corporatehelicopters.ru Open in urlscan Pro
87.236.19.240 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.corporatehelicopters.ru/
Effective URL:
https://corporatehelicopters.ru/
Submission: On August 06 via automatic, source certstream-suspicious (August 6th 2024, 3:47:17 pm UTC) — Scanned from DE

Summary HTTP 114 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 19 domains to perform 114 HTTP transactions. The main IP is 87.236.19.240, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is corporatehelicopters.ru.
TLS certificate: Issued by R10 on August 6th 2024. Valid for: 3 months.

This is the only time corporatehelicopters.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	87.236.19.240 87.236.19.240	198610 (BEGET-AS) (BEGET-AS)
2	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
2	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
13	5.101.37.37 5.101.37.37	201589 (EDGEAMLLC) (EDGEAMLLC)
11	172.255.224.36 172.255.224.36	7979 (SERVERS-COM) (SERVERS-COM)
1 6	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
4 11	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
1	151.236.71.248 151.236.71.248	204720 (CDNETWORKS) (CDNETWORKS)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2 8	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
4	95.163.52.89 95.163.52.89	47764 (VK-AS) (VK-AS)
1	18.173.154.22 18.173.154.22	16509 (AMAZON-02) (AMAZON-02)
3	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
4	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
3	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
2	57.128.74.65 57.128.74.65	16276 (OVH) (OVH)
1	185.163.159.177 185.163.159.177	207104 (BIZONE-AS) (BIZONE-AS)
1	77.88.44.55 77.88.44.55	13238 (YANDEX) (YANDEX)
1	57.128.74.66 57.128.74.66	16276 (OVH) (OVH)
114	28

31 87.236.19.240 (St Petersburg, Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)
PTR: ssl.venera5.beget.com

www.corporatehelicopters.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
corporatehelicopters.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cofr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 5.101.37.37 (Armenia)

ASN201589 (EDGEAMLLC, AM)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.255.224.36 (Netherlands)

ASN7979 (SERVERS-COM, US)

www.travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
travelpayouts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 93.158.134.119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.106.81.236 (Netherlands) 2 redirects

ASN7979 (SERVERS-COM, US)

avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.52.89 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: r3.mail.ru

privacy-cs.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-22.muc50.r.cloudfront.net

st.avsplow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.128.74.65 (France)

ASN16276 (OVH, FR)
PTR: ns3227025.ip-57-128-74.eu

node-ya-7.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.163.159.177 (Russian Federation)

ASN207104 (BIZONE-AS, RU)

telephony.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.88.44.55 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.128.74.66 (France)

ASN16276 (OVH, FR)
PTR: ns3227016.ip-57-128-74.eu

telemetry.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	corporatehelicopters.ru 1 redirects www.corporatehelicopters.ru corporatehelicopters.ru	906 KB
17	jivosite.com code.jivosite.com — Cisco Umbrella Rank: 42186 node-ya-7.jivosite.com — Cisco Umbrella Rank: 171297 telephony.jivosite.com — Cisco Umbrella Rank: 382413 telemetry.jivosite.com — Cisco Umbrella Rank: 56613 files.jivosite.com — Cisco Umbrella Rank: 185509	436 KB
11	travelpayouts.com www.travelpayouts.com — Cisco Umbrella Rank: 180916 travelpayouts.com — Cisco Umbrella Rank: 100177	226 KB
10	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 7686 privacy-cs.mail.ru — Cisco Umbrella Rank: 13550	63 KB
9	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
9	avsplow.com 2 redirects avsplow.com — Cisco Umbrella Rank: 267696 st.avsplow.com — Cisco Umbrella Rank: 959850	17 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	269 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503 yandex.ru — Cisco Umbrella Rank: 1074	72 KB
3	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 37813	2 KB
3	google.com translate.google.com — Cisco Umbrella Rank: 2103 www.google.com — Cisco Umbrella Rank: 10	32 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685	1 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	164 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 translate.googleapis.com — Cisco Umbrella Rank: 1452	73 KB
1	cofr.ru www.cofr.ru
1	top100.ru st.top100.ru — Cisco Umbrella Rank: 48651	39 KB
0	pluso.ru Failed share.pluso.ru Failed
114	19

	Domain	Requested by
29	corporatehelicopters.ru	corporatehelicopters.ru
12	code.jivosite.com	corporatehelicopters.ru code.jivosite.com
10	www.travelpayouts.com	corporatehelicopters.ru www.travelpayouts.com
9	mc.yandex.com	3 redirects corporatehelicopters.ru mc.yandex.ru
8	avsplow.com	2 redirects corporatehelicopters.ru st.avsplow.com
6	top-fwz1.mail.ru	1 redirects corporatehelicopters.ru top-fwz1.mail.ru
4	www.gstatic.com	www.google.com corporatehelicopters.ru www.gstatic.com
4	privacy-cs.mail.ru	top-fwz1.mail.ru privacy-cs.mail.ru
4	fonts.gstatic.com	fonts.googleapis.com corporatehelicopters.ru
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	kraken.rambler.ru	st.top100.ru corporatehelicopters.ru
3	mc.yandex.ru	1 redirects corporatehelicopters.ru
2	node-ya-7.jivosite.com	code.jivosite.com corporatehelicopters.ru
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.yadro.ru	1 redirects corporatehelicopters.ru
2	www.youtube.com	corporatehelicopters.ru
2	www.facebook.com	corporatehelicopters.ru
2	www.google.com	corporatehelicopters.ru www.gstatic.com
2	www.googletagmanager.com	corporatehelicopters.ru www.googletagmanager.com
1	files.jivosite.com
1	telemetry.jivosite.com	corporatehelicopters.ru
1	yandex.ru	privacy-cs.mail.ru
1	telephony.jivosite.com	corporatehelicopters.ru
1	translate.googleapis.com
1	travelpayouts.com	www.travelpayouts.com
1	st.avsplow.com	www.travelpayouts.com
1	www.cofr.ru	corporatehelicopters.ru
1	st.top100.ru	corporatehelicopters.ru
1	translate.google.com	corporatehelicopters.ru
1	fonts.googleapis.com	corporatehelicopters.ru
1	www.corporatehelicopters.ru	1 redirects
0	share.pluso.ru Failed	corporatehelicopters.ru
114	32

This site contains links to these domains. Also see Links.

Domain
translate.google.com
www.travelpayouts.com
hotellook.ru
aviav.ru
mhthemes.com
www.liveinternet.ru
top100.rambler.ru
top.mail.ru
code.jivosite.com

Subject Issuer	Validity	Valid
corporatehelicopters.ru R10	`2024-08-06` - `2024-11-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2024-04-05` - `2025-05-07`	a year	crt.sh
travelpayouts.com R11	`2024-06-22` - `2024-09-20`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-02-14` - `2025-03-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-15` - `2024-08-13`	3 months	crt.sh
cofr.ru R10	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
avsplow.com Amazon RSA 2048 M03	`2024-06-02` - `2025-07-01`	a year	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2024-07-12` - `2025-01-09`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://corporatehelicopters.ru/
Frame ID: 7465271529C32013A82767337F3492B8
Requests: 120 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvertolet.fr%2F&tabs=timeline&width=300&height=200&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 67FEEED5C801348831F313C5F20C1733
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faviav.ru%2F&tabs=timeline&width=300&height=200&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 4D654840E76B442172615BCF7B2D7854
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HJjmsGs3fd0
Frame ID: C900ACCCAE299EE907FFB266D5DFFD80
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/F--7yvhO4Yk
Frame ID: 5EDEACC635768DEE4B5BD983B2940D62
Requests: 1 HTTP requests in this frame

Frame: https://www.cofr.ru/click/aviav/240x400/240x400.html
Frame ID: 8494D72C41A8C403BE6D6426783D7553
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5AE35E77487DCEB4CD9326BB9BD33055
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 5F48380447BC10E6431578102D58ACEB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdejscUAAAAAMkvMlEAuT_bKI3a7ndslw4-3iu8&co=aHR0cHM6Ly9jb3Jwb3JhdGVoZWxpY29wdGVycy5ydTo0NDM.&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=acpn27qj9t9l
Frame ID: 48ED83A6CECFA317583D0E4FBC6BE185
Requests: 1 HTTP requests in this frame

Frame: https://telephony.jivosite.com/api/1/sites/220395/widgets/WTYfFJWFV0/clients/0/telephony/callback
Frame ID: 23781B906F077728B583ACDBD13E63A7
Requests: 5 HTTP requests in this frame

Frame: https://code.jivosite.com/social.min.html?mode=check&vk_app_id=5299720&vk_joint_id=162681653&vk_key=6e756c6c3d57545966464a57465630&fb_app_id=1614186198901622&fb_joint_id=189315354839092&fb_key=null_WTYfFJWFV0&logs=0
Frame ID: 41A439C51ECA9086D16E065F205D0DB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Корпоративные вертолеты

Page URL History Show full URLs

https://www.corporatehelicopters.ru/ HTTP 301
https://corporatehelicopters.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

114
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

28
IPs

6
Countries

2320 kB
Transfer

6544 kB
Size

44
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://www.travelpayouts.com/?marker=48286.poweredby&utm_source=powered_by&utm_medium=widget&utm_campaign=mewtwo

Search URL Search Domain Scan URL

URL: https://hotellook.ru/?marker=48286&language=ru

Search URL Search Domain Scan URL

URL: https://aviav.ru/feed

Search URL Search Domain Scan URL

URL: https://mhthemes.com/themes/mh-magazine/?utm_source=customer&utm_medium=link&utm_campaign=MH+Magazine+Lite
Title: MH Themes

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=7097323

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=3180830

Search URL Search Domain Scan URL

URL: https://code.jivosite.com/script/eula/WTYfFJWFV0
Title: Пользовательского соглашения

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.corporatehelicopters.ru/ HTTP 301
https://corporatehelicopters.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://top-fwz1.mail.ru/counter?id=3180830;t=0;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=3180830;t=0;l=1

Request Chain 40

https://counter.yadro.ru/hit?t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u043E%u043B%u0435%u0442%u044B;0.07602220142390181 HTTP 302
https://counter.yadro.ru/hit?q;t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u043E%u043B%u0435%u0442%u044B;0.07602220142390181

