oneretarget.com Open in urlscan Pro
94.130.66.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oneretarget.com/
Effective URL:
https://oneretarget.com/ru/
Submission: On July 03 via manual (July 3rd 2022, 8:53:51 pm UTC) from ID — Scanned from DE

Summary HTTP 119 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 18 domains to perform 119 HTTP transactions. The main IP is 94.130.66.148, located in Germany and belongs to HETZNER-AS, DE. The main domain is oneretarget.com.
TLS certificate: Issued by R3 on February 25th 2022. Valid for: 3 months.

This is the only time oneretarget.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 11	94.130.66.148 94.130.66.148	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3 36	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	95.163.52.67 95.163.52.67	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
13 29	95.142.206.0 95.142.206.0	60476 (MYCOM-AS) (MYCOM-AS)
1 1	87.240.129.181 87.240.129.181	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
119	24

11 94.130.66.148 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.148.66.130.94.clients.your-server.de

oneretarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.oneretarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 93.186.225.208 (Russian Federation) 3 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.163.52.67 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 95.142.206.0 (Russian Federation) 13 redirects

ASN60476 (MYCOM-AS, NL)
PTR: srv0-206.vkontakte.ru

st6-20.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.181 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv181-129-240-87.vk.com

login.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	vk.com 17 redirects vk.com — Cisco Umbrella Rank: 5168 st6-20.vk.com — Cisco Umbrella Rank: 165137 login.vk.com — Cisco Umbrella Rank: 19795	2 MB
11	oneretarget.com 3 redirects oneretarget.com tag.oneretarget.com	237 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	771 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	3 KB
7	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10338	27 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	44 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	153 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71 jnn-pa.googleapis.com — Cisco Umbrella Rank: 330	31 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	418 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 436	2 KB
4	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211 maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741	110 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	194 KB
2	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3472	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5448	501 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	24 KB
119	18

	Domain	Requested by
36	vk.com	3 redirects www.googletagmanager.com oneretarget.com vk.com
29	st6-20.vk.com	13 redirects vk.com st6-20.vk.com
9	www.youtube.com	oneretarget.com www.youtube.com
9	oneretarget.com	3 redirects oneretarget.com
8	mc.yandex.com	2 redirects oneretarget.com mc.yandex.ru
7	top-fwz1.mail.ru	oneretarget.com top-fwz1.mail.ru vk.com
7	www.googletagmanager.com	oneretarget.com www.googletagmanager.com
4	www.facebook.com	oneretarget.com
4	jnn-pa.googleapis.com	www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	connect.facebook.net	oneretarget.com connect.facebook.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	oneretarget.com www.youtube.com
2	tag.oneretarget.com	oneretarget.com
2	mc.yandex.ru	1 redirects oneretarget.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	maxcdn.bootstrapcdn.com	oneretarget.com maxcdn.bootstrapcdn.com
2	stackpath.bootstrapcdn.com	oneretarget.com
1	login.vk.com	1 redirects
1	static.doubleclick.net	www.youtube.com
1	www.google.de	oneretarget.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	oneretarget.com
1	cdnjs.cloudflare.com	oneretarget.com
1	code.jquery.com	oneretarget.com
119	26

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
vk.com
tlg.name

Subject Issuer	Validity	Valid
oneretarget.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
tag.oneretarget.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-12` - `2022-07-11`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://oneretarget.com/ru/
Frame ID: FE7801B0B779DAA2C36526E2851DFDC5
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
Frame ID: 84D6CCA7064D609C2467C26EF7099BE0
Requests: 17 HTTP requests in this frame

Frame: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Frame ID: EF1400C72F17FF54E6103250C5C326B4
Requests: 50 HTTP requests in this frame

