painters.by Open in urlscan Pro
185.200.242.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://painters.by/
Submission: On August 13 via api (August 13th 2024, 7:10:43 pm UTC) from US — Scanned from US

Summary HTTP 78 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 78 HTTP transactions. The main IP is 185.200.242.104, located in St Petersburg, Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is painters.by.
TLS certificate: Issued by R10 on August 12th 2024. Valid for: 3 months.

This is the only time painters.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	185.200.242.104 185.200.242.104	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
3	2607:f8b0:400... 2607:f8b0:400d:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
6 18	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2607:f8b0:400... 2607:f8b0:400d:c09::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c01::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c01::71	15169 (GOOGLE) (GOOGLE)
13	176.9.67.88 176.9.67.88	24940 (HETZNER-AS) (HETZNER-AS)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.253.63.138 172.253.63.138	15169 (GOOGLE) (GOOGLE)
78	14

31 185.200.242.104 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: 1618615-cr09978.twc1.net

painters.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c01::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 176.9.67.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.67.9.176.clients.your-server.de

leadback.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudim.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.63.138 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f138.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	painters.by painters.by	4 MB
14	yandex.ru 4 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	76 KB
11	leadback.ru leadback.ru — Cisco Umbrella Rank: 674275	100 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 641 fonts.googleapis.com — Cisco Umbrella Rank: 110	124 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	cloudim.ru cloudim.ru — Cisco Umbrella Rank: 912387	5 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	yandex.by 1 redirects mc.yandex.by — Cisco Umbrella Rank: 192413	776 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 20368	897 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
2	gstatic.com fonts.gstatic.com	54 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	185 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	82 KB
1	yandex.st yandex.st — Cisco Umbrella Rank: 142301	26 KB
78	14

	Domain	Requested by
31	painters.by	painters.by
14	mc.yandex.ru	4 redirects painters.by cdn.jsdelivr.net
11	leadback.ru	painters.by ajax.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	painters.by ajax.googleapis.com
3	ajax.googleapis.com	painters.by leadback.ru
2	cloudim.ru	ajax.googleapis.com cloudim.ru
2	www.facebook.com	painters.by
2	mc.yandex.by	1 redirects painters.by
2	mc.webvisor.org	1 redirects painters.by
2	connect.facebook.net	painters.by connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	painters.by www.googletagmanager.com
1	cdn.jsdelivr.net	painters.by
1	yandex.st	painters.by
78	15

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
t.me
leadback.ru

Subject Issuer	Validity	Valid
painters.by R10	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2024-05-20` - `2024-11-17`	6 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
leadback.ru R10	`2024-07-28` - `2024-10-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-23` - `2024-08-21`	3 months	crt.sh
cloudim.ru R10	`2024-07-28` - `2024-10-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://painters.by/
Frame ID: 01B5C43173143F38596B01C3E6120683
Requests: 78 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 979D03A5B9A687B7ABE6612506C2A0D7
Requests: 1 HTTP requests in this frame

Frame: https://cloudim.ru/im/?&silent=true&accept_chats=false&need[name]=false&need[email]=false&&uid=34891&group=18466&url=https%3A%2F%2Fpainters.by%2F&referer=&page=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by
Frame ID: 2BCA83FB9FF76A2219B4D4D74A2B99CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Главная страница — painters.by

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

78
Requests

94 %
HTTPS

77 %
IPv6

14
Domains

15
Subdomains

14
IPs

3
Countries

4396 kB
Transfer

6259 kB
Size

42
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/painters.by
Title: instagram

Search URL Search Domain Scan URL

URL: https://t.me/poom_ponn
Title: telegram

Search URL Search Domain Scan URL

URL: https://leadback.ru/?utm_source=leadback_widget&utm_medium=remmo.by&utm_campaign=self_ad
Title: Виджет предоставлен LeadBack.ru

Search URL Search Domain Scan URL

URL: https://leadback.ru/?utm_source=leadback_chat&utm_medium=invite_message&utm_campaign=self_ad
Title: Технология Leadback

Search URL Search Domain Scan URL

URL: https://leadback.ru/?utm_source=leadback_chat&utm_medium=chat_footer&utm_campaign=self_ad
Title: Технология Leadback

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A385390645810%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A386372717%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Ast%3A1723576236&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A385390645810%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A386372717%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Ast%3A1723576236&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29

Request Chain 45

https://mc.yandex.ru/watch/92183833?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A687608901181%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A255788673%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Arqnl%3A1%3Ast%3A1723576236%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.ru/watch/92183833/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A687608901181%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A255788673%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Arqnl%3A1%3Ast%3A1723576236%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Request Chain 48

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10460.C8f0epX6Cd6AORMJH-1Oxyg8KtdcR_fEjYSAKG9wvrftCHlwW2OPmly67yqBwcAI.7BgKZ5fJhIn3rT_P9Om6FXHx6Ew%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10460.L5JuZBxa0HEUt0hI47pdjn3-qEByAo2UckIBVgoLK8jZjVhAl9-swVr2OeSzGhZe_KGrswUFXKSz3YOcMvVjZ73yllbPnsh4aktCTq0IJ_1lLBC9Gsg8zM4zv_CDiK9q5iPQs8qZ6MTzcEwbBnqJuBVSghAEYXAX584dNPvlgVb7uwANjI06Fg9rHwbR2WrrddZiMyuYHLxNQlQN3ZSZ7dNaG7kHefLO-gw9-QQUoc8%2C.eoIoeUnUPUa_vsd9RVwby392jnQ%2C

Request Chain 49

https://mc.yandex.by/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10460.M5r2IpeD-hkoRGZ6y4Lg5DpxTdNJM_kFrkUvPQUft1MgFuUghRHAVdqeisgBCHu3.pfnKbYlL3U3I7LCN-KlW9KF2n80%2C HTTP 302
https://mc.yandex.by/sync_cookie_image_decide?token=10460.6CLO44YJbP2LNz23AvUI1mfMHcKUICQyYUNhmE5ndaghCmkA612Nx2gC2i8EYckAtEBypfmojjy48HaQjswgNSZyi4oI-6SIVgAyPdOJaqUIRNHZwSc_BeWJx4oozfMAhkWZKqk3_bZ_nY447LFuIoV-NZ1NSmwtWbDRDRzhRH8IwF3W17_sRyyydXUNByz0HEXum8gXSc6jcroLJhlGeM8raPbqaECeJ-8mX_UfUzQ%2C.rXIY2x7pLlebNFNT1MSRcsc9q2k%2C

78 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
painters.by/ 25 KB
8 KB 3209ms
1243ms Document
text/html 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://painters.by/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