Request Chain 51

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%223c22de3f38ec1c851c8216e0ca0094db%22%2C%22trace_id%22%3A%22Zz4b6edfe9668d42f7ab93dfba-48286%22%2C%22promo_id%22%3A%224237%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%223c22de3f38ec1c851c8216e0ca0094db%22,%22trace_id%22:%22Zz4b6edfe9668d42f7ab93dfba-48286%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 56

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%22widget_id%22%3A%222e532b6acc191f77d5f9a21134ea16a6%22%2C%22trace_id%22%3A%22Zzdd1217230a47491fbd1e8a0f-48286%22%2C%22promo_id%22%3A%224239%22%7D%7D%5D%7D HTTP 302
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%222e532b6acc191f77d5f9a21134ea16a6%22,%22trace_id%22:%22Zzdd1217230a47491fbd1e8a0f-48286%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web

Request Chain 87

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10453.SJhn3ev-b3zhqJMezMVVnBhCsK_PFtUX0AmtVrRS7yzsL95fmR0Ar5Gl5AJBh-Rh.Ou1DvUCEsItx-1sSQsn4g0dAsuM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10453._RMNtILYjEHaSnYKHdLSl1OiEfwp4zUVSQ0aGU7eJFemhGKsC865zoKxU4mvt3tsF96Yn6smoG2H-0mP9OHR8m9E0r1kIppYkhhdZcpRBjTaoLryXUkDHZWZ8AfiI2juv7kHVaWX7iP-DnD6yqe1X_IIAehkvxHQ2H5-LiqyVHCIz400LlMiLNDorZHVuXN04nO8QG0PM6tJpfCeTHRaGbf0hU2OYIhc8gxJUhFziXc%2C.ekafDdevOUyGtAA0sGTJ1BQz_pE%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10453.xCUMZYZzfjxCHihpS9jTVDYsaKGoZHnLyaggGRIUn0fk6QSyOfLb4HZUkHo5njOKGayEDlke2MQ99MAf4buJpMtyNzlXB7K0MmyZKyNuCGF4Url3X6HOVj82K5HYRddMokJ9Q1S9wpNPdzX2W2mLiBsIVPhQ-OPASh7aaM3HQcRjRJlR658zFeRLy8ySRGoe1011ECTttw-CQeiRNwDVjg%2C%2C.f2B2Tzd6oTHpKA2wl3PPbgfhT4M%2C

Request Chain 93

https://mc.yandex.com/watch/56654239?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1644529568446%3Ahid%3A927317018%3Az%3A120%3Ai%3A20240806174710%3Aet%3A1722959230%3Ac%3A1%3Arn%3A305692849%3Arqn%3A1%3Au%3A1722959230425874936%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1896%3Awv%3A2%3Ads%3A0%2C0%2C116%2C4%2C1170%2C0%2C%2C915%2C2%2C%2C%2C%2C2286%3Aco%3A0%3Acpf%3A1%3Ans%3A1722959227900%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722959231%3At%3A%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/56654239/1?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1644529568446%3Ahid%3A927317018%3Az%3A120%3Ai%3A20240806174710%3Aet%3A1722959230%3Ac%3A1%3Arn%3A305692849%3Arqn%3A1%3Au%3A1722959230425874936%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1896%3Awv%3A2%3Ads%3A0%2C0%2C116%2C4%2C1170%2C0%2C%2C915%2C2%2C%2C%2C%2C2286%3Aco%3A0%3Acpf%3A1%3Ans%3A1722959227900%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722959231%3At%3A%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

114 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
corporatehelicopters.ru/
Redirect Chain

https://www.corporatehelicopters.ru/
https://corporatehelicopters.ru/

63 KB
15 KB

197ms
117ms

Document
text/html

87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: aada791cd41ee8f73925f98531591bc3646b436cf278f3811f23958dac24865d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 14855
content-type: text/html; charset=UTF-8
date: Tue, 06 Aug 2024 15:47:09 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Thu, 11 Jul 2024 15:25:04 GMT
pragma: no-cache
server: nginx-reuseport/1.21.1
vary: User-Agent,Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 06 Aug 2024 15:47:09 GMT
location: https://corporatehelicopters.ru/
server: nginx-reuseport/1.21.1
x-powered-by: PHP/7.4.33
x-redirect-by: WordPress

GET
H2 200 style.min.css
corporatehelicopters.ru/wp-includes/css/dist/block-library/ 110 KB
15 KB 65ms
58ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:45 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536bd-1b723"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 styles.css
corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 65ms
59ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.9.6
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536b3-b4e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 style.css
corporatehelicopters.ru/wp-content/plugins/google-language-translator/css/ 126 KB
10 KB 65ms
59ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 09 Dec 2023 18:38:57 GMT
server: nginx-reuseport/1.21.1
etag: W/"6574b441-1f7d7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 pagenavi-css.css
corporatehelicopters.ru/wp-content/plugins/wp-pagenavi/ 374 B
433 B 65ms
59ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/wp-pagenavi/pagenavi-css.css?ver=2.70
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 06 May 2023 18:47:15 GMT
server: nginx-reuseport/1.21.1
etag: W/"6456a0b3-176"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 rounded-thumbs.min.css
corporatehelicopters.ru/wp-content/plugins/contextual-related-posts/css/ 1 KB
640 B 65ms
60ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.5.2
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4f4a5683b6483776c7f839693c2d270ba41d0c3f72cffe007c920647fa47b74e

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:39 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536b7-50b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 style.css
corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 65ms
60ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 22 Jan 2022 18:23:41 GMT
server: nginx-reuseport/1.21.1
etag: W/"61ec4bad-b222"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 style.css
corporatehelicopters.ru/wp-content/themes/mh-musicmag/ 8 KB
3 KB 65ms
60ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/themes/mh-musicmag/style.css?ver=1.0.3
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9832cb08aefe9082282c6a1d1baff4493450a85688471eb501aa0635c05c7bea

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 09:25:18 GMT
server: nginx-reuseport/1.21.1
etag: W/"60f1507e-2146"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 font-awesome.min.css
corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 65ms
61ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 22 Jan 2022 18:23:41 GMT
server: nginx-reuseport/1.21.1
etag: W/"61ec4bad-7918"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
984 B 441ms
47ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind:400,600,700|Marcellus+SC

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

a57ed4b9d8f587725849b5f3aad8122a7b5ee0846ae5e0fe9d2f476f7a226cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 15:47:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Aug 2024 15:47:09 GMT

GET
H2 200 sitemap_style.css
corporatehelicopters.ru/wp-content/plugins/sitemap_plugin/ 147 B
312 B 66ms
62ms Stylesheet
text/css 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/sitemap_plugin/sitemap_style.css?ver=6.5.5
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2b43c124fd00d8352d7c53534739bd9c1c5aa688a0b7651e8d857f5e602e5283

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Thu, 12 Dec 2019 18:58:03 GMT
server: nginx-reuseport/1.21.1
etag: W/"5df28dbb-93"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 jquery.min.js Show response
corporatehelicopters.ru/wp-includes/js/jquery/ 86 KB
30 KB 66ms
62ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 11 Nov 2023 18:04:52 GMT
server: nginx-reuseport/1.21.1
etag: W/"654fc244-15601"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
corporatehelicopters.ru/wp-includes/js/jquery/ 13 KB
5 KB 176ms
172ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 12 Aug 2023 19:22:36 GMT
server: nginx-reuseport/1.21.1
etag: W/"64d7dbfc-3509"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 scripts.js Show response
corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/js/ 36 KB
12 KB 176ms
172ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 22 Jan 2022 18:23:41 GMT
server: nginx-reuseport/1.21.1
etag: W/"61ec4bad-91c9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 459ms
66ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169900485-32

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1168efe69852d2843dfae9f88a940bec7831ffbd5f8bbebc89a88e1e567c1435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76765
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 15:15:27 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 15:47:10 GMT

GET
H2 200 WTYfFJWFV0 Show response
code.jivosite.com/widget/ 17 KB
6 KB 426ms
77ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/widget/WTYfFJWFV0
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 851646217e0859e2025a1f9ada5f7374c3ffb37f6d1be6d6b32c90e15c005bd8

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: br
via: 1.1 sharxy
x-geo-shard: ya
content-length: 6056
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-17a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: MISS
accept-ranges: bytes
expires: Tue, 06 Aug 2024 17:47:10 GMT

GET
H2 200 cropped-helicopter-690829_1920.jpg
corporatehelicopters.ru/wp-content/uploads/2019/12/ 157 KB
157 KB 59ms
58ms Image
image/jpeg 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/cropped-helicopter-690829_1920.jpg
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 96c85d58051e549abd4ee057bc751cdf9faf605cb7d36be41f72ad3a24a33dfc

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Fri, 13 Dec 2019 13:07:49 GMT
server: nginx-reuseport/1.21.1
etag: "5df38d25-2724f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 160335
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 helicopters-326x245.jpeg
corporatehelicopters.ru/wp-content/uploads/2019/12/ 26 KB
26 KB 174ms
172ms Image
image/jpeg 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/helicopters-326x245.jpeg?v=1576240187
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c9c9f7c78282b8bb67a70f2a7a559eda3a464e4d4e2fcbd494cfde993fb7ad78

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Fri, 13 Dec 2019 12:29:47 GMT
server: nginx-reuseport/1.21.1
etag: "5df3843b-670d"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26381
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 3c22de3f38ec1c851c8216e0ca0094db.js Show response
www.travelpayouts.com/widgets/ 7 KB
2 KB 102ms
27ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/3c22de3f38ec1c851c8216e0ca0094db.js?v=1039
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c0ad41dd41d18dc12c34d5df0d7ac673606c8c756e55d846d7b29323dfe6d699

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store
x-promo-id: 4237
timing-allow-origin: *
link: </mewtwo/styles.css?v=1039>; rel=preload; as=style, </widgets_static/3c22de3f38ec1c851c8216e0ca0094db.js?v=1039>; rel=preload; as=script
x-robots-tag: noindex
x-request-id: 3c5e8b44c873220033bdcc623d1e420f

GET
H2 200 2e532b6acc191f77d5f9a21134ea16a6.js Show response
www.travelpayouts.com/widgets/ 7 KB
2 KB 124ms
49ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 82c6ebef95e8cce5bcc2dd20747482ff9af5cf7aa3faa7557169d46b50e83c6c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store
x-promo-id: 4239
timing-allow-origin: *
link: </mewtwo/styles.css?v=1041>; rel=preload; as=style, </widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041>; rel=preload; as=script
x-robots-tag: noindex
x-request-id: 15e6dbb89c77ba88fe6ad15a3f7d659c