Frame: https://vk.com/login.php?slogin_h=bd73207302ab2cfc32.d01009808efb44dd81&act=slogin&auto=1&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93ZWxjb21lX3NjcmVlbj0xJnJlZl9zb3VyY2VfaW5mbz11bmRlZmluZWQmcmVmX3NvdXJjZV9saW5rPWh0dHBzJTNBJTJGJTJGb25lcmV0YXJnZXQuY29tJTJGcnUlMkYmdG9vbHRpcF90ZXh0PSVEMCU5NSVEMSU4MSVEMSU4MiVEMSU4QyslRDAlQjIlRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODElM0YmZG9tYWluPW9uZXJldGFyZ2V0LmNvbSZkaXNhYmxlX2V4cGFuZF9jaGF0X3NvdW5kPTEmYnV0dG9uX3Bvc2l0aW9uPXVuZGVmaW5lZCZoZWlnaHQ9Mzk5JnVybD1odHRwcyUzQSUyRiUyRm9uZXJldGFyZ2V0LmNvbSUyRnJ1JTJGJnJlZmVycmVyPSZ0aXRsZT1PbmVSZXRhcmdldCstKyVEMCU5MCVEMCVCMiVEMSU4MiVEMCVCRSVEMCVCQyVEMCVCMCVEMSU4MiVEMCVCOCVEMCVCNyVEMCVCMCVEMSU4NiVEMCVCOCVEMSU4RislRDElODIlRDAlQjAlRDElODAlRDAlQjMlRDAlQjUlRDElODIlRDAlQjglRDElODAlRDAlQkUlRDAlQjIlRDAlQjAlRDAlQkQlRDAlQkQlRDAlQkUlRDAlQjkrJUQxJTgwJUQwJUI1JUQwJUJBJUQwJUJCJUQwJUIwJUQwJUJDJUQxJThCJTJDKyVEMSU4MiVEMCVCMCVEMSU4MCVEMCVCMyVEMCVCNSVEMSU4MiVEMCVCOCVEMSU4MCVEMCVCRSVEMCVCMiVEMCVCMCVEMSU4MiVEMSU4QyslRDElODAlRDAlQjUlRDAlQkElRDAlQkIlRDAlQjAlRDAlQkMlRDElODMrJUQwJTkyJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgyLi4uJjE4MWM1ZDczYzNkPSZhY3Q9&s=0
Frame ID: 81A2D1FC96E3FFCFAA63112D0FDC0106
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F3F6A3177B2A510A9B3077F00084FB49
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 65857E8670AB4EA71FE235FBF3B6B1AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OneRetarget - Автоматизация таргетированной рекламы, таргетировать рекламу Вконтакте, Facebook, Одноклассниках, ремаркетинг Google Adwords

Page URL History Show full URLs

http://oneretarget.com/ HTTP 301
https://oneretarget.com/ HTTP 301
https://oneretarget.com/ru HTTP 301
https://oneretarget.com/ru/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

119
Requests

80 %
HTTPS

79 %
IPv6

18
Domains

26
Subdomains

24
IPs

5
Countries

3561 kB
Transfer

11490 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/channel/UCM6PQrO3QwVrbhzb8bgVWCQ

Search URL Search Domain Scan URL

URL: https://vk.com/write-97311209
Title: Написать в ВК

Search URL Search Domain Scan URL

URL: https://tlg.name/oneretargetbot
Title: Написать в Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oneretarget.com/ HTTP 301
https://oneretarget.com/ HTTP 301
https://oneretarget.com/ru HTTP 301
https://oneretarget.com/ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://vk.com/reforged_widget.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d HTTP 302
https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26width=300px%26_ver=1%26gid=97311209%26disable_welcome_screen=1%26ref_source_info=undefined%26ref_source_link=https%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text=%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain=oneretarget.com%26disable_expand_chat_sound=1%26button_position=undefined%26height=399%26url=https%253A%252F%252Foneretarget.com%252Fru%252F%26referrer=%26title=OneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d

Request Chain 41

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9688.oyBX8sTdnGU2FrQb4U2LaiigIvLWxma7uQGSqthn3KaKQvkrk08UhZkMLpYFCW-F.4FwRcwxxAbp6aWcdgWduiXwikb4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9688.cCMJLe56iZ8Om5dITfimtKbmrkq7HS-BFGFtdcQwNKL4N7kKymDg8A26_oesxlA2IOIhcxdykOGA41uZF-1euA%2C%2C.t6LjiBKrpHlv-AaP9C9WCsoCn8Q%2C