1618615-cr09978.twc1.net

Software

Apache/2.2.22 (Debian) /

Resource Hash

071cecf129ca46a0f817552855d665b1b9d259fe511d5390c3d969d0a20e24fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors=self
Strict-Transport-Security	max-age=31536000; env=HTTPS
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: private, no-cache, no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 7254
Content-Security-Policy: frame-ancestors=self
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Aug 2024 19:10:33 GMT
Expect-CT: enforce; max-age=31536000
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 14 May 2022 13:05:32 GMT
Permissions-Policy: geolocation=(); midi=(); camera=(); usb=(); magnetometer=(); accelerometer=(); gyroscope=(); microphone=()
Referrer-Policy: no-referrer-when-downgrade
Server: Apache/2.2.22 (Debian)
Strict-Transport-Security: max-age=31536000; env=HTTPS
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fb046ff1bc53ca0040f8a33612d7e23a.css
painters.by/cache/css/ 13 KB
4 KB 176ms
175ms Stylesheet
text/css 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/css/fb046ff1bc53ca0040f8a33612d7e23a.css
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: e467f75601e845da217ae845b688b227a19fbf1e8fc776a42a4905869496d2e2

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:47:53 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe190c-35a7-61ea3a5fc2211"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3155

GET
H/1.1 200
OK f4e271429e2b6fccf794e8e3e46acce3.css
painters.by/cache/css/ 173 KB
35 KB 357ms
180ms Stylesheet
text/css 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 52614722acb6f2221d17930bfaaaeec5d111e5aa8e5f3d115afd9998c2a415e0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:53:56 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe19b4-2b2a8-61ea3bb9af0dd"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 35510

GET
H/1.1 200
OK ico_burger_open.png
painters.by/img/ 3 KB
3 KB 532ms
183ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/ico_burger_open.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: aaf0b208f0ec2a1168e2a0bcad32af23fbfbc3e123bce981c82566aa2a91ea08

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Last-Modified: Mon, 23 Jan 2023 15:47:50 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407af-bef-5f2f05246d580"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3055

GET
H/1.1 200
OK ico_burger_close.png
painters.by/img/ 5 KB
5 KB 533ms
184ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/ico_burger_close.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 7e4d95a2337dd12220375b7aa206da36f65a31c7c782c0d89f1a42f4f39fc345

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Last-Modified: Mon, 23 Jan 2023 15:47:49 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407ae-124e-5f2f052379340"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4686

GET
H2 200 jquery.min.js Show response
yandex.st/jquery/2.0.3/ 82 KB
26 KB 889ms
282ms Script
application/x-javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.st/jquery/2.0.3/jquery.min.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:36 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26454
last-modified: Mon, 12 Nov 2018 13:14:01 GMT
server: nginx/1.17.9
etag: "b030b854f1696bebff119a52b67cfabc"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 599c2b333df7b3f4
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Aug 2025 22:19:42 GMT

GET
H/1.1 200
OK ico_main_pokraska.jpg
painters.by/img/ 116 KB
117 KB 175ms
175ms Image
image/jpeg 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/ico_main_pokraska.jpg
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: fa57b47829c800676ea2bf75021fc5d1df81ae9d31d9c6895b4968ae0afb30a1

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Last-Modified: Mon, 23 Jan 2023 15:47:51 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407b5-1d0b9-5f2f0525617c0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 118969

GET
H/1.1 200
OK ico_main_otdelka.jpg
painters.by/img/ 69 KB
70 KB 176ms
174ms Image
image/jpeg 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/ico_main_otdelka.jpg
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 4d642aec18b960c2e2015c6f870dd75a8b1bf4a9354e3d88cbdba445389fe4bc

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Last-Modified: Mon, 23 Jan 2023 15:47:50 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407b2-114dc-5f2f05246d580"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 70876

GET
H/1.1 200
OK 175_dvukhurovnevyy-potolok-iz-g.jpg
painters.by/userfls/clauses/small/ 47 KB
47 KB 177ms
174ms Image
image/jpeg 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/userfls/clauses/small/175_dvukhurovnevyy-potolok-iz-g.jpg
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 8299ace1763e32bc128ac3335d74455cf32336cec18d9cc9a2f7213c00a9ede5

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Last-Modified: Mon, 05 Aug 2024 21:08:38 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f4047f-bb2f-61ef614bcbda5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 47919

GET
H/1.1 200
OK 158_zashivka-na-stene-s-nishey-vy.png
painters.by/userfls/clauses/small/ 326 KB
326 KB 175ms
174ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/userfls/clauses/small/158_zashivka-na-stene-s-nishey-vy.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: b34933e0f32868a4aa6a8bbe000debe924f21427973d26d0126874f3cb490218

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:42:39 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40ea1-516a5-5f2f03fbd59c0"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 333477

GET
H/1.1 200
OK 149_sanuzel-so-svetovymi-karma.png
painters.by/userfls/clauses/small/ 294 KB
295 KB 175ms
175ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/userfls/clauses/small/149_sanuzel-so-svetovymi-karma.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 86b82587b9efeb8e6208f76689030f9823126fc3c4ce36509b7ec23e95e42769

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:42:36 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40e97-499ad-5f2f03f8f9300"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 301485

GET
H/1.1 200
OK 144_montazh-gipsokartona-podgo.png
painters.by/userfls/clauses/small/ 245 KB
246 KB 173ms
173ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/userfls/clauses/small/144_montazh-gipsokartona-podgo.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: b3c09e00ba14aca308fde7862de074c1b3825b06c5a0ba1a6c71f36cf3c16d28

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:42:34 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40e92-3d56f-5f2f03f710e80"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 251247

GET
H/1.1 200
OK otz_ya.png
painters.by/img/ 11 KB
12 KB 182ms
182ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/otz_ya.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 85665d80851e510f0d3c6294cd33d1b13c4a20985224ca08d200d841362b4ded

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:02 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407c0-2c91-5f2f052fdf080"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11409

GET
H/1.1 200
OK otz_g.png
painters.by/img/ 12 KB
12 KB 174ms
173ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/otz_g.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 87ce1cb4eea089cad450f73bba0c77f203c23c8b9987fd0a67a8665b0d1cf4ad

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:01 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407bd-2fc0-5f2f052eeae40"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 12224

GET
H/1.1 200
OK otz_h.png
painters.by/img/ 11 KB
11 KB 175ms
175ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/otz_h.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 67373a226300e8b59703aaee9591a0dd37e2bb83fb6458e39a0caaf0e95c1677

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:02 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407bf-2b01-5f2f052fdf080"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11009

GET
H/1.1 200
OK otz_gis.png
painters.by/img/ 15 KB
15 KB 176ms
176ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/otz_gis.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: f965620293b898c803bb13a777223286a5abc39cc41cdefe5a956c785106f0d1

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:02 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407be-3a3b-5f2f052fdf080"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 14907

GET
H/1.1 200
OK otz_yell.png
painters.by/img/ 11 KB
11 KB 174ms
174ms Image
image/png 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/otz_yell.png
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: e9c6d6dd93c69258e5cf8388e0fc34ce2d6c2fc44a90d018e61d6c7e27011f09

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:02 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407c1-2b2f-5f2f052fdf080"
Content-Type: image/png
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 11055

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ 82 KB
29 KB 178ms
57ms Script
text/javascript 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 18:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 519505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29440
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 18:52:10 GMT

GET
H/1.1 200
OK jquery.form.min.js Show response
painters.by/js/ 17 KB
7 KB 187ms
184ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/js/jquery.form.min.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 15:51:16 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40811-42d4-5f2f05e8e2500"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6546