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3180830;t=0;l=1
https://top-fwz1.mail.ru/counter2?id=3180830;t=0;l=1

43 B
1 KB

52ms
52ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3180830;t=0;l=1

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Tue, 06 Aug 2024 15:47:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3180830;t=0;l=1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 index.js Show response
corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 59ms
59ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.9.6
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536b3-2cf9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 index.js Show response
corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 59ms
58ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.9.6
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536b3-346f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 scripts.js Show response
corporatehelicopters.ru/wp-content/plugins/google-language-translator/js/ 13 KB
3 KB 58ms
58ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/google-language-translator/js/scripts.js?ver=6.0.20
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 09 Dec 2023 18:38:57 GMT
server: nginx-reuseport/1.21.1
etag: W/"6574b441-3455"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 91 KB
32 KB 494ms
91ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

ESF /

Resource Hash

94f55789c855851e8539267982b08e57025f4c24fdbc64d5eb4675d4099bba9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
988 B 193ms
107ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdejscUAAAAAMkvMlEAuT_bKI3a7ndslw4-3iu8&ver=3.0

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

588ae146e6eeec00a8b4d01cc3f9e1569e7e5847547fa40907be64a73f2435a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 06 Aug 2024 15:47:09 GMT

GET
H2 200 wp-polyfill-inert.min.js Show response
corporatehelicopters.ru/wp-includes/js/dist/vendor/ 8 KB
3 KB 62ms
59ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 01 Apr 2023 18:21:03 GMT
server: nginx-reuseport/1.21.1
etag: W/"6428760f-1feb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 regenerator-runtime.min.js Show response
corporatehelicopters.ru/wp-includes/js/dist/vendor/ 6 KB
3 KB 62ms
59ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 11 Nov 2023 18:04:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"654fc243-19e1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 wp-polyfill.min.js Show response
corporatehelicopters.ru/wp-includes/js/dist/vendor/ 38 KB
14 KB 62ms
59ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2024 19:05:46 GMT
server: nginx-reuseport/1.21.1
etag: W/"66119d0a-96be"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
H2 200 index.js Show response
corporatehelicopters.ru/wp-content/plugins/contact-form-7/modules/recaptcha/ 934 B
688 B 61ms
59ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.9.6
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Sat, 27 Jul 2024 18:04:35 GMT
server: nginx-reuseport/1.21.1
etag: W/"66a536b3-3a6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:09 GMT

GET
BLOB 200
OK d93cc73c-e97e-434c-88f5-979ff1bcc206
https://corporatehelicopters.ru/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://corporatehelicopters.ru/d93cc73c-e97e-434c-88f5-979ff1bcc206
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 491ms
90ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 06 Aug 2024 15:47:10 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-11660"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71264
expires: Tue, 06 Aug 2024 16:47:10 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 46 KB
19 KB 100ms
99ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Tue, 16 Jul 2024 20:47:12 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"6696dc50-b755"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 06 Aug 2024 16:47:09 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 125 KB
39 KB 206ms
14ms Script
application/javascript 151.236.71.248
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d8f7429fe04584bc9971b94fbe182e27ec4fc48a39006e5562b68149d89b56c4

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Mon, 05 Aug 2024 16:24:21 GMT
server: nginx
x-amz-meta-s3cmd-attrs: atime:1722875023/ctime:1722875041/gid:0/gname:root/md5:947556359bdb1889ad2bffbab5c1625b/mode:33188/mtime:1722875023/uid:0/uname:root
x-amz-request-id: 000001912835EB7CB0264C64E64C2965
etag: W/"947556359bdb1889ad2bffbab5c1625b"
x-cdn-edge-id: 2315
content-type: application/javascript
x-cdn-edge-cache: HIT
x-amz-tagging-count: 0
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-cdn-request-id: 3de4a28044f8ead61fec181a5e2349bb
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+qurXo4XqlMlqZyYVMWcbt0g3iROGS

GET pluso-like.js
share.pluso.ru/ 0
0

GET
H2 200 page.php
www.facebook.com/plugins/ Frame 67FE 0
0 442ms
101ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fvertolet.fr%2F&tabs=timeline&width=300&height=200&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 15:47:10 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400053546088403295"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400053546088403295", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=22, mss=1380, tbw=19299, tp=-1, tpl=-1, uplat=94, ullat=0
x-fb-debug: clS8C4YLEkIPITiQxy6CMa1nhkgFTYCwnZFWYUoYd0TEHaW2kCE/P4PyaK9SWh1pOjlU/1w/NqQtK6Y448P1sg==
x-fb-server-load: 55
x-xss-protection: 0

GET
H2 200 page.php
www.facebook.com/plugins/ Frame 4D65 0
0 420ms
81ms Document
text/html 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Faviav.ru%2F&tabs=timeline&width=300&height=200&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 15:47:10 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7400053546996851068"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7400053546996851068", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1380, tbw=2818, tp=-1, tpl=-1, uplat=74, ullat=0
x-fb-debug: jX325cmSEmoyyokn4qO4eawn1Z46E3sjDjBvgT+IuGXqz4AOmQkVYISOwfU1QfeAbiAuOiUX/3gqLtOBHWoQNA==
x-fb-server-load: 21
x-xss-protection: 0

GET
H2 200 HJjmsGs3fd0
www.youtube.com/embed/ Frame C900 0
0 556ms
134ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HJjmsGs3fd0

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 15:47:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 F--7yvhO4Yk
www.youtube.com/embed/ Frame 5EDE 0
0 510ms
90ms Document
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/F--7yvhO4Yk

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-nZJoKTESOzgAOyAiakF6cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 15:47:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 240x400.html
www.cofr.ru/click/aviav/240x400/ Frame 8494 0
0 520ms
58ms Document
text/html 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cofr.ru/click/aviav/240x400/240x400.html
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 274
content-type: text/html
date: Tue, 06 Aug 2024 15:47:10 GMT
etag: "59c0188c-112"
last-modified: Mon, 18 Sep 2017 19:03:40 GMT
server: nginx-reuseport/1.21.1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u04...
https://counter.yadro.ru/hit?q;t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u...

192 B
678 B

62ms
62ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u043E%u043B%u0435%u0442%u044B;0.07602220142390181

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

85e5396d82d4a5e9b3a2ddbd9db1f6cc36ee32f3b66d3c0db2a1e35502956d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Aug 2024 15:47:09 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 192
Expires: Sun, 06 Aug 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Aug 2024 15:47:09 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t15.6;r;s1600*1200*24;uhttps%3A//corporatehelicopters.ru/;h%u041A%u043E%u0440%u043F%u043E%u0440%u0430%u0442%u0438%u0432%u043D%u044B%u0435%20%u0432%u0435%u0440%u0442%u043E%u043B%u0435%u0442%u044B;0.07602220142390181
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 06 Aug 2023 21:00:00 GMT

GET
H2 200 action-21892_1920.jpg
corporatehelicopters.ru/wp-content/uploads/2019/12/ 381 KB
382 KB 63ms
62ms Image
image/jpeg 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/action-21892_1920.jpg
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: fc98fbacd137065b2d34a081b874da5e85d01d2e66768390cfb89c21b380ebb6

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Fri, 13 Dec 2019 13:07:03 GMT
server: nginx-reuseport/1.21.1
etag: "5df38cf7-5f4d0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 390352
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 flags.png
corporatehelicopters.ru/wp-content/plugins/google-language-translator/images/ 54 KB
54 KB 99ms
98ms Image
image/png 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/plugins/google-language-translator/images/flags.png
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

Referer: https://corporatehelicopters.ru/wp-content/plugins/google-language-translator/css/style.css?ver=6.0.20
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Sat, 09 Dec 2023 18:38:57 GMT
server: nginx-reuseport/1.21.1
etag: "6574b441-d6d4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 54996
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 481ms
77ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,600,700|Marcellus+SC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatehelicopters.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 08:36:41 GMT
x-content-type-options: nosniff
age: 112229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16216
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 08:36:41 GMT

GET
H2 200 ke8iOgUHP1dg-Rmi6RWjbLE_htac.woff2
fonts.gstatic.com/s/marcellussc/v13/ 14 KB
15 KB 443ms
40ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/marcellussc/v13/ke8iOgUHP1dg-Rmi6RWjbLE_htac.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,600,700|Marcellus+SC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

e62e34398a4821837ce47376299e7883ea3ab277763b8c72716f5c2177bf462c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatehelicopters.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 15:06:26 GMT
x-content-type-options: nosniff
age: 88844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14508
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:37:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Aug 2025 15:06:26 GMT

GET
H2 200 fontawesome-webfont.woff2
corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 96ms
95ms Font
application/font-woff2 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://corporatehelicopters.ru/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://corporatehelicopters.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Sat, 22 Jan 2022 18:23:41 GMT
server: nginx-reuseport/1.21.1
etag: "61ec4bad-12d68"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 77160
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 5aU19_a8oxmIfNJdERySjQ.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 451ms
48ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU19_a8oxmIfNJdERySjQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,600,700|Marcellus+SC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

5aed4a8f357d7edc1ac50eb4de07867c83e69a10a1711e10053bddce99294b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corporatehelicopters.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 11:56:23 GMT
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16268
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 11:56:23 GMT

GET
H2 200 a36074d3ce5907ca591187f983d504c1-326x245.jpg
corporatehelicopters.ru/wp-content/uploads/2019/12/ 20 KB
20 KB 76ms
76ms Image
image/jpeg 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/a36074d3ce5907ca591187f983d504c1-326x245.jpg?v=1576241813
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7897e206358e3f548e097fc4aa94d611d80b2063547cac24bf061a50bc27be60

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Fri, 13 Dec 2019 12:56:53 GMT
server: nginx-reuseport/1.21.1
etag: "5df38a95-50e7"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 20711
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 1755b933aa5e0d772ad98918e25fcb96-326x245.jpg
corporatehelicopters.ru/wp-content/uploads/2019/12/ 45 KB
45 KB 67ms
67ms Image
image/jpeg 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/1755b933aa5e0d772ad98918e25fcb96-326x245.jpg?v=1576241811
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f348b79e2dfcf48fff589de1a9497530a4960a3f66adc5e76c3fdeb3419c846b

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
last-modified: Fri, 13 Dec 2019 12:56:51 GMT
server: nginx-reuseport/1.21.1
etag: "5df38a93-b38a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45962
expires: Thu, 05 Sep 2024 15:47:09 GMT

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 167 KB
21 KB 37ms
35ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=1039
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Tuesday, 06-Aug-2024 15:47:09 UTC
server: nginx
etag: W/"66ab6f3b-29ce6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
x-request-id: 3b7f02db4b383e84968db145ca8fb8e7
expires: Tue, 06 Aug 2024 16:17:09 GMT

GET
H2 200 3c22de3f38ec1c851c8216e0ca0094db.js Show response
www.travelpayouts.com/widgets_static/ 311 KB
54 KB 61ms
60ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/3c22de3f38ec1c851c8216e0ca0094db.js?v=1039
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c9132cbcdd30e8e9eee5d4f97285212f0aa0f4d1e0c81a4333c2eb2779b732f2

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store
timing-allow-origin: *
x-promo-id: 0
x-robots-tag: noindex
x-request-id: 6e30928933eb13265a4e63b7672b61ed

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%223c22de3f38ec1c851c8216e0ca0094db%22,%22trace_...