Request Chain 54

https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=%2Freforged_widget.php%3Fapp%3D0%26width%3D300px%26_ver%3D1%26gid%3D97311209%26disable_welcome_screen%3D1%26ref_source_info%3Dundefined%26ref_source_link%3Dhttps%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text%3D%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain%3Doneretarget.com%26disable_expand_chat_sound%3D1%26button_position%3Dundefined%26height%3D399%26url%3Dhttps%253A%252F%252Foneretarget.com%252Fru%252F%26referrer%3D%26title%3DOneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d&key=81436da099187e3d43b17b91360bb085 HTTP 302
https://vk.com/reforged_widget.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C%20%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d HTTP 302
https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=

Request Chain 62

https://mc.yandex.com/watch/32315484?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A297230667909%3Ahid%3A387000985%3Az%3A0%3Ai%3A20220703205346%3Aet%3A1656881626%3Ac%3A1%3Arn%3A586355837%3Arqn%3A1%3Au%3A1656881626514454103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656881625445%3Ads%3A0%2C0%2C22%2C13%2C351%2C0%2C%2C121%2C0%2C%2C%2C%2C509%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656881627%3At%3AOneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/32315484/1?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A297230667909%3Ahid%3A387000985%3Az%3A0%3Ai%3A20220703205346%3Aet%3A1656881626%3Ac%3A1%3Arn%3A586355837%3Arqn%3A1%3Au%3A1656881626514454103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656881625445%3Ads%3A0%2C0%2C22%2C13%2C351%2C0%2C%2C121%2C0%2C%2C%2C%2C509%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656881627%3At%3AOneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 69

https://st6-20.vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791 HTTP 302
https://vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791

Request Chain 70

https://st6-20.vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4 HTTP 302
https://vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4

Request Chain 71

https://st6-20.vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e HTTP 302
https://vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e

Request Chain 72

https://st6-20.vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f HTTP 302
https://vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f

Request Chain 73

https://st6-20.vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97 HTTP 302
https://vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97

Request Chain 74

https://st6-20.vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95 HTTP 302
https://vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95

Request Chain 75

https://st6-20.vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92 HTTP 302
https://vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92

Request Chain 76

https://st6-20.vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b HTTP 302
https://vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b

Request Chain 77

https://st6-20.vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa HTTP 302
https://vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa

Request Chain 78

https://st6-20.vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689 HTTP 302
https://vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689

Request Chain 80

https://st6-20.vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2 HTTP 302
https://vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2

Request Chain 81

https://st6-20.vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20 HTTP 302
https://vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20

Request Chain 82

https://st6-20.vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084 HTTP 302
https://vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084