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 223 KB
59 KB 239ms
118ms Script
text/javascript 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60529
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 13:03:16 GMT

GET
H/1.1 200
OK timepicker.js Show response
painters.by/js/ 27 KB
8 KB 523ms
175ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/js/timepicker.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 7ae80fc8843402116adb965404744566beaf462cb43ede860b35ec0972878cd6

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 15:51:19 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f4081c-6df4-5f2f05ebbebc0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7557

GET
H/1.1 200
OK jquery.scrollTo.min.js Show response
painters.by/js/ 2 KB
2 KB 695ms
172ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/js/jquery.scrollTo.min.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: aa307ca08cec18da24e3e386ac07a201c89f9ff8f762f37bad4416f638b893bb

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 15:51:17 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40815-86c-5f2f05e9d6740"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1158

GET
H/1.1 200
OK 542f52890a49fdf99e7140e2a79fdcb4.js Show response
painters.by/cache/js/ 89 KB
21 KB 178ms
177ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/js/542f52890a49fdf99e7140e2a79fdcb4.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: b3eb6d6ec1612970a912e6ef02370c0beb9d642c91549e5ab76ff2c71d3de291

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:47:56 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe1989-16413-61ea3a62dd0dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21444

GET
H/1.1 200
OK jquery.touchSwipe.min.js Show response
painters.by/js/ 20 KB
5 KB 175ms
175ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/js/jquery.touchSwipe.min.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 15:51:17 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40816-4fce-5f2f05e9d6740"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5051

GET
H/1.1 200
OK 4472e960bcc6b232b28866b3e18d3056.js Show response
painters.by/cache/js/ 3 KB
1 KB 174ms
174ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/js/4472e960bcc6b232b28866b3e18d3056.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 0802ad436a01561b945a97022b9126583c36d53424d7cc44d86f37c24e331cba

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:47:56 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe198b-ab3-61ea3a62dd0dc"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 967

GET
H/1.1 200
OK fcdaedb7ba4151b2520fe253e7ec5b6f.js Show response
painters.by/cache/js/ 22 KB
6 KB 175ms
175ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/js/fcdaedb7ba4151b2520fe253e7ec5b6f.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 0d872d6fc16d0fd23d0fd3efba52b21142bad4a7b96dbeeb12c6eb84fb4ed289

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:47:56 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe198f-5847-61ea3a62df01c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6180

GET
H/1.1 200
OK jquery.cookie.min.js Show response
painters.by/js/ 1 KB
1 KB 175ms
175ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/js/jquery.cookie.min.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 15:51:15 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f4080e-514-5f2f05e7ee2c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 697

GET
H/1.1 200
OK b85a969355b5ca251559fcdb912f32ac.js Show response
painters.by/cache/js/ 58 KB
20 KB 175ms
175ms Script
application/javascript 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/cache/js/b85a969355b5ca251559fcdb912f32ac.js
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: c0f0fb0adbd60078edce6a26b46f19a91d6da353cf2504341f35ab4cac7c7852

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Aug 2024 18:47:56 GMT
Server: Apache/2.2.22 (Debian)
ETag: "fe1992-e8d1-61ea3a62e1efc"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19547

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
1 KB 185ms
71ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: painters.by
URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:26:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:35 GMT

GET
H2 200 css2
fonts.googleapis.com/ 32 KB
1 KB 183ms
69ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: painters.by
URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:11:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:35 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 708ms
351ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
date: Tue, 13 Aug 2024 19:10:36 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-11660"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71264
expires: Tue, 13 Aug 2024 20:10:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
80 KB 193ms
77ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MNRQFJR

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fd0e281f0d3fd094d53294df310bb10881bfab4108154bcde5cb7af617e409f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81986
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 19:10:35 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
painters.by/css/fa/ 78 KB
79 KB 353ms
183ms Font
application/octet-stream 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/css/fa/fa-solid-900.woff2
Requested by: Host: painters.by
URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Origin: https://painters.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:57:05 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40799-139ac-5f2f0735b7640"
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 80300

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 173ms
57ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://painters.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:37:21 GMT
x-content-type-options: nosniff
age: 59594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 02:37:21 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
painters.by/css/fa/ 77 KB
77 KB 504ms
176ms Font
application/octet-stream 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/css/fa/fa-brands-400.woff2
Requested by: Host: painters.by
URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Request headers

Referer: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Origin: https://painters.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:57:01 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f4078f-1327c-5f2f0731e6d40"
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 78460

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 21 KB
21 KB 240ms
124ms Font
font/woff2 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://painters.by
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 02:49:34 GMT
x-content-type-options: nosniff
age: 58861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:43:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Aug 2025 02:49:34 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
105 KB 85ms
84ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1V1VHKBW03&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNRQFJR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

658b3635bcf21d30200f0907f3e307696106f1cb283f36d280db9f9622c32846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 19:10:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 174ms
58ms Script
text/javascript 2607:f8b0:400d:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNRQFJR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Aug 2024 18:46:47 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1429
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Aug 2024 20:46:47 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 59ms
58ms Fetch
text/plain 2607:f8b0:400d:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1V1VHKBW03&gtm=45je4880v9101023541z89101013371za200zb9101013371&_p=1723576235729&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2014560494.1723576236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723576236&sct=1&seg=0&dl=https%3A%2F%2Fpainters.by%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4652
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V1VHKBW03&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://painters.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK leadback.js Show response
leadback.ru/js/ 74 KB
22 KB 980ms
305ms Script
application/x-javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/js/leadback.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

34ff5528565f92227b4cd7704e7d871dcc8aebf3bd2014d7884f972dfb1ce892

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:35 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=0;
Last-Modified: Wed, 24 Apr 2024 10:53:54 GMT
Server: nginx
ETag: "6628e4c2-56f6"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Content-Length: 22262
Expires: Tue, 13 Aug 2024 19:40:35 GMT

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 217 KB
82 KB 97ms
31ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f9c1e5d34f1bf0bb9507df54f5f8dab41f492cf6fee6af8704d3aad3f693cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 19:10:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37037
x-jsd-version: 1.335.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83446
x-served-by: cache-fra-eddf8230100-FRA, cache-mia-kmia1760033-MIA
x-jsd-version-type: version
etag: W/"36351-PRHDXW2OkKdpN2IDgAOzV5H9o8g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 193ms
63ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 19:10:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 18
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=60, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: C6bYWTBZWt+Mio0Q/udpXz/GHE+H7iC6l/Ls+8lRNtxqW3YCIaIDc+kSbPqJoMbKhW72Gs3uKDsB/CatF1k34Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK fon.jpg
painters.by/img/ 310 KB
310 KB 260ms
174ms Image
image/jpeg 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/fon.jpg
Requested by: Host: painters.by
URL: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 86bb482be3d2d16d25df46f483a8cba1b0670662ce7839053ea5cc45ef98250d

Request headers

Referer: https://painters.by/cache/css/f4e271429e2b6fccf794e8e3e46acce3.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Last-Modified: Mon, 23 Jan 2023 15:47:49 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407a7-4d71f-5f2f052379340"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 317215

GET
H/1.1 200
OK main_about.jpg
painters.by/img/ 2 MB
2 MB 174ms
174ms Image
image/jpeg 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://painters.by/img/main_about.jpg
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 32fe85c036cebf32ca65ea17552cec97df49dfa488f42aa9616b9bb0d58d1819

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Last-Modified: Mon, 23 Jan 2023 15:48:01 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f407bc-1d4af3-5f2f052eeae40"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1919731

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
93 B 58ms
58ms XHR
text/plain 2607:f8b0:400d:c01::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=886297619&t=pageview&_s=1&dl=https%3A%2F%2Fpainters.by%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=537469463&gjid=1575243154&cid=2014560494.1723576236&tid=UA-255217801-1&_gid=355814264.1723576236&_r=1&_slc=1&gtm=45He4880n81MNRQFJRv9101013371za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1198785251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c01::71 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://painters.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A141...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A14...