43 B
388 B

43ms
43ms

Image
image/gif

185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%223c22de3f38ec1c851c8216e0ca0094db%22,%22trace_id%22:%22Zz4b6edfe9668d42f7ab93dfba-48286%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

Redirect headers

date: Tue, 06 Aug 2024 15:47:09 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%223c22de3f38ec1c851c8216e0ca0094db%22,%22trace_id%22:%22Zz4b6edfe9668d42f7ab93dfba-48286%22,%22promo_id%22:%224237%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK sync-loader.js Show response
privacy-cs.mail.ru/static/ 145 KB
38 KB 618ms
101ms Script
application/javascript 95.163.52.89
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/static/sync-loader.js
Requested by: Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash: 7b18c4fa25aa0a3d266d70e170abda60935e9ac6bb075b348d0d2e59b41e42b0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 15:47:10 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 06 Aug 2024 15:57:10 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
1 KB 50ms
50ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.4039911005596648;id=3180830;u=https%3A//corporatehelicopters.ru/;title=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=ed09688ecb3139dc;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=undefined;ct=1936/1940/1940//1827;rt=1827/108/0/0/0/1827/1827/1827/1827/1827/1827/1831/1929/1935;gl=u;ni=10//4g/50/0/;lvid=1722959229839%3A1722959229856%3A1%3A99e83becefe6c9b3f8d427747b639994;opts=dl%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;visible=true;js=13

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 167 KB
21 KB 49ms
48ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=1041
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Tuesday, 06-Aug-2024 15:47:09 UTC
server: nginx
etag: W/"66ab6f3b-29ce6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
x-request-id: 95fec8f27560920ce72a25a62069b7ee
expires: Tue, 06 Aug 2024 16:17:09 GMT

GET
H2 200 2e532b6acc191f77d5f9a21134ea16a6.js Show response
www.travelpayouts.com/widgets_static/ 310 KB
53 KB 36ms
35ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a3e0f30cfeec11d999104461994a85442814a8d8aedfc44121369c46ee91941c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store
timing-allow-origin: *
x-promo-id: 0
x-robots-tag: noindex
x-request-id: d91a03cb147f1d91caaad83e062d16bb

GET
H2

200

j.gif
avsplow.com/a/
Redirect Chain

https://avsplow.com/a/j.gif?p=web&tv=pixel&e=se&aid=tp_widgets&se_ca=mewtwo&se_ac=proxy_init&co=%7B%22schema%22%3A%22contexts%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22event%22%2C%22data%22%3A%7B%2...
https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%222e532b6acc191f77d5f9a21134ea16a6%22,%22trace_...

43 B
388 B

18ms
17ms

Image
image/gif

185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%222e532b6acc191f77d5f9a21134ea16a6%22,%22trace_id%22:%22Zzdd1217230a47491fbd1e8a0f-48286%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

Redirect headers

date: Tue, 06 Aug 2024 15:47:09 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
location: https://avsplow.com/a/j.gif?e=se&b3pc=true&co=%7B%22schema%22:%22contexts%22,%22data%22:%5B%7B%22schema%22:%22event%22,%22data%22:%7B%22widget_id%22:%222e532b6acc191f77d5f9a21134ea16a6%22,%22trace_id%22:%22Zzdd1217230a47491fbd1e8a0f-48286%22,%22promo_id%22:%224239%22%7D%7D%5D%7D&aid=tp_widgets&tv=pixel&se_ac=proxy_init&se_ca=mewtwo&p=web
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

GET
H2 200 styles.css
www.travelpayouts.com/mewtwo/ 167 KB
21 KB 59ms
59ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/styles.css?v=002
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Tuesday, 06-Aug-2024 15:47:09 UTC
server: nginx
etag: W/"66ab6f3b-29ce6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
x-request-id: 2770fd2a8d08aaaa5d6d5c7dae362b89
expires: Tue, 06 Aug 2024 16:17:09 GMT

GET
H2 200 sp.js Show response
st.avsplow.com/19.18.9/ 42 KB
14 KB 63ms
15ms Script
application/x-javascript 18.173.154.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.avsplow.com/19.18.9/sp.js
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-22.muc50.r.cloudfront.net
Software: /
Resource Hash: 953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 01:38:50 GMT
content-encoding: br
via: 1.1 f4ef6af6f595152791fb5c57054106ea.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 07:57:47 GMT
x-amz-cf-pop: MUC50-P3
age: 13961299
etag: W/"fb6c75c607bf3120c5b82845fbd28e71"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KsuzUbbpd9LdxvJV2MB0HqUfCp-9mgRzjc43k5IqEVKtORd0W0qMpg==

GET
H2 200 whereami Show response
www.travelpayouts.com/ 160 B
309 B 129ms
128ms Script
application/x-javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/whereami?locale=ru&callback=mewtwoForms.geoIPSetter.lang_ru
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: d4801f8cbd539fe1b6d74451c0e658d6e879d0d3d4cb5342a96c2774023957dc

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: br
server: nginx
content-length: 151
x-request-id: 5271eab9ab8c7e1b26b4d30c0ce756c3
content-type: application/x-javascript; charset=utf-8

GET
H2 200 logos.css
www.travelpayouts.com/mewtwo/ 116 KB
32 KB 25ms
24ms Stylesheet
text/css 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.travelpayouts.com/mewtwo/logos.css
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e6bb914a60890b63e904defe37b2cf8f3e589de0812d1398a03895b406f6a97c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:09 GMT
content-encoding: gzip
last-modified: Tuesday, 06-Aug-2024 15:47:09 UTC
server: nginx
etag: W/"66ab6f3b-1cfde"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
x-request-id: e36cb2b12ad8e951a0dc46d82069138f
expires: Tue, 06 Aug 2024 16:17:09 GMT

GET
H2 200 powered_by.js Show response
travelpayouts.com/powered_by/ 42 KB
15 KB 87ms
68ms Script
application/javascript 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://travelpayouts.com/powered_by/powered_by.js
Requested by: Host: www.travelpayouts.com
URL: https://www.travelpayouts.com/widgets_static/2e532b6acc191f77d5f9a21134ea16a6.js?v=1041
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 70fc73f411c4a14bb94afdd1966f0837194192a64f2654987cb218503378486e

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: br
last-modified: Tue, 06 Aug 2024 10:22:14 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache
x-robots-tag: noindex
x-request-id: 9259fbf385ae6826496732210dda83e2

GET
DATA 200
OK truncated
/ 611 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 381 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23dce552fa07d18808a95f3b33765bd0280711365092d014a825ad814a2cce63

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 635 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 17ms
16ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: https://corporatehelicopters.ru
date: Tue, 06 Aug 2024 15:47:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/plain; charset=UTF-8

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 39ms
38ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: https://corporatehelicopters.ru
date: Tue, 06 Aug 2024 15:47:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/plain; charset=UTF-8

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 3 B
680 B 183ms
61ms XHR
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/cnt/v2/
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:10 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, image/gif
access-control-allow-origin: https://corporatehelicopters.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 595 B
1 KB 174ms
53ms Image
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-obs-request-id: 45d65dcc4ab2c65f96be43fdebd8ac6d
x-obs-meta-s3cmd-attrs: atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
content-length: 595
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScvtDoU5oCdsQ9Q3LEQD7TFGd5tKmts
server: nginx
access-control-allow-methods: OPTIONS,GET
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
x-obs-tagging-count: 0
access-control-allow-headers: DNT

GET
H2 200 tp.png
www.travelpayouts.com/powered_by/img/ 4 KB
4 KB 20ms
17ms Image
image/png 172.255.224.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.travelpayouts.com/powered_by/img/tp.png
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.255.224.36 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
last-modified: Tue, 06 Aug 2024 10:22:14 GMT
server: nginx
content-type: image/png
cache-control: no-store, no-cache
accept-ranges: bytes
x-robots-tag: noindex
content-length: 3584
x-request-id: 6b8a6d93629b3f2930a245576a1f115a

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Phg/d=0/rs=AN8SPfor9mOnrVSOJ5Dp4JexmA5DU8Siog/ 22 KB
5 KB 436ms
39ms Stylesheet
text/css 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Phg/d=0/rs=AN8SPfor9mOnrVSOJ5Dp4JexmA5DU8Siog/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.b70XfzGn2W0.O/am=Phg/d=1/rs=AN8SPfqt7WmNOagwq0tI8LGh_264ch7gWg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 09:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Thu, 04 Apr 2024 07:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Aug 2025 09:11:32 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.b70XfzGn2W0.O/am=AIA/d=1/exm=el_conf/ed=1/rs=AN8SPfr4wMdR-Sur1W_Xh3sQxrCtChnlLw/ 207 KB
72 KB 67ms
60ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.b70XfzGn2W0.O/am=AIA/d=1/exm=el_conf/ed=1/rs=AN8SPfr4wMdR-Sur1W_Xh3sQxrCtChnlLw/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.b70XfzGn2W0.O/am=Phg/d=1/rs=AN8SPfqt7WmNOagwq0tI8LGh_264ch7gWg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

