15a4801a07ab15a991fcb1da3a08053ad07739476274a6
a218dafefeb720637baa5c82516fd7499367d6795240402e1eb92b38a1f4a391
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a743ceb4b495d577a757c214f580a366e7576059015ec4fc062687b9169f6648
ac102e5ac32bf9d04852bd46b1ed524a61e99ea7216b222f990a61ad937a7d25
b2ac030152e6a59fd8df90098b7020863751c99ce7d60369695f0b6c8740c61d
b2c5ec720589f442589df568f5dc92932bb95482274cff3d7acf8a9ec37663f9
b39d960197502c7e4bfe433d7fa0eecdafb6e95525a648ae1e952fc08f6f18ee
b9eaa48effbedcfc763e67bcbe4cb196b7d0b3e8465db3166f3f228d6e78a395
bf97709854273376fbaa00a78eb133e2f705941919196638afe00df1c5f554f6
ce29617437dd18739d6ae9d119ff943623838d35e23f4657c651ee40a066ac35
d6100fcda37a3db13ffd04ab81c97427731719f3a8fdc0d428ccd378a16cd380
da75b2c122c7401c98eaa5880853afaff89d8fc6948c3f9829041bd493e1cb6f
ddf0f17e5d332cb6af9fea21309dccc905685a6e5da9c66324cc3b56f9c4b26a
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
deb124b2fbbeada3079fbe8dc204493f3e0f2e34516205b967bcc37587bf7747
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e339a2158ad3600027af804197b194837375e9184f4854360861b9034191a7fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f418936545542f4bb401b3d36301338f317ec93b510b6fbafd2ef7512015ec
e684ab1d0cf4ab8fa69412a8f762725dc5a5b273c0abaf51803aac961390d112
f3398f1797c80890b9a7d0a079f010ba7091b3a79f702a1125f2554e492f0c86
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fa20be0c0697ca1552c39359d62d9e8a371bf32f332ae657f435278e6cf6d26e

discountscards.ru Open in urlscan Pro 54.36.135.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

69 %IPv6

11 Domains

13 Subdomains

14 IPs

6 Countries

1018 kBTransfer

2550 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

discountscards.ru Open in urlscan Pro
54.36.135.235 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

69 %
IPv6

11
Domains

13
Subdomains

14
IPs

6
Countries

1018 kB
Transfer

2550 kB
Size

12
Cookies

65 HTTP transactions
6 data transactions