293 B
502 B

179ms
179ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A385390645810%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A386372717%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Ast%3A1723576236&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a6d2b996a2ec7aeeb359fe53adcc03e42ca547e1090f3e74019a71f655168c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 13-Aug-2024 19:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 293
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:36 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:36 GMT
last-modified: Tue, 13-Aug-2024 19:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A2%3Adp%3A0%3Als%3A385390645810%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A386372717%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Ast%3A1723576236&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:36 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/92183833/
Redirect Chain

https://mc.yandex.ru/watch/92183833?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.ru/watch/92183833/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

464 B
736 B

2368ms
2368ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/92183833/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A687608901181%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A255788673%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Arqnl%3A1%3Ast%3A1723576236%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

92ad8143cd8fad5529785f872296f022d1eefac2c8f4186dbf0dbd8d0d9ec144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 13-Aug-2024 19:10:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 464
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:38 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 13-Aug-2024 19:10:36 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/92183833/1?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A687608901181%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A255788673%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Arqnl%3A1%3Ast%3A1723576236%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:36 GMT

GET
H2 200 434649721886692 Show response
connect.facebook.net/signals/config/ 71 KB
14 KB 302ms
301ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/434649721886692?v=2.9.164&r=stable&domain=painters.by&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18f33c808992bdb317ca07adb866d5ec537c9395cdbc3e4f3fc4c9b7e9a937da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 19:10:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 35
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=66, rtx=0, c=65, mss=1297, tbw=64380, tp=-1, tpl=-1, uplat=238, ullat=0
pragma: public
x-fb-debug: 4NGaT+MFgbSaKCsarq76CtP5FjZXpW28GbvwNCTucewtLu/Uem2uWpjr+UyBW7sED3yFMfw7/hVe3/qvlTbh2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 metrika_match.html
mc.yandex.ru/metrika/ Frame 979D 0
0 582ms
202ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/metrika_match.html

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://painters.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 13 Aug 2024 19:10:37 GMT
etag: "66b1ec49-416"
expires: Tue, 13 Aug 2024 20:10:37 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10460.C8f0epX6Cd6AORMJH-1Oxyg8KtdcR_fEjYSAKG9wvrftCHlwW2OPmly67yqBwcAI.7BgKZ5fJhIn3rT_P9Om6FXHx6Ew%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10460.L5JuZBxa0HEUt0hI47pdjn3-qEByAo2UckIBVgoLK8jZjVhAl9-swVr2OeSzGhZe_KGrswUFXKSz3YOcMvVjZ73yllbPnsh4aktCTq0IJ_1lLBC9Gsg8zM4zv_CDiK9q5iPQs8qZ...

43 B
534 B

197ms
197ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10460.L5JuZBxa0HEUt0hI47pdjn3-qEByAo2UckIBVgoLK8jZjVhAl9-swVr2OeSzGhZe_KGrswUFXKSz3YOcMvVjZ73yllbPnsh4aktCTq0IJ_1lLBC9Gsg8zM4zv_CDiK9q5iPQs8qZ6MTzcEwbBnqJuBVSghAEYXAX584dNPvlgVb7uwANjI06Fg9rHwbR2WrrddZiMyuYHLxNQlQN3ZSZ7dNaG7kHefLO-gw9-QQUoc8%2C.eoIoeUnUPUa_vsd9RVwby392jnQ%2C

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:38 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10460.L5JuZBxa0HEUt0hI47pdjn3-qEByAo2UckIBVgoLK8jZjVhAl9-swVr2OeSzGhZe_KGrswUFXKSz3YOcMvVjZ73yllbPnsh4aktCTq0IJ_1lLBC9Gsg8zM4zv_CDiK9q5iPQs8qZ6MTzcEwbBnqJuBVSghAEYXAX584dNPvlgVb7uwANjI06Fg9rHwbR2WrrddZiMyuYHLxNQlQN3ZSZ7dNaG7kHefLO-gw9-QQUoc8%2C.eoIoeUnUPUa_vsd9RVwby392jnQ%2C
date: Tue, 13 Aug 2024 19:10:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

sync_cookie_image_decide
mc.yandex.by/
Redirect Chain

https://mc.yandex.by/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.by&token=10460.M5r2IpeD-hkoRGZ6y4Lg5DpxTdNJM_kFrkUvPQUft1MgFuUghRHAVdqeisgBCHu3.pfnKbYlL3U3I7LCN-KlW9KF2n80%2C
https://mc.yandex.by/sync_cookie_image_decide?token=10460.6CLO44YJbP2LNz23AvUI1mfMHcKUICQyYUNhmE5ndaghCmkA612Nx2gC2i8EYckAtEBypfmojjy48HaQjswgNSZyi4oI-6SIVgAyPdOJaqUIRNHZwSc_BeWJx4oozfMAhkWZKqk3_bZ...

43 B
493 B

180ms
180ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.by/sync_cookie_image_decide?token=10460.6CLO44YJbP2LNz23AvUI1mfMHcKUICQyYUNhmE5ndaghCmkA612Nx2gC2i8EYckAtEBypfmojjy48HaQjswgNSZyi4oI-6SIVgAyPdOJaqUIRNHZwSc_BeWJx4oozfMAhkWZKqk3_bZ_nY447LFuIoV-NZ1NSmwtWbDRDRzhRH8IwF3W17_sRyyydXUNByz0HEXum8gXSc6jcroLJhlGeM8raPbqaECeJ-8mX_UfUzQ%2C.rXIY2x7pLlebNFNT1MSRcsc9q2k%2C

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:37 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.by/sync_cookie_image_decide?token=10460.6CLO44YJbP2LNz23AvUI1mfMHcKUICQyYUNhmE5ndaghCmkA612Nx2gC2i8EYckAtEBypfmojjy48HaQjswgNSZyi4oI-6SIVgAyPdOJaqUIRNHZwSc_BeWJx4oozfMAhkWZKqk3_bZ_nY447LFuIoV-NZ1NSmwtWbDRDRzhRH8IwF3W17_sRyyydXUNByz0HEXum8gXSc6jcroLJhlGeM8raPbqaECeJ-8mX_UfUzQ%2C.rXIY2x7pLlebNFNT1MSRcsc9q2k%2C
date: Tue, 13 Aug 2024 19:10:37 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK / Show response
painters.by/ 50 B
598 B 457ms
408ms XHR
text/html 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/
Requested by: Host: painters.by
URL: https://painters.by/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: 6e4f90718c35143055de7fd924b2b7f7e2dc371fbea7d21d43e963593d12c7aa