0a82443eafb5dbfec3643ed313bd82dbd118da6e517b7e1cbe23283ec5f2960a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 17:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73081
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 23:10:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Aug 2025 17:48:28 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 437ms
43ms Script
text/javascript 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdejscUAAAAAMkvMlEAuT_bKI3a7ndslw4-3iu8&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
Origin: https://corporatehelicopters.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 13:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216180
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 13:45:29 GMT

GET
H2 200 WTYfFJWFV0 Show response
code.jivosite.com/script/widget/config/ 27 KB
7 KB 601ms
285ms XHR
application/x-javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/WTYfFJWFV0
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/WTYfFJWFV0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1094d089eeae34db8c9bbbe36a37cdd9e93706dc511aa43c04116f5e5a19da7c

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: gzip
via: 1.1 sharxy
server: nginx
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: MISS
x-geo-shard: ya
x-node: fr5-up-gc15
expires: Tue, 06 Aug 2024 17:47:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
corporatehelicopters.ru/wp-includes/js/ 18 KB
5 KB 60ms
58ms Script
application/x-javascript 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2024 19:05:47 GMT
server: nginx-reuseport/1.21.1
etag: W/"66119d0b-4926"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Tue, 13 Aug 2024 15:47:10 GMT

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 52ms
51ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3180830

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 06 Aug 2024 15:57:10 GMT

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 40ms
37ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: https://corporatehelicopters.ru
date: Tue, 06 Aug 2024 15:47:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
88 KB 59ms
58ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TGKZS064JD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169900485-32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8201d64dff9c13c7a9f345517aebc7a6e7c4b1afb02697ae3baba88c52f092bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 15:47:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 354ms
14ms Script
text/javascript 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169900485-32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Aug 2024 14:15:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5527
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 06 Aug 2024 16:15:03 GMT

POST
H2 200 j
avsplow.com/a/ 2 B
342 B 37ms
36ms Ping
text/plain 185.106.81.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://avsplow.com/a/j
Requested by: Host: st.avsplow.com
URL: https://st.avsplow.com/19.18.9/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.106.81.236 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT CAO"
access-control-allow-origin: https://corporatehelicopters.ru
date: Tue, 06 Aug 2024 15:47:10 GMT
access-control-allow-credentials: true
server: nginx
content-length: 2
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5AE3 0
0 Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 87ms
40ms Image
image/svg+xml 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 14:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 14:56:34 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 270ms
42ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 14:17:48 GMT
x-content-type-options: nosniff
age: 91762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 910
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Aug 2025 14:17:48 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10453.SJhn3ev-b3zhqJMezMVVnBhCsK_PFtUX0AmtVrRS7yzsL95fmR0Ar5Gl5AJBh-Rh.Ou1DvUCEsItx-1sSQsn4g0dAsuM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10453._RMNtILYjEHaSnYKHdLSl1OiEfwp4zUVSQ0aGU7eJFemhGKsC865zoKxU4mvt3tsF96Yn6smoG2H-0mP9OHR8m9E0r1kIppYkhhdZcpRBjTaoLryXUkDHZWZ8AfiI2juv7kHVaWX7i...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10453.xCUMZYZzfjxCHihpS9jTVDYsaKGoZHnLyaggGRIUn0fk6QSyOfLb4HZUkHo5njOKGayEDlke2MQ99MAf4buJpMtyNzlXB7K0MmyZKyNuCGF4U...

43 B
583 B

57ms
56ms

Image
image/gif

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10453.xCUMZYZzfjxCHihpS9jTVDYsaKGoZHnLyaggGRIUn0fk6QSyOfLb4HZUkHo5njOKGayEDlke2MQ99MAf4buJpMtyNzlXB7K0MmyZKyNuCGF4Url3X6HOVj82K5HYRddMokJ9Q1S9wpNPdzX2W2mLiBsIVPhQ-OPASh7aaM3HQcRjRJlR658zFeRLy8ySRGoe1011ECTttw-CQeiRNwDVjg%2C%2C.f2B2Tzd6oTHpKA2wl3PPbgfhT4M%2C

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 15:47:10 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10453.xCUMZYZzfjxCHihpS9jTVDYsaKGoZHnLyaggGRIUn0fk6QSyOfLb4HZUkHo5njOKGayEDlke2MQ99MAf4buJpMtyNzlXB7K0MmyZKyNuCGF4Url3X6HOVj82K5HYRddMokJ9Q1S9wpNPdzX2W2mLiBsIVPhQ-OPASh7aaM3HQcRjRJlR658zFeRLy8ySRGoe1011ECTttw-CQeiRNwDVjg%2C%2C.f2B2Tzd6oTHpKA2wl3PPbgfhT4M%2C
date: Tue, 06 Aug 2024 15:47:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
572 B 95ms
95ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:10 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 06 Aug 2024 16:47:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 353ms
21ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TGKZS064JD&gtm=45je47v0v9111534956za200&_p=1722959229726&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1242184189.1722959230&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1722959230&sct=1&seg=0&dl=https%3A%2F%2Fcorporatehelicopters.ru%2F&dt=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2515
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGKZS064JD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ 0
0 55ms
54ms Fetch
application/octet-stream 95.163.52.89
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=u5f8E_9dG_WbrAzUbir0z
Requested by: Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 06 Aug 2024 15:47:10 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://corporatehelicopters.ru
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 06 Aug 2024 17:47:10 GMT

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 447ms
48ms Preflight
application/octet-stream 95.163.52.89
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=u5f8E_9dG_WbrAzUbir0z
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://corporatehelicopters.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://corporatehelicopters.ru
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 06 Aug 2024 15:47:10 GMT
Expires: Tue, 06 Aug 2024 17:47:10 GMT
Server: nginx

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 40ms
39ms Image
image/png 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Phg/d=0/rs=AN8SPfor9mOnrVSOJ5Dp4JexmA5DU8Siog/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.26tY-h6gH9w.L.W.O/am=Phg/d=0/rs=AN8SPfor9mOnrVSOJ5Dp4JexmA5DU8Siog/m=el_main_css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 22:16:15 GMT
x-content-type-options: nosniff
age: 63055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Aug 2025 22:16:15 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/56654239/
Redirect Chain

https://mc.yandex.com/watch/56654239?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/56654239/1?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Au...

483 B
688 B

55ms
55ms

Fetch
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56654239/1?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1644529568446%3Ahid%3A927317018%3Az%3A120%3Ai%3A20240806174710%3Aet%3A1722959230%3Ac%3A1%3Arn%3A305692849%3Arqn%3A1%3Au%3A1722959230425874936%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1896%3Awv%3A2%3Ads%3A0%2C0%2C116%2C4%2C1170%2C0%2C%2C915%2C2%2C%2C%2C%2C2286%3Aco%3A0%3Acpf%3A1%3Ans%3A1722959227900%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722959231%3At%3A%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

bdb14fdadea221dedd05d07cac741f61461212c5d91b4da2d5e725295924f1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 15:47:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 06-Aug-2024 15:47:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 483
x-xss-protection: 1; mode=block
expires: Tue, 06-Aug-2024 15:47:10 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:10 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Aug-2024 15:47:10 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/56654239/1?wmode=7&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1644529568446%3Ahid%3A927317018%3Az%3A120%3Ai%3A20240806174710%3Aet%3A1722959230%3Ac%3A1%3Arn%3A305692849%3Arqn%3A1%3Au%3A1722959230425874936%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1896%3Awv%3A2%3Ads%3A0%2C0%2C116%2C4%2C1170%2C0%2C%2C915%2C2%2C%2C%2C%2C2286%3Aco%3A0%3Acpf%3A1%3Ans%3A1722959227900%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722959231%3At%3A%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 06-Aug-2024 15:47:10 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 5F48 0
0 508ms
101ms Document
text/html 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 06 Aug 2024 15:47:11 GMT
etag: "66b1ec49-416"
expires: Tue, 06 Aug 2024 16:47:11 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 18ms
17ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=262888732&t=pageview&_s=1&dl=https%3A%2F%2Fcorporatehelicopters.ru%2F&ul=de-de&de=UTF-8&dt=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1838568509&gjid=201243951&cid=1242184189.1722959230&tid=UA-169900485-32&_gid=1901655652.1722959231&_r=1&gtm=457e47v0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&jsscut=1&npa=1&z=1224663312

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 48ED 0
0 66ms
65ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdejscUAAAAAMkvMlEAuT_bKI3a7ndslw4-3iu8&co=aHR0cHM6Ly9jb3Jwb3JhdGVoZWxpY29wdGVycy5ydTo0NDM.&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=acpn27qj9t9l

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JWoyUkmWE8EQzxjrSQwVXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-JWoyUkmWE8EQzxjrSQwVXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 15:47:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK WTYfFJWFV0 Show response
node-ya-7.jivosite.com/widget/status/220395/ 223 B
786 B 226ms
191ms XHR
application/json 57.128.74.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://node-ya-7.jivosite.com/widget/status/220395/WTYfFJWFV0?rnd=0.3919144997767632

Requested by

Host: code.jivosite.com
URL: https://code.jivosite.com/widget/WTYfFJWFV0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

57.128.74.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3227025.ip-57-128-74.eu

Software

nginx /

Resource Hash

90c66edfaadb66b8da832ef24c85cd411c35a3f8f5b6541644974f082e982c10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Aug 2024 15:47:11 GMT
Content-Security-Policy: frame-ancestors 'none';
Server: nginx
X-Botmode: no
X-Geoip: DE;HE;Frankfurt am Main (Innenstadt I)
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8;
Access-Control-Allow-Origin: https://corporatehelicopters.ru
Access-Control-Expose-Headers: X-Geoip, X-Botmode
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Max-Age: 1728000
Content-Length: 223

GET
H2 200 bundle_ru_RU.js Show response
code.jivosite.com/js/ 1 MB
259 KB 6ms
6ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/bundle_ru_RU.js?rand=1722859087
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/widget/WTYfFJWFV0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 503c3a09847016ee97c1feb54b6dc4a4bf861621ecd3044388b6d78568b7fd05