Request Chain 111

https://login.vk.com/?_origin=https%3A%2F%2Fvk.com&ip_h=d60c22b41364bb7dab&role=al_frame&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93ZWxjb21lX3NjcmVlbj0xJnJlZl9zb3VyY2VfaW5mbz11bmRlZmluZWQmcmVmX3NvdXJjZV9saW5rPWh0dHBzJTNBJTJGJTJGb25lcmV0YXJnZXQuY29tJTJGcnUlMkYmdG9vbHRpcF90ZXh0PSVEMCU5NSVEMSU4MSVEMSU4MiVEMSU4QyslRDAlQjIlRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODElM0YmZG9tYWluPW9uZXJldGFyZ2V0LmNvbSZkaXNhYmxlX2V4cGFuZF9jaGF0X3NvdW5kPTEmYnV0dG9uX3Bvc2l0aW9uPXVuZGVmaW5lZCZoZWlnaHQ9Mzk5JnVybD1odHRwcyUzQSUyRiUyRm9uZXJldGFyZ2V0LmNvbSUyRnJ1JTJGJnJlZmVycmVyPSZ0aXRsZT1PbmVSZXRhcmdldCstKyVEMCU5MCVEMCVCMiVEMSU4MiVEMCVCRSVEMCVCQyVEMCVCMCVEMSU4MiVEMCVCOCVEMCVCNyVEMCVCMCVEMSU4NiVEMCVCOCVEMSU4RislRDElODIlRDAlQjAlRDElODAlRDAlQjMlRDAlQjUlRDElODIlRDAlQjglRDElODAlRDAlQkUlRDAlQjIlRDAlQjAlRDAlQkQlRDAlQkQlRDAlQkUlRDAlQjkrJUQxJTgwJUQwJUI1JUQwJUJBJUQwJUJCJUQwJUIwJUQwJUJDJUQxJThCJTJDKyVEMSU4MiVEMCVCMCVEMSU4MCVEMCVCMyVEMCVCNSVEMSU4MiVEMCVCOCVEMSU4MCVEMCVCRSVEMCVCMiVEMCVCMCVEMSU4MiVEMSU4QyslRDElODAlRDAlQjUlRDAlQkElRDAlQkIlRDAlQjAlRDAlQkMlRDElODMrJUQwJTkyJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgyLi4uJjE4MWM1ZDczYzNkPSZhY3Q9 HTTP 302
https://vk.com/login.php?slogin_h=bd73207302ab2cfc32.d01009808efb44dd81&act=slogin&auto=1&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93ZWxjb21lX3NjcmVlbj0xJnJlZl9zb3VyY2VfaW5mbz11bmRlZmluZWQmcmVmX3NvdXJjZV9saW5rPWh0dHBzJTNBJTJGJTJGb25lcmV0YXJnZXQuY29tJTJGcnUlMkYmdG9vbHRpcF90ZXh0PSVEMCU5NSVEMSU4MSVEMSU4MiVEMSU4QyslRDAlQjIlRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODElM0YmZG9tYWluPW9uZXJldGFyZ2V0LmNvbSZkaXNhYmxlX2V4cGFuZF9jaGF0X3NvdW5kPTEmYnV0dG9uX3Bvc2l0aW9uPXVuZGVmaW5lZCZoZWlnaHQ9Mzk5JnVybD1odHRwcyUzQSUyRiUyRm9uZXJldGFyZ2V0LmNvbSUyRnJ1JTJGJnJlZmVycmVyPSZ0aXRsZT1PbmVSZXRhcmdldCstKyVEMCU5MCVEMCVCMiVEMSU4MiVEMCVCRSVEMCVCQyVEMCVCMCVEMSU4MiVEMCVCOCVEMCVCNyVEMCVCMCVEMSU4NiVEMCVCOCVEMSU4RislRDElODIlRDAlQjAlRDElODAlRDAlQjMlRDAlQjUlRDElODIlRDAlQjglRDElODAlRDAlQkUlRDAlQjIlRDAlQjAlRDAlQkQlRDAlQkQlRDAlQkUlRDAlQjkrJUQxJTgwJUQwJUI1JUQwJUJBJUQwJUJCJUQwJUIwJUQwJUJDJUQxJThCJTJDKyVEMSU4MiVEMCVCMCVEMSU4MCVEMCVCMyVEMCVCNSVEMSU4MiVEMCVCOCVEMSU4MCVEMCVCRSVEMCVCMiVEMCVCMCVEMSU4MiVEMSU4QyslRDElODAlRDAlQjUlRDAlQkElRDAlQkIlRDAlQjAlRDAlQkMlRDElODMrJUQwJTkyJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgyLi4uJjE4MWM1ZDczYzNkPSZhY3Q9&s=0

119 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
oneretarget.com/ru/
Redirect Chain

http://oneretarget.com/
https://oneretarget.com/
https://oneretarget.com/ru
https://oneretarget.com/ru/

75 KB
75 KB

24ms
23ms

Document
text/html

94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretarget.com/ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.66.130.94.clients.your-server.de
Software: nginx/1.15.11 /
Resource Hash: 76335dc7257d65639f71a4cd69dec2e4fb4f60120d966fa9c3bb0741b02df2bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 76557
Content-Type: text/html
Date: Sun, 03 Jul 2022 20:53:45 GMT
ETag: "62397870-12b0d"
Last-Modified: Tue, 22 Mar 2022 07:19:12 GMT
Server: nginx/1.15.11

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html
Date: Sun, 03 Jul 2022 20:53:45 GMT
Location: https://oneretarget.com/ru/
Server: nginx/1.15.11

GET
H/1.1 200
OK pixel.js Show response
oneretarget.com/ 1 KB
1 KB 29ms
11ms Script
application/javascript 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretarget.com/pixel.js
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.66.130.94.clients.your-server.de
Software: nginx/1.15.11 /
Resource Hash: 9e97e6cc6b0649701a5750c216e5a16432aa03a991db578146d4183acf5c0b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:45 GMT
Last-Modified: Sun, 28 Feb 2021 17:50:06 GMT
Server: nginx/1.15.11
ETag: "603bd7ce-48f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1167