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=13188833188879245

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Jan 2023 16:00:28 GMT
Server: Apache/2.2.22 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: private, max-age=10800
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 68

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
536 B 708ms
708ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 19:10:37 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 20:10:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 668ms
57ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=434649721886692&ev=PageView&dl=https%3A%2F%2Fpainters.by%2F&rl=&if=false&ts=1723576237000&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723576236997.415437883685946583&cs_est=true&ler=empty&cdl=API_unavailable&it=1723576236666&coo=false&exp=f0&rqm=GET

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=10, mss=1297, tbw=2833, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Aug 2024 19:10:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 759ms
148ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=434649721886692&ev=PageView&dl=https%3A%2F%2Fpainters.by%2F&rl=&if=false&ts=1723576237000&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4126&fbp=fb.1.1723576236997.415437883685946583&cs_est=true&ler=empty&cdl=API_unavailable&it=1723576236666&coo=false&exp=f0&rqm=FGET

Requested by

Host: painters.by
URL: https://painters.by/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 13 Aug 2024 19:10:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402703571740416747", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=55, rtx=0, c=15, mss=1297, tbw=3147, tp=-1, tpl=-1, uplat=89, ullat=0
pragma: no-cache
x-fb-debug: lgEZ+1nUKy55zuiSuFqsal5wIyDY5VUu+8IuQOgQsDqhB1GXYbrdqtpG+WJKm/A2x4BEoQ/s4PwWxvjIGOmPSg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402703571740416747"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 62ms
62ms XHR
text/plain 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=886297619&t=pageview&_s=1&dl=https%3A%2F%2Fpainters.by%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABAAAAACAAI~&jid=1310296742&gjid=2063280636&cid=2014560494.1723576236&tid=UA-53479583-2&_gid=355814264.1723576236&_r=1&_slc=1&z=45039732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f138.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://painters.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 59ms
58ms Script
text/javascript 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Requested by

Host: leadback.ru
URL: https://leadback.ru/js/leadback.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 08 Aug 2024 20:26:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Aug 2025 20:26:27 GMT

GET
H/1.1 200
OK widget_uuid.php Show response
leadback.ru/backend/ 34 B
346 B 163ms
162ms Script
text/javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/backend/widget_uuid.php?callback=jsonpUuidCallback&widget_key=cde52d3f5013d4694a429b7c&uuid=8c6400c4-8bcd-485a-f2c7-3728daf90d5d&ga_cid=2014560494.1723576236&ya_cid=&ya_counter=&roistat=&comagic_session_id=&ref=&loc=https%3A%2F%2Fpainters.by%2F&cache=0.7312193171203143&_=1723576237634

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx / PHP/5.5.38

Resource Hash

773ad441f06ad7592ef5e76fff6cc8e06fa48bfed7c836a52cfd30d0b8288f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK widget_data.php Show response
leadback.ru/backend/ 9 KB
2 KB 335ms
172ms Script
text/javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/backend/widget_data.php?callback=jsonpCallback&widget_key=cde52d3f5013d4694a429b7c&h=painters.by&cache=0.34813335104328225&tz_offset=-10&_=1723576237635

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx / PHP/5.5.38

Resource Hash

009cfc33aae981fd7420352ea329f1ec3c227ff5bf2ec5969ca99185317a687f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK widget_analytics.php Show response
leadback.ru/backend/ 0
306 B 467ms
159ms Script
text/html 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/backend/widget_analytics.php?callback=jsonpAnalyticsCallback&data%5Bjquery%5D=2.0.3&data%5Bwidget%5D=cde52d3f5013d4694a429b7c&cache=0.20358167132491656&_=1723576237636

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx / PHP/5.5.38

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Connection: keep-alive

GET
H2 200 50465227 Show response
mc.yandex.ru/watch/ 483 B
795 B 183ms
183ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/50465227?wmode=7&page-url=https%3A%2F%2Fpainters.by%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1410%3Acn%3A3%3Adp%3A0%3Als%3A1028425986859%3Ahid%3A381870341%3Az%3A-600%3Ai%3A20240813091036%3Aet%3A1723576236%3Ac%3A1%3Arn%3A1058217863%3Arqn%3A1%3Au%3A1723576236396514472%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A4151%3Awv%3A2%3Ads%3A0%2C524%2C1242%2C2%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723576231615%3Agi%3AR0ExLjIuMjAxNDU2MDQ5NC4xNzIzNTc2MjM2%3Arqnl%3A1%3Ast%3A1723576238%3At%3A%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

935b70f4e8aa27969177af87d195f553f08fe45e8f0acdff19b7590de7c0c3ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 13-Aug-2024 19:10:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 483
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:37 GMT

GET
H/1.1 200
OK chat.js Show response
cloudim.ru/js/ 13 KB
5 KB 1069ms
154ms Script
application/x-javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudim.ru/js/chat.js?v2.2
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.67.9.176.clients.your-server.de
Software: nginx /
Resource Hash: 738fc760aff115cab5d2cdbd576468713bcfff62fb8859da49a7b3ac68b71266

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jan 2023 15:30:06 GMT
Server: nginx
ETag: "63c961fe-11a4"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=432000
Connection: keep-alive
Content-Length: 4516
Expires: Sun, 18 Aug 2024 19:10:37 GMT

GET
H/1.1 200
OK _assets.min.js Show response
leadback.ru/js/ 3 KB
2 KB 154ms
153ms Script
application/x-javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/js/_assets.min.js?v=v1.12.25b240823

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

b8d75ac974ef8bce38bdbde40b9c316ed870274aa2fcea7d44a6f192120fed90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=0;
Last-Modified: Wed, 24 Apr 2024 10:53:54 GMT
Server: nginx
ETag: "6628e4c2-48e"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 1166
Expires: Wed, 14 Aug 2024 19:10:36 GMT

GET
H/1.1 200
OK widget_event.php Show response
leadback.ru/backend/ 29 B
341 B 158ms
158ms Script
text/javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/backend/widget_event.php?callback=jsonpEventCallback_pageview&type=pageview&widget_key=cde52d3f5013d4694a429b7c&user_id=19604&guid=8c6400c4-8bcd-485a-f2c7-3728daf90d5d&ga_cid=2014560494.1723576236&ya_cid=1723576236396514472&ya_counter=92183833&roistat=&comagic_session_id=&ref=&loc=https%3A%2F%2Fpainters.by%2F&cache=0.9677497435808158&_=1723576237637

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx / PHP/5.5.38

Resource Hash

ea2cd10bb300f87d05df7f15b1b38f8605c14162e81bd4f91e6ba32241d3acc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:36 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK widget_widget.php Show response
leadback.ru/backend/ 103 KB
20 KB 319ms
318ms Script
text/javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/backend/widget_widget.php?h=painters.by&widget_key=cde52d3f5013d4694a429b7c&v=v1.12.25b240823&chat=1&chat_init=hide&callback=jsonpWidgetCallback