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2024-08-06T11:58:39+00:00
x-geo-shard: ya
content-length: 265045
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-40b55"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
1 KB 51ms
50ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?_=0.3419866842151009;id=3180830;u=https%3A//corporatehelicopters.ru/;title=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=ed09688ecb3139dc;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=1722959230186;nt=0/0/1722959227900/////1169/1169/1169/1169/1169//1250/1367/1370/1371/2286/2286/2288/3525/3525/3526;ct=1936/1940/1940/1956/1827;rt=1827/108/0/0/0/1827/1827/1827/1827/1827/1827/1831/1929/1935;gl=u;ni=10//4g/50/0/;lvid=1722959229839%3A1722959231427%3A2%3A99e83becefe6c9b3f8d427747b639994;opts=dl%2Cjst-gtag-ga-ym%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;fpid=u5f8E_9dG_WbrAzUbir0z;visible=true;js=13;e=RT/load;et=1722959231427

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 cropped-helicopter-32x32.png
corporatehelicopters.ru/wp-content/uploads/2019/12/ 3 KB
3 KB 58ms
58ms Other
image/png 87.236.19.240
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://corporatehelicopters.ru/wp-content/uploads/2019/12/cropped-helicopter-32x32.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.19.240 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.venera5.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: c8bd65e809667bd623509ca7df6c0ccf90bc5e11c49a48487a82ed1dfab30e7f

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
last-modified: Fri, 13 Dec 2019 13:07:27 GMT
server: nginx-reuseport/1.21.1
etag: "5df38d0f-a06"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2566
expires: Thu, 05 Sep 2024 15:47:11 GMT

GET
H2 200 widget.css
code.jivosite.com/css/9ae5953/ 150 KB
41 KB 6ms
6ms Stylesheet
text/css 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/css/9ae5953/widget.css
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: e87e0e12563f1aeb9325fc3c1596a8dcd1eebf37f04e3dcf7f9ef53be11113fd

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2024-08-05T11:58:37+00:00
x-geo-shard: ya
content-length: 42279
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-a527"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Thu, 15 Aug 2024 11:58:37 GMT

GET
H2 200 callback Show response
telephony.jivosite.com/api/1/sites/220395/widgets/WTYfFJWFV0/clients/0/telephony/ Frame 2378 28 B
197 B 365ms
306ms XHR
application/json 185.163.159.177
BIZONE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://telephony.jivosite.com/api/1/sites/220395/widgets/WTYfFJWFV0/clients/0/telephony/callback
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.163.159.177 , Russian Federation, ASN207104 (BIZONE-AS, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: 2ac6a90e36f9bc22f41ebcdfb872e4f1d64ffece11813e42693ff12c69f6446d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Aug 2024 15:47:11 GMT
cache-control: no-cache, private
via: 1.1 sharxy
content-encoding: gzip
server: QRATOR
content-type: application/json

HEAD
H2 200 context.js
yandex.ru/ads/system/ 0
0 473ms
66ms Fetch
text/javascript 77.88.44.55
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.44.55 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag: "6fb34d54d4d20c068eddca64b8a31a25-1081266"
x-yandex-req-id: 1722959232083444-1852834432659192239-balancer-l7leveler-kubr-yp-klg-78-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 06 Aug 2024 16:47:12 GMT

GET
H2 200 omnichannelMenu.widget.css
code.jivosite.com/css/9ae5953/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/css/9ae5953/omnichannelMenu.widget.css
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d342092f9039585510af2a01c599a173049ac65705dc5726a9ae1240dfcd52c7

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: gzip
via: 1.1 sharxy
x-cached-since: 2024-08-05T11:58:38+00:00
x-geo-shard: ya
content-length: 1336
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-538"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Thu, 15 Aug 2024 11:58:38 GMT

GET
H2 200 omnichannelMenu.js Show response
code.jivosite.com/js/9ae5953/ Frame 2378 34 KB
9 KB 6ms
6ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/9ae5953/omnichannelMenu.js
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: df19411bc43b897fb672f532437edb50953162c62a97b203a3ebedc9d804450a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2024-08-06T11:58:39+00:00
x-geo-shard: ya
content-length: 9612
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-258c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20c132e4b881d0220c419de31a745bdaaf4c0945ddd882177f0aed277df98d2e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 63d923a56ed0e631 Show response
node-ya-7.jivosite.com/widget/status/220395/WTYfFJWFV0/ Frame 2378 223 B
785 B 197ms
196ms XHR
application/json 57.128.74.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://node-ya-7.jivosite.com/widget/status/220395/WTYfFJWFV0/63d923a56ed0e631?

Requested by

Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

57.128.74.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3227025.ip-57-128-74.eu

Software

nginx /

Resource Hash

90c66edfaadb66b8da832ef24c85cd411c35a3f8f5b6541644974f082e982c10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Aug 2024 15:47:11 GMT
Content-Security-Policy: frame-ancestors 'none';
Server: nginx
X-Botmode: no
X-Geoip: DE;HE;Frankfurt am Main (Innenstadt I)
X-Frame-Options: DENY
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://corporatehelicopters.ru
Access-Control-Expose-Headers: X-Geoip, X-Botmode
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Max-Age: 1728000
Content-Length: 223

GET
H2 206 agent_message.mp3
code.jivosite.com/sounds/ 4 KB
4 KB 8ms
7ms Media
audio/mpeg 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://corporatehelicopters.ru/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
via: 1.1 sharxy
x-cached-since: 2024-08-05T07:48:19+00:00
Content-Range: bytes 0-3759/3760
x-geo-shard: ya
x-node: fr5-up-gc15
Content-Length: 3760
last-modified: Tue, 09 Jul 2024 12:45:54 GMT
server: nginx
etag: "668d3102-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 04 Sep 2024 07:48:19 GMT

GET
H2 206 notification.mp3
code.jivosite.com/sounds/ 6 KB
6 KB 7ms
6ms Media
audio/mpeg 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/notification.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://corporatehelicopters.ru/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
via: 1.1 sharxy
x-cached-since: 2024-08-05T07:47:59+00:00
Content-Range: bytes 0-5807/5808
x-geo-shard: ya
x-node: fr5-up-gc15
Content-Length: 5808
last-modified: Tue, 09 Jul 2024 12:45:54 GMT
server: nginx
etag: "668d3102-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 04 Sep 2024 07:47:59 GMT

GET
H2 206 outgoing_message.mp3
code.jivosite.com/sounds/ 5 KB
5 KB 7ms
7ms Media
audio/mpeg 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://corporatehelicopters.ru/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
via: 1.1 sharxy
x-cached-since: 2024-08-05T07:48:19+00:00
Content-Range: bytes 0-5013/5014
x-geo-shard: ya
x-node: fr5-up-gc15
Content-Length: 5014
last-modified: Tue, 09 Jul 2024 12:45:54 GMT
server: nginx
etag: "668d3102-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 04 Sep 2024 07:48:19 GMT

POST
H/1.1 204
No Content w
telemetry.jivosite.com/ Frame 2378 0
103 B 155ms
75ms Ping
text/plain 57.128.74.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://telemetry.jivosite.com/w
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 57.128.74.66 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3227016.ip-57-128-74.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Date: Tue, 06 Aug 2024 15:47:12 GMT
Server: nginx

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=262888732&t=event&_s=2&dl=https%3A%2F%2Fcorporatehelicopters.ru%2F&ul=de-de&de=UTF-8&dt=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=JivoSite&ea=Proactive%20invitation%20shown&el=Proactive%20Invitation%20on%20Every%20Page&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1242184189.1722959230&tid=UA-169900485-32&_gid=1901655652.1722959231&gtm=457e47v0za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=95250753&jsscut=1&npa=1&z=1223907162

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 12:18:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12527
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 56654239
mc.yandex.com/watch/ 43 B
265 B 53ms
53ms Ping
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56654239?page-url=goal%3A%2F%2Fcorporatehelicopters.ru%2FJivo_Proactive_invitation_shown&page-ref=https%3A%2F%2Fcorporatehelicopters.ru%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1722959230_cdebfd89a93f332fb51c9255ce21d58bb07376479e909d248b89b2a3f48a6933&browser-info=ar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A3%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1410%3Acn%3A1%3Adp%3A1%3Als%3A1644529568446%3Ahid%3A927317018%3Az%3A120%3Ai%3A20240806174711%3Aet%3A1722959232%3Ac%3A1%3Arn%3A144944447%3Arqn%3A2%3Au%3A1722959230425874936%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3526%2C3526%2C1%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1722959227900%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1722959232%3At%3A%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(2)lt(41300)aw(1)rcm(1)cdl(na)eco(21037572)dss(2)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:11 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Aug-2024 15:47:11 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Aug-2024 15:47:11 GMT

GET
H2 200 chatcontainer.widget.css
code.jivosite.com/css/9ae5953/ 105 KB
18 KB 7ms
6ms Stylesheet
text/css 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/css/9ae5953/chatcontainer.widget.css
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 85107b83b46c230307907c2717ebf57df1fb1895e2a7a1125537bd76505dc5a0

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2024-08-05T11:58:41+00:00
x-geo-shard: ya
content-length: 18428
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-47fc"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Thu, 15 Aug 2024 11:58:41 GMT

GET
H2 200 chatcontainer.js Show response
code.jivosite.com/js/9ae5953/ Frame 2378 330 KB
75 KB 7ms
7ms Script
application/javascript 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/js/9ae5953/chatcontainer.js
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: b3a9e3f39190b7fc8404eb271336428c28a80c993bfa07983c5a6b8374b601ec

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:11 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2024-08-06T11:58:42+00:00
x-geo-shard: ya
content-length: 76604
x-node: fr5-up-gc15
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
etag: "669f7d50-12b3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 636 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c601bc6798df82eabcf7201a5e2b6015d9b630b0f595ecb38381fc358aa0d8ea

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0717bd378cfc7b2de29e93f6224f84db6ca9d2f0b521c46d5b7ea8faa7bc9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1196e79d569ffcc4e3552146be880bbb06ee6a02b4c58b045b9b9c4e69716050

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 social.min.html
code.jivosite.com/ Frame 41A4 0
0 377ms
65ms Document
text/html 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/social.min.html?mode=check&vk_app_id=5299720&vk_joint_id=162681653&vk_key=6e756c6c3d57545966464a57465630&fb_app_id=1614186198901622&fb_joint_id=189315354839092&fb_key=null_WTYfFJWFV0&logs=0
Requested by: Host: corporatehelicopters.ru
URL: https://corporatehelicopters.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache: MISS
cache-control: max-age=864000
content-encoding: gzip
content-length: 1514
content-type: text/html
date: Tue, 06 Aug 2024 15:47:12 GMT
etag: "669f7d50-5ea"
expires: Fri, 16 Aug 2024 15:47:12 GMT
last-modified: Tue, 23 Jul 2024 09:52:16 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
x-node: fr5-up-gc15