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx / PHP/5.5.38

Resource Hash

9293a46f427d4314eea76c1de330f4dffe10df31f18e19875b7e92b8a28bdaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
Date: Tue, 13 Aug 2024 19:10:37 GMT
Strict-Transport-Security: max-age=0;
Content-Encoding: gzip
Last-Modified: Wed, 06 Jul 2022 14:13:23 GMT
Server: nginx
X-Powered-By: PHP/5.5.38
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=30, must-revalidate
Connection: keep-alive
Expires: Tue, 13 Aug 2024 19:11:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
869 B 70ms
69ms Stylesheet
text/css 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700&subset=latin,cyrillic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4dd49d1f89345b2f261ee71d4ce0020ec9abceecf6048b443f3bc4d6386c546f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 19:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 19:00:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 19:10:38 GMT

GET
H/1.1 200
OK chat.css
leadback.ru/css/ 66 KB
13 KB 157ms
156ms Stylesheet
text/css 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/css/chat.css?9481

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

fffa269ab87d83aa5d970c30bce2ebec36d5447d9b5da697e52066ec4adc0ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=0;
Last-Modified: Thu, 30 Nov 2023 10:26:29 GMT
Server: nginx
ETag: "65686355-31c9"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 12745
Expires: Tue, 20 Aug 2024 19:10:37 GMT

GET
H/1.1 200
OK cobrowsing.css
leadback.ru/css/ 9 KB
2 KB 154ms
153ms Stylesheet
text/css 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/css/cobrowsing.css?9481

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

9436321ad39b127d065d5a2670be95b44aa2aabdbdf0f4f0c4720fe9f79f60cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:37 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=0;
Last-Modified: Thu, 30 Nov 2023 10:26:29 GMT
Server: nginx
ETag: "65686355-7c1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Content-Length: 1985
Expires: Tue, 20 Aug 2024 19:10:37 GMT

GET
DATA 200
OK truncated
/ 991 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8407b5979ecbaabe79f1abe05f26e0dae1b19555f0a3e20830f04cee5cd37ab5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48ef442516aa8425df50749940ee479214f3a44cb97250d2f562d063c364722e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK /
cloudim.ru/im/ Frame 2BCA 0
0 624ms
162ms Document
text/html 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudim.ru/im/?&silent=true&accept_chats=false&need[name]=false&need[email]=false&&uid=34891&group=18466&url=https%3A%2F%2Fpainters.by%2F&referer=&page=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by
Requested by: Host: cloudim.ru
URL: https://cloudim.ru/js/chat.js?v2.2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.67.9.176.clients.your-server.de
Software: nginx / PHP/5.5.38
Resource Hash

Request headers

Referer: https://painters.by/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Aug 2024 19:10:38 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.5.38

POST
H2 200 50465227
mc.yandex.ru/webvisor/ 43 B
0 715ms
356ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50465227?wv-part=1&wv-type=7&wmode=0&wv-hit=381870341&page-url=https%3A%2F%2Fpainters.by%2F&rn=115237507&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1723576241%3Aw%3A1600x1200%3Av%3A1410%3Az%3A-600%3Ai%3A20240813091040%3Au%3A1723576236396514472%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Ast%3A1723576241&t=gdpr(14)ti(1)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:41 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 13-Aug-2024 19:10:41 GMT
content-type: image/gif
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:41 GMT

POST
H2 200 50465227
mc.yandex.ru/webvisor/ 43 B
0 779ms
778ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50465227?wv-part=1&wv-type=7&wmode=0&wv-hit=381870341&page-url=https%3A%2F%2Fpainters.by%2F&rn=1052022958&browser-info=we%3A1%3Aet%3A1723576241%3Aw%3A1600x1200%3Av%3A1410%3Az%3A-600%3Ai%3A20240813091040%3Au%3A1723576236396514472%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Ast%3A1723576241&t=gdpr(14)ti(1)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:41 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 13-Aug-2024 19:10:41 GMT
content-type: image/gif
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:41 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 63ms
62ms Fetch
text/plain 172.253.63.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1V1VHKBW03&gtm=45je4880v9101023541za200zb9101013371&_p=1723576235729&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2014560494.1723576236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1723576236&sct=1&seg=0&dl=https%3A%2F%2Fpainters.by%2F&dt=%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F%20%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%E2%80%94%20painters.by&en=scroll&epn.percent_scrolled=90&_et=6&tfd=9663
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1V1VHKBW03&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f138.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://painters.by
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK leadback-chat-api.js Show response
leadback.ru/js/ 83 KB
24 KB 311ms
311ms Script
application/x-javascript 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://leadback.ru/js/leadback-chat-api.js?v=v1.12.25b240823

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js?ldbck_v=v1.12.25b240823

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

2b327a370e00bc34fed7a0519c2cdf8ce7a0a80177d1e48f618f058cc0a96a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:40 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=0;
Last-Modified: Wed, 24 Apr 2024 10:53:54 GMT
Server: nginx
ETag: "6628e4c2-5e04"
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 24068
Expires: Wed, 14 Aug 2024 19:10:40 GMT

GET
H/1.1 200
OK favicon.ico
painters.by/ 17 KB
17 KB 173ms
172ms Other
image/vnd.microsoft.icon 185.200.242.104
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://painters.by/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.242.104 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS: 1618615-cr09978.twc1.net
Software: Apache/2.2.22 (Debian) /
Resource Hash: dd3992bcf0851a1bfae5b0c875b03923fce97904ec2175046b195a1e4619237c

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:41 GMT
Last-Modified: Mon, 23 Jan 2023 16:00:28 GMT
Server: Apache/2.2.22 (Debian)
ETag: "f40237-4421-5f2f07f74ff00"
Content-Type: image/vnd.microsoft.icon
Access-Control-Allow-Origin: https://www.diafan.ru
Cache-Control: max-age=2592000, must-revalidate, max-age=604800, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 17441

GET
H/1.1 200
OK 5.jpg
leadback.ru/images/portraits/ 13 KB
14 KB 160ms
160ms Image
image/jpeg 176.9.67.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leadback.ru/images/portraits/5.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_GCM

Server

176.9.67.88 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88.67.9.176.clients.your-server.de

Software

nginx /

Resource Hash

ecd2118dc776cc7409473097b2ebd8ee3706cfed1f3b37e202d2dbc50f9c621c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0;

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 13 Aug 2024 19:10:40 GMT
Strict-Transport-Security: max-age=0;
Last-Modified: Thu, 26 May 2016 12:25:06 GMT
Server: nginx
ETag: "5746eb22-34f0"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13552
Expires: Tue, 20 Aug 2024 19:10:40 GMT

POST 50465227
mc.yandex.ru/webvisor/ 0
0

POST
H2 200 50465227 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 465ms
463ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50465227?wv-part=2&wv-type=7&wmode=0&wv-hit=381870341&page-url=https%3A%2F%2Fpainters.by%2F&rn=33748945&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1723576242%3Aw%3A1600x1200%3Av%3A1410%3Az%3A-600%3Ai%3A20240813091042%3Au%3A1723576236396514472%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Ast%3A1723576242&t=gdpr(14)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:42 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 13-Aug-2024 19:10:42 GMT
content-type: image/gif
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:42 GMT

POST
H2 200 50465227
mc.yandex.ru/webvisor/ 43 B
0 181ms
180ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/50465227?wv-part=2&wv-type=7&wmode=0&wv-hit=381870341&page-url=https%3A%2F%2Fpainters.by%2F&rn=353986196&browser-info=we%3A1%3Aet%3A1723576242%3Aw%3A1600x1200%3Av%3A1410%3Az%3A-600%3Ai%3A20240813091042%3Au%3A1723576236396514472%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Ast%3A1723576242&t=gdpr(14)ti(1)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://painters.by/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 19:10:42 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 13-Aug-2024 19:10:42 GMT
content-type: image/gif
access-control-allow-origin: https://painters.by
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 13-Aug-2024 19:10:42 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/webvisor/50465227?wv-part=2&wv-type=7&wmode=0&wv-hit=381870341&page-url=https%3A%2F%2Fpainters.by%2F&rn=33748945&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1723576242%3Aw%3A1600x1200%3Av%3A1410%3Az%3A-600%3Ai%3A20240813091042%3Au%3A1723576236396514472%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Ast%3A1723576242&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
painters.by/	1969-12-31 23:59:59	Name: SESSf021a2e637a4f8acbe9597df26ec952f Value: 02bc0809fd6b1b64f3987b8e1a27b71d
.painters.by/	1970-01-21 08:22:16	Name: _ga_1V1VHKBW03 Value: GS1.1.1723576236.1.0.1723576236.0.0.0
.painters.by/	1970-01-21 08:22:16	Name: _ga Value: GA1.2.2014560494.1723576236
.painters.by/	1970-01-20 22:47:42	Name: _gid Value: GA1.2.355814264.1723576236
.painters.by/	1970-01-20 22:46:16	Name: _gat_UA-255217801-1 Value: 1
.yandex.ru/	1970-01-21 08:22:16	Name: i Value: JCByeG+XHKaJUeCoLlwtxjv5cPvWHNvdZGIWYKqAJZEM4kGE/wG/z0TCjYdMeMfWrvWYvm9KUilhfKV+p+IUvHaS4ww=
.yandex.ru/	1970-01-21 07:31:52	Name: yandexuid Value: 4089488091723576236
.yandex.ru/	1970-01-21 07:31:52	Name: yashr Value: 2728901001723576236
.painters.by/	1970-01-21 07:31:52	Name: _ym_uid Value: 1723576236396514472
.painters.by/	1970-01-21 07:31:52	Name: _ym_d Value: 1723576236
.yandex.ru/	1970-01-21 07:31:52	Name: yuidss Value: 4089488091723576236
.yandex.ru/	1970-01-21 07:31:52	Name: ymex Value: 1755112236.yrts.1723576236
.yandex.ru/	1970-01-21 07:31:52	Name: receive-cookie-deprecation Value: 1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1177403641723576236
.painters.by/	1970-01-21 00:55:52	Name: _fbp Value: fb.1.1723576236997.415437883685946583
.painters.by/	1970-01-20 22:46:16	Name: _gat_ldbckTracker Value: 1
.mc.yandex.by/	1970-01-20 22:46:16	Name: sync_cookie_csrf Value: 1586598763fake
painters.by/	1970-01-21 08:22:16	Name: __leadback_guid_cde52d3f5013d4694a429b7c Value: {%22guid%22:%228c6400c4-8bcd-485a-f2c7-3728daf90d5d%22%2C%22converted%22:false%2C%22t%22:0}
.yandex.by/	1970-01-21 08:22:16	Name: yandexuid Value: 4089488091723576236
.yandex.by/	1970-01-21 08:22:16	Name: yuidss Value: 4089488091723576236
.yandex.by/	1970-01-21 08:22:16	Name: i Value: JCByeG+XHKaJUeCoLlwtxjv5cPvWHNvdZGIWYKqAJZEM4kGE/wG/z0TCjYdMeMfWrvWYvm9KUilhfKV+p+IUvHaS4ww=
.mc.yandex.by/	1970-01-20 22:47:42	Name: sync_cookie_ok Value: synced
.painters.by/	1970-01-20 22:47:28	Name: _ym_isad Value: 2
.mc.webvisor.org/	1970-01-20 22:46:16	Name: sync_cookie_csrf Value: 230686756fake
.painters.by/	1970-01-20 22:46:18	Name: _ym_visorc Value: w
.mc.yandex.ru/	1970-01-20 22:46:16	Name: sync_cookie_csrf Value: 394970227fake
.webvisor.org/	1970-01-21 08:22:16	Name: yandexuid Value: 4089488091723576236
.webvisor.org/	1970-01-21 08:22:16	Name: yuidss Value: 4089488091723576236
.webvisor.org/	1970-01-21 08:22:16	Name: i Value: JCByeG+XHKaJUeCoLlwtxjv5cPvWHNvdZGIWYKqAJZEM4kGE/wG/z0TCjYdMeMfWrvWYvm9KUilhfKV+p+IUvHaS4ww=
.mc.webvisor.org/	1970-01-20 22:47:42	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:22:16	Name: bh Value: EkEiTm90KUE7QnJhbmQiO3Y9Ijk5IiwgIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNyIsICJDaHJvbWl1bSI7dj0iMTI3IioCPzA6ByJMaW51eCJgsd/utQY=
.cloudim.ru/	1970-01-21 07:31:52	Name: _ym_uid Value: 1723576242682685087
.cloudim.ru/	1970-01-21 07:31:52	Name: _ym_d Value: 1723576242
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1864663311723576241
.yandex.com/	1970-01-21 07:31:52	Name: yuidss Value: 4369436981723576241
.yandex.com/	1970-01-21 07:31:52	Name: ymex Value: 1755112241.yrts.1723576241#1755112241.yrtsi.1723576241
.yandex.com/	1970-01-21 08:22:16	Name: bh Value: EkEiTm90KUE7QnJhbmQiO3Y9Ijk5IiwgIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNyIsICJDaHJvbWl1bSI7dj0iMTI3IioCPzA6ByJMaW51eCJgsd/utQY=
.cloudim.ru/	1970-01-20 22:47:28	Name: _ym_isad Value: 2
.yandex.com/	1970-01-21 08:22:16	Name: i Value: 0ikmlq2o9LsC+W5kGnJIHurFT48R1v2W/2aMuBW8W7naHG53jMxViS/y+rN1x1SZiAcrlKx3KQUiKFkaIStQH3TnAzY=
.yandex.com/	1970-01-21 08:22:16	Name: yandexuid Value: 20838831723576241
.yandex.com/	1970-01-21 07:31:52	Name: yashr Value: 2820308651723576241
painters.by/	1970-01-20 22:46:59	Name: __leadback_offline_cde52d3f5013d4694a429b7c Value: {%22invited%22:false%2C%22readed%22:false%2C%22converted%22:false%2C%22called%22:false}