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e3421fdc1caa3ae0a106a6ce630104cadc154bff7eb09cff934cba81027a00f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 61e713f55e93d77c38fd1a0c077c88bf.jpg
files.jivosite.com/avatars/2017_02/ 2 KB
2 KB 30ms
6ms Image
image/jpeg 5.101.37.37
EDGEAMLLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jivosite.com/avatars/2017_02/61e713f55e93d77c38fd1a0c077c88bf.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.37.37 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 268b9a062769dd3bb20aefd09fa4bba5d883674338a38a9fe2c5914d074596f2

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:47:12 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShZKdihKCx9vDtWIVaACGtMQME5Tk3u
last-modified: Sat, 09 Apr 2022 17:44:03 GMT
server: nginx
etag: "980fcbd2e06ca7d46d5da2e115f2c632"
x-cached-since: 2024-08-06T12:38:25+00:00
content-type: image/jpeg
access-control-allow-origin: *
x-obs-request-id: 0000018FC8DA502DB02762346DC85D9A
cache: HIT
accept-ranges: bytes
x-obs-tagging-count: 0
content-length: 1957
x-node: fr5-up-gc15

GET
DATA 200
OK truncated
/ 875 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04691d28537b54ac921ac4f2510707506d1576faae35626da78ff543e3a659bd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6e0d527b3aa424e722d5481cdd26f401ec4fc509d6cf9b05a6ea8ad89fb6d7e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf2704afa8d93fab9f72f0cf5c31d818e4106720f42746f1cdcab5ff91f609fd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 444 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc4967bc3335269323de63c0eb7e8fc81de1fba69e72cc726e62904bb5823849

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 274 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 672a98c0017341d9f006b510055866f64e29520b481b03e45313010d4b299284

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 347 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7ce02fa8812eeb19ed0dbe22f2d48c1acd62ece24d709e00cf055a8249aafa2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 496 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b60bef85284f6d3f4cef6230da68eb0596849b8df678c8e58526b1c5cf82eb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ 0
0 54ms
52ms Fetch
application/octet-stream 95.163.52.89
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=u5f8E_9dG_WbrAzUbir0z
Requested by: Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 06 Aug 2024 15:47:12 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://corporatehelicopters.ru
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Tue, 06 Aug 2024 17:47:12 GMT

POST
H2 200 56654239
mc.yandex.com/webvisor/ 43 B
0 283ms
132ms Fetch
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56654239?wv-part=1&wv-type=7&wmode=0&wv-hit=927317018&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&rn=511058720&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1722959234%3Aw%3A1600x1200%3Av%3A1410%3Az%3A120%3Ai%3A20240806174713%3Au%3A1722959230425874936%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Ast%3A1722959234&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:14 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06-Aug-2024 15:47:14 GMT
content-type: image/gif
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Aug-2024 15:47:14 GMT

POST
H2 200 56654239
mc.yandex.com/webvisor/ 43 B
0 51ms
49ms Fetch
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56654239?wv-part=1&wv-type=7&wmode=0&wv-hit=927317018&page-url=https%3A%2F%2Fcorporatehelicopters.ru%2F&rn=21180000&browser-info=we%3A1%3Aet%3A1722959234%3Aw%3A1600x1200%3Av%3A1410%3Az%3A120%3Ai%3A20240806174714%3Au%3A1722959230425874936%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Ast%3A1722959234&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 15:47:14 GMT
last-modified: Tue, 06-Aug-2024 15:47:14 GMT
content-type: image/gif
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 06-Aug-2024 15:47:14 GMT

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 3 B
581 B 66ms
63ms XHR
image/gif 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/cnt/v2/
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx /
Resource Hash: a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:15 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-srv: 2kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream, image/gif
access-control-allow-origin: https://corporatehelicopters.ru
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 18ms
18ms Fetch
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TGKZS064JD&gtm=45je47v0v9111534956za200&_p=1722959229726&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=95250753&cid=1242184189.1722959230&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=2&sid=1722959230&sct=1&seg=0&dl=https%3A%2F%2Fcorporatehelicopters.ru%2F&dt=%D0%9A%D0%BE%D1%80%D0%BF%D0%BE%D1%80%D0%B0%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D0%B5%20%D0%B2%D0%B5%D1%80%D1%82%D0%BE%D0%BB%D0%B5%D1%82%D1%8B&en=JivoSite&_ee=1&ep.event_category=JivoSite&ep.event_action=Proactive%20invitation%20shown&ep.event_label=Proactive%20Invitation%20on%20Every%20Page&_et=1493&tfd=9010
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGKZS064JD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://corporatehelicopters.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 15:47:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corporatehelicopters.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:55:11	Name: _GRECAPTCHA Value: 09AC6kKj-opV3WM99amDqux31umRKEE-24c6g8NTUV672t4CL-ADrXICZ-ddCZcpdM_gmUypY80WdJveUvaYf-Buk
.corporatehelicopters.ru/	1970-01-21 06:35:30	Name: tmr_lvid Value: 99e83becefe6c9b3f8d427747b639994
.corporatehelicopters.ru/	1970-01-21 06:35:30	Name: tmr_lvidTS Value: 1722959229839
.avsplow.com/	1970-01-21 07:21:35	Name: nuid Value: 9cea661e-c69d-4b67-9215-31a3656732ac
.yadro.ru/	1970-01-21 07:20:27	Name: FTID Value: 1ciaLz3d8x8r1ciaLz002Sha
.yadro.ru/	1970-01-21 07:20:27	Name: VID Value: 2klpEH0vb_er1ciaLz002SiE
.corporatehelicopters.ru/	1970-01-21 07:21:35	Name: adtech_uid Value: a4736b0b-56c8-4a95-9fa8-e91c2e15651b%3Acorporatehelicopters.ru
.corporatehelicopters.ru/	1970-01-21 07:21:35	Name: top100_id Value: t1.7097323.1151355863.1722959230140
.yandex.ru/	1970-01-21 07:21:35	Name: yashr Value: 5564395031722959230
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DkbI-C6oUJk
.youtube.com/	1970-01-21 02:55:11	Name: VISITOR_INFO1_LIVE Value: nQ0m-IDu5LM
.youtube.com/	1970-01-21 02:55:11	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgXQ%3D%3D
.rambler.ru/	1970-01-21 08:11:59	Name: ruid Value: 1CIAAH5FsmbuCK1IAagYGwB=
.corporatehelicopters.ru/	1970-01-21 07:21:35	Name: _ym_uid Value: 1722959230425874936
.corporatehelicopters.ru/	1970-01-21 07:21:35	Name: _ym_d Value: 1722959230
.mc.yandex.com/	1970-01-20 22:35:59	Name: sync_cookie_csrf Value: 568044775fake
.yandex.com/	1970-01-21 08:11:59	Name: i Value: 24bq489tyj7mIr17EqU9PYSzGbpVWATvxaorDhjpox2fQi9vCFGb0g8s61djLWKJ6LP4RZH+8ZEKC9j2G4Knop5HD0c=
.yandex.com/	1970-01-21 07:21:35	Name: yandexuid Value: 3816609091722959230
.yandex.com/	1970-01-21 07:21:35	Name: yashr Value: 2162346721722959230
.mc.yandex.ru/	1970-01-20 22:35:59	Name: sync_cookie_csrf Value: 920410020fake
.corporatehelicopters.ru/	1970-01-20 22:37:11	Name: _ym_isad Value: 2
corporatehelicopters.ru/	1970-01-20 22:46:04	Name: domain_sid Value: u5f8E_9dG_WbrAzUbir0z%3A1722959230490
.mc.yandex.com/	1970-01-20 22:37:25	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:11:59	Name: yandexuid Value: 3816609091722959230
.yandex.ru/	1970-01-21 08:11:59	Name: yuidss Value: 3816609091722959230
.yandex.ru/	1970-01-21 08:11:59	Name: i Value: 24bq489tyj7mIr17EqU9PYSzGbpVWATvxaorDhjpox2fQi9vCFGb0g8s61djLWKJ6LP4RZH+8ZEKC9j2G4Knop5HD0c=
.yandex.ru/	1970-01-21 08:11:59	Name: yp Value: 1723045630.yu.6391817911722959230
.yandex.ru/	1970-01-21 07:21:35	Name: ymex Value: 1725551230.oyu.6391817911722959230
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1898138131722959230
.yandex.com/	1970-01-21 07:21:35	Name: yuidss Value: 3816609091722959230
.yandex.com/	1970-01-21 07:21:35	Name: ymex Value: 1754495230.yrts.1722959230
.yandex.com/	1970-01-21 07:21:35	Name: receive-cookie-deprecation Value: 1
.corporatehelicopters.ru/	1970-01-21 08:11:59	Name: _ga Value: GA1.2.1242184189.1722959230
.corporatehelicopters.ru/	1970-01-20 22:37:25	Name: _gid Value: GA1.2.1901655652.1722959231
.corporatehelicopters.ru/	1970-01-20 22:35:59	Name: _gat_gtag_UA_169900485_32 Value: 1
.corporatehelicopters.ru/	1970-01-20 22:36:01	Name: _ym_visorc Value: w
.yandex.com/	1970-01-21 08:11:59	Name: bh Value: KgI/MGD/ism1Bg==
top-fwz1.mail.ru/	1970-01-21 07:23:01	Name: PVID Value: 3713KK0hTGIQ000023071KIQ:::0-0-0-bcc9e3d-0-bcc9e3f:CAASECzjsIrNuBwdZE2ZNbHs5SMaYMz-Jz0aVt6UzvuwutokYMr27iJorJUYapzBpXIox5bRdO__lM9gQYrhHNyGqVO_Ui-1sbdU1TGMuKhHHwLGTfm1AcTOC2d8af-RtjBLdQYwtQlJ1Z7piuXFeENL7qfTHA
.mail.ru/	1970-01-21 07:23:01	Name: VID Value: 3713KK0hTGIQ000023071KIQ:::0-0-0-bcc9e3d-0-bcc9e3f:CAASECzjsIrNuBwdZE2ZNbHs5SMaYMz-Jz0aVt6UzvuwutokYMr27iJorJUYapzBpXIox5bRdO__lM9gQYrhHNyGqVO_Ui-1sbdU1TGMuKhHHwLGTfm1AcTOC2d8af-RtjBLdQYwtQlJ1Z7piuXFeENL7qfTHA
.corporatehelicopters.ru/	1970-01-21 08:11:59	Name: _ga_TGKZS064JD Value: GS1.1.1722959230.1.0.1722959231.0.0.0
.vk.com/	1970-01-21 07:30:56	Name: remixlang Value: 6
.vk.com/	1970-01-21 07:21:35	Name: remixstlid Value: 9074792757182996592_Q72ZhHEzPbCLPr3OLk8UReqmUdcQKdzltHht9WHWvyc
corporatehelicopters.ru/	1970-01-20 22:37:25	Name: tmr_detect Value: 0%7C1722959232891
.corporatehelicopters.ru/	1970-01-21 07:21:35	Name: t3_sid_7097323 Value: s1.2011979361.1722959230141.1722959235150.1.3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://share.pluso.ru/pluso-like.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	info	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: Failed to parse video contentType: video/ogg; codecs=theora

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avsplow.com
code.jivosite.com
corporatehelicopters.ru
counter.yadro.ru
files.jivosite.com
fonts.googleapis.com
fonts.gstatic.com
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
node-ya-7.jivosite.com
privacy-cs.mail.ru
region1.google-analytics.com
share.pluso.ru
st.avsplow.com
st.top100.ru
telemetry.jivosite.com
telephony.jivosite.com
top-fwz1.mail.ru
translate.google.com
translate.googleapis.com
travelpayouts.com
www.cofr.ru
www.corporatehelicopters.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.travelpayouts.com
www.youtube.com
yandex.ru
share.pluso.ru
142.250.181.227
142.250.184.196
142.250.185.163
142.250.185.202
142.250.185.238
151.236.71.248
157.240.0.35
172.217.18.14
172.217.18.8
172.255.224.36
18.173.154.22
185.106.81.236
185.163.159.177
216.239.32.36
216.239.38.178
5.101.37.37
57.128.74.65
57.128.74.66
77.88.44.55
81.19.89.18
87.236.19.240
87.250.251.119
88.212.201.204
93.158.134.119
95.163.52.67
95.163.52.89
04691d28537b54ac921ac4f2510707506d1576faae35626da78ff543e3a659bd
07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c
0a82443eafb5dbfec3643ed313bd82dbd118da6e517b7e1cbe23283ec5f2960a
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
1094d089eeae34db8c9bbbe36a37cdd9e93706dc511aa43c04116f5e5a19da7c
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
1168efe69852d2843dfae9f88a940bec7831ffbd5f8bbebc89a88e1e567c1435
1196e79d569ffcc4e3552146be880bbb06ee6a02b4c58b045b9b9c4e69716050
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
20c132e4b881d0220c419de31a745bdaaf4c0945ddd882177f0aed277df98d2e
23dce552fa07d18808a95f3b33765bd0280711365092d014a825ad814a2cce63
2485b6352182e9b84c6010dedea330b64058983d22008327a64fd7d9b10df905
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268b9a062769dd3bb20aefd09fa4bba5d883674338a38a9fe2c5914d074596f2
2ac6a90e36f9bc22f41ebcdfb872e4f1d64ffece11813e42693ff12c69f6446d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b43c124fd00d8352d7c53534739bd9c1c5aa688a0b7651e8d857f5e602e5283
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e3421fdc1caa3ae0a106a6ce630104cadc154bff7eb09cff934cba81027a00f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f4a5683b6483776c7f839693c2d270ba41d0c3f72cffe007c920647fa47b74e
503c3a09847016ee97c1feb54b6dc4a4bf861621ecd3044388b6d78568b7fd05
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
588ae146e6eeec00a8b4d01cc3f9e1569e7e5847547fa40907be64a73f2435a3
5aed4a8f357d7edc1ac50eb4de07867c83e69a10a1711e10053bddce99294b7e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
672a98c0017341d9f006b510055866f64e29520b481b03e45313010d4b299284
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70fc73f411c4a14bb94afdd1966f0837194192a64f2654987cb218503378486e
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7897e206358e3f548e097fc4aa94d611d80b2063547cac24bf061a50bc27be60
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aba1186b73911d9422fbdef504b34963dc896c16c53daacb94c06d304b3653c
7b18c4fa25aa0a3d266d70e170abda60935e9ac6bb075b348d0d2e59b41e42b0
8201d64dff9c13c7a9f345517aebc7a6e7c4b1afb02697ae3baba88c52f092bb
82c6ebef95e8cce5bcc2dd20747482ff9af5cf7aa3faa7557169d46b50e83c6c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85107b83b46c230307907c2717ebf57df1fb1895e2a7a1125537bd76505dc5a0
851646217e0859e2025a1f9ada5f7374c3ffb37f6d1be6d6b32c90e15c005bd8
85e5396d82d4a5e9b3a2ddbd9db1f6cc36ee32f3b66d3c0db2a1e35502956d3e
885c89e82436cfa3d0a0a5a9b2f6be6e1503457c810cc88ed2c09b4570ae9fd6
90c66edfaadb66b8da832ef24c85cd411c35a3f8f5b6541644974f082e982c10
94f55789c855851e8539267982b08e57025f4c24fdbc64d5eb4675d4099bba9b
953af01affd97621869fdb141a98da9fd0e2a1417ae0e3f27c0c3cd49032f5af
9639fb98ee27b9ee66f19f3c87fe6eaa1345e0678bb79a5c21daa7d84770882d
9648446cf73c35ef331ed5fc53fb53b06f5cdb11af3d7b64f5d54ae24758b449
96c85d58051e549abd4ee057bc751cdf9faf605cb7d36be41f72ad3a24a33dfc
9832cb08aefe9082282c6a1d1baff4493450a85688471eb501aa0635c05c7bea
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a12b7cb43c9d9134b5bb1b35e9096b66775d9e92e7611d1cc92b02edd6782a87
a3e0f30cfeec11d999104461994a85442814a8d8aedfc44121369c46ee91941c
a57ed4b9d8f587725849b5f3aad8122a7b5ee0846ae5e0fe9d2f476f7a226cf8
a6e0d527b3aa424e722d5481cdd26f401ec4fc509d6cf9b05a6ea8ad89fb6d7e
aada791cd41ee8f73925f98531591bc3646b436cf278f3811f23958dac24865d
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
b0b60bef85284f6d3f4cef6230da68eb0596849b8df678c8e58526b1c5cf82eb
b3a9e3f39190b7fc8404eb271336428c28a80c993bfa07983c5a6b8374b601ec
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
bdb14fdadea221dedd05d07cac741f61461212c5d91b4da2d5e725295924f1a9
bf2704afa8d93fab9f72f0cf5c31d818e4106720f42746f1cdcab5ff91f609fd
c0ad41dd41d18dc12c34d5df0d7ac673606c8c756e55d846d7b29323dfe6d699
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c22b83b631a5293a1acd2dd2e6e8d19f254d46990b5e2115d572fc24a6a2c461
c2711e9edc60964dcb5aada1bfa59c2d68d3d9dc1baf4a5ee058b4c1bd32c3eb
c601bc6798df82eabcf7201a5e2b6015d9b630b0f595ecb38381fc358aa0d8ea
c8bd65e809667bd623509ca7df6c0ccf90bc5e11c49a48487a82ed1dfab30e7f
c9132cbcdd30e8e9eee5d4f97285212f0aa0f4d1e0c81a4333c2eb2779b732f2
c9c9f7c78282b8bb67a70f2a7a559eda3a464e4d4e2fcbd494cfde993fb7ad78
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc4967bc3335269323de63c0eb7e8fc81de1fba69e72cc726e62904bb5823849
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cd67ee7ca8d8e8492d61c34033243e78d6f478551aaba5ee30367cc47c53f4e0
d342092f9039585510af2a01c599a173049ac65705dc5726a9ae1240dfcd52c7
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d4801f8cbd539fe1b6d74451c0e658d6e879d0d3d4cb5342a96c2774023957dc
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
d7ce02fa8812eeb19ed0dbe22f2d48c1acd62ece24d709e00cf055a8249aafa2
d8f7429fe04584bc9971b94fbe182e27ec4fc48a39006e5562b68149d89b56c4
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df0ec8330290d184b1084527076cb87d41b33ba706ff5ab579d761f0cb6a744b
df19411bc43b897fb672f532437edb50953162c62a97b203a3ebedc9d804450a
dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16
e2fb63ea3b3d832a17e88ce1bdc0ec080117e17f1c9331697c822015e501cb13
e3b0717bd378cfc7b2de29e93f6224f84db6ca9d2f0b521c46d5b7ea8faa7bc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e621665022bb960e60fcbed829f30a54d28484a7e2d8e46f7e5025a06608b5bf
e62e34398a4821837ce47376299e7883ea3ab277763b8c72716f5c2177bf462c
e6bb914a60890b63e904defe37b2cf8f3e589de0812d1398a03895b406f6a97c
e87e0e12563f1aeb9325fc3c1596a8dcd1eebf37f04e3dcf7f9ef53be11113fd
f16e1cb28067e3d13d953e07794d6b724aa73a2965e68ea7373259c1b8ec5dbf
f348b79e2dfcf48fff589de1a9497530a4960a3f66adc5e76c3fdeb3419c846b
fc98fbacd137065b2d34a081b874da5e85d01d2e66768390cfb89c21b380ebb6
fd338f829b37a85daaccdfd14453413263221708c477ff625bd998a16c7482f8
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

corporatehelicopters.ru Open in urlscan Pro 87.236.19.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

93 %HTTPS

0 %IPv6

19 Domains

32 Subdomains

28 IPs

6 Countries

2320 kBTransfer

6544 kBSize

44 Cookies

9 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

corporatehelicopters.ru Open in urlscan Pro
87.236.19.240 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

93 %
HTTPS

0 %
IPv6

19
Domains

32
Subdomains

28
IPs

6
Countries

2320 kB
Transfer

6544 kB
Size

44
Cookies

114 HTTP transactions
21 data transactions