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security	error	URL: https://painters.by/ Message: The Content-Security-Policy directive name 'frame-ancestors=self' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	warning	URL: https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js(Line 5) Message: Mixed Content: The page at 'https://painters.by/' was loaded over HTTPS, but requested an insecure element 'http://painters.by/img/fon.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js(Line 127) Message: The Content-Security-Policy directive name 'frame-ancestors=self' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cloudim.ru/js/chat.js?v2.2(Line 6) Message: The Content-Security-Policy directive name 'frame-ancestors=self' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cloudim.ru/js/chat.js?v2.2(Line 8) Message: The Content-Security-Policy directive name 'frame-ancestors=self' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://cloudim.ru/js/chat.js?v2.2(Line 8) Message: The Content-Security-Policy directive name 'frame-ancestors=self' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors=self
Strict-Transport-Security	max-age=31536000; env=HTTPS
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cloudim.ru
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
leadback.ru
mc.webvisor.org
mc.yandex.by
mc.yandex.ru
painters.by
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
yandex.st
mc.yandex.ru
172.253.63.138
176.9.67.88
185.200.242.104
2607:f8b0:4004:c1d::5f
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c01::71
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c09::61
2a02:6b8:20::215
2a02:6b8::1:119
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:400::485
009cfc33aae981fd7420352ea329f1ec3c227ff5bf2ec5969ca99185317a687f
071cecf129ca46a0f817552855d665b1b9d259fe511d5390c3d969d0a20e24fa
0802ad436a01561b945a97022b9126583c36d53424d7cc44d86f37c24e331cba
0d872d6fc16d0fd23d0fd3efba52b21142bad4a7b96dbeeb12c6eb84fb4ed289
18f33c808992bdb317ca07adb866d5ec537c9395cdbc3e4f3fc4c9b7e9a937da
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2b327a370e00bc34fed7a0519c2cdf8ce7a0a80177d1e48f618f058cc0a96a59
32fe85c036cebf32ca65ea17552cec97df49dfa488f42aa9616b9bb0d58d1819
34ff5528565f92227b4cd7704e7d871dcc8aebf3bd2014d7884f972dfb1ce892
48ef442516aa8425df50749940ee479214f3a44cb97250d2f562d063c364722e
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4d642aec18b960c2e2015c6f870dd75a8b1bf4a9354e3d88cbdba445389fe4bc
4dd49d1f89345b2f261ee71d4ce0020ec9abceecf6048b443f3bc4d6386c546f
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
52614722acb6f2221d17930bfaaaeec5d111e5aa8e5f3d115afd9998c2a415e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5fd0e281f0d3fd094d53294df310bb10881bfab4108154bcde5cb7af617e409f
637f545351fbed7e7207fdf36e1381b0860f12fffde46a6fa43bdafcc7a05758
658b3635bcf21d30200f0907f3e307696106f1cb283f36d280db9f9622c32846
67373a226300e8b59703aaee9591a0dd37e2bb83fb6458e39a0caaf0e95c1677
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6e4f90718c35143055de7fd924b2b7f7e2dc371fbea7d21d43e963593d12c7aa
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
738fc760aff115cab5d2cdbd576468713bcfff62fb8859da49a7b3ac68b71266
773ad441f06ad7592ef5e76fff6cc8e06fa48bfed7c836a52cfd30d0b8288f06
7ae80fc8843402116adb965404744566beaf462cb43ede860b35ec0972878cd6
7e4d95a2337dd12220375b7aa206da36f65a31c7c782c0d89f1a42f4f39fc345
7f9c1e5d34f1bf0bb9507df54f5f8dab41f492cf6fee6af8704d3aad3f693cf9
8299ace1763e32bc128ac3335d74455cf32336cec18d9cc9a2f7213c00a9ede5
8407b5979ecbaabe79f1abe05f26e0dae1b19555f0a3e20830f04cee5cd37ab5
85665d80851e510f0d3c6294cd33d1b13c4a20985224ca08d200d841362b4ded
86b82587b9efeb8e6208f76689030f9823126fc3c4ce36509b7ec23e95e42769
86bb482be3d2d16d25df46f483a8cba1b0670662ce7839053ea5cc45ef98250d
87ce1cb4eea089cad450f73bba0c77f203c23c8b9987fd0a67a8665b0d1cf4ad
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9167cb37ed21405ef9556646b83789a2099c15398f5cea867470df1e81752e17
9293a46f427d4314eea76c1de330f4dffe10df31f18e19875b7e92b8a28bdaa3
92ad8143cd8fad5529785f872296f022d1eefac2c8f4186dbf0dbd8d0d9ec144
935b70f4e8aa27969177af87d195f553f08fe45e8f0acdff19b7590de7c0c3ae
9436321ad39b127d065d5a2670be95b44aa2aabdbdf0f4f0c4720fe9f79f60cb
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a6d2b996a2ec7aeeb359fe53adcc03e42ca547e1090f3e74019a71f655168c41
aa307ca08cec18da24e3e386ac07a201c89f9ff8f762f37bad4416f638b893bb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaf0b208f0ec2a1168e2a0bcad32af23fbfbc3e123bce981c82566aa2a91ea08
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
b34933e0f32868a4aa6a8bbe000debe924f21427973d26d0126874f3cb490218
b3c09e00ba14aca308fde7862de074c1b3825b06c5a0ba1a6c71f36cf3c16d28
b3eb6d6ec1612970a912e6ef02370c0beb9d642c91549e5ab76ff2c71d3de291
b8d75ac974ef8bce38bdbde40b9c316ed870274aa2fcea7d44a6f192120fed90
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0f0fb0adbd60078edce6a26b46f19a91d6da353cf2504341f35ab4cac7c7852
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d8f8ebd4e96964c63aa9eb0933af2ddafdfdb7e94c2efc70a5af109518c9ae80
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
dd3992bcf0851a1bfae5b0c875b03923fce97904ec2175046b195a1e4619237c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e467f75601e845da217ae845b688b227a19fbf1e8fc776a42a4905869496d2e2
e9c6d6dd93c69258e5cf8388e0fc34ce2d6c2fc44a90d018e61d6c7e27011f09
ea2cd10bb300f87d05df7f15b1b38f8605c14162e81bd4f91e6ba32241d3acc0
ecd2118dc776cc7409473097b2ebd8ee3706cfed1f3b37e202d2dbc50f9c621c
f965620293b898c803bb13a777223286a5abc39cc41cdefe5a956c785106f0d1
fa57b47829c800676ea2bf75021fc5d1df81ae9d31d9c6895b4968ae0afb30a1
fffa269ab87d83aa5d970c30bce2ebec36d5447d9b5da697e52066ec4adc0ea1

painters.by Open in urlscan Pro 185.200.242.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

94 %HTTPS

77 %IPv6

14 Domains

15 Subdomains

14 IPs

3 Countries

4396 kBTransfer

6259 kBSize

42 Cookies

5 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

painters.by Open in urlscan Pro
185.200.242.104 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

94 %
HTTPS

77 %
IPv6

14
Domains

15
Subdomains

14
IPs

3
Countries

4396 kB
Transfer

6259 kB
Size

42
Cookies

78 HTTP transactions
2 data transactions