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 48ms
22ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-cachedat: 06/09/2022 12:07:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b73ff4d93aee86cae329323a3f9c912a
cf-ray: 725283319822bbf1-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 33ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://oneretarget.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1656881625.dop013.fr8.t,1656881625.cds168.fr8.hn,1656881625.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 38ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1462857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F27G5Z5NUY9IwetWlTaoKx4W39NsW4WyTyMwg%2BU8Ip376Z%2BFwwDGVjN5NmDEdUCvftgzeQqyLY%2FJ1cd4WfPpmOkEiMBLWEF1GdkcbpjR4JxvYxnl5TSCcDOYkkQUzQ2VSNVS%2FSsesFpPJ9c6vYUa9srx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 725283319b5790e6-FRA
expires: Fri, 23 Jun 2023 20:53:45 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 46ms
21ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
access-control-allow-origin: *
cdn-cachedat: 04/09/2022 02:51:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f1597e2be390c0a8c282ce4fb12dd597
cf-ray: 725283319825bbf1-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK ORT_styles.css
oneretarget.com/landing/targentum/ 7 KB
7 KB 16ms
11ms Stylesheet
text/css 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretarget.com/landing/targentum/ORT_styles.css?v=20191030.1122
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.66.130.94.clients.your-server.de
Software: nginx/1.15.11 /
Resource Hash: 26e384d9e188a122e6ba90ca91efb5e0b19cbeb9b0dd4c974ff5e72057142eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:45 GMT
Last-Modified: Mon, 06 Apr 2020 16:28:31 GMT
Server: nginx/1.15.11
ETag: "5e8b58af-1a76"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6774

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 58ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300|PT+Sans:400,700

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22519a6535daecb71fc2b3b4e9d1ecba8eebe974c915bac8670900c3a9ed6224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 03 Jul 2022 20:53:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 03 Jul 2022 20:53:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Jul 2022 20:53:45 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 39ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 13784321
cdn-cachedat: 2021-04-13 02:48:33
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3e4766ad0ddfa4bdecb1b0dc22b73ef7
cf-ray: 725283319c859be0-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK one_logo_kv.png
oneretarget.com/landing/targentum/images/ 32 KB
32 KB 12ms
12ms Image
image/png 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneretarget.com/landing/targentum/images/one_logo_kv.png
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.66.130.94.clients.your-server.de
Software: nginx/1.15.11 /
Resource Hash: 637db52b59204c4d40f9104e92deca17d8fff2f5baf0da5616a75114cb9fb9c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:45 GMT
Last-Modified: Mon, 08 Jul 2019 08:22:47 GMT
Server: nginx/1.15.11
ETag: "5d22fd57-80ef"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33007

GET
H/1.1 200
OK background
oneretarget.com/ 56 B
825 B 14ms
14ms Image
image/gif 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oneretarget.com/background?url=https%3A%2F%2Foneretarget.com%2Fru%2F&referer=&rnd=0.3517562204807716

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.66.130.94.clients.your-server.de

Software

nginx/1.15.11 /

Resource Hash

c9f5d3a9393a5b72d23dc40f3e637b7cf5a8d9de6bb82fd36780577071be82d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:45 GMT
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Content-Transfer-Encoding: binary
Content-Disposition: inline
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8aeaa649-a53b-463a-aa36-1c4e21b6ee4a
X-Runtime: 0.002791
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.15.11
ETag: W/"c9f5d3a9393a5b72d23dc40f3e637b7c"
X-Download-Options: noopen
Vary: Origin
Content-Type: image/gif
Cache-Control: private

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
44 KB 76ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca075b633165b868754e71df03db5a163040350f4c524f2cb31477cc675e1a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44626
x-xss-protection: 0
last-modified: Sun, 03 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Jul 2022 20:53:45 GMT

GET
H/1.1 200
OK gam.jpg
oneretarget.com/landing/targentum/images/backgrouds/ 107 KB
107 KB 22ms
22ms Image
image/jpeg 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneretarget.com/landing/targentum/images/backgrouds/gam.jpg
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/landing/targentum/ORT_styles.css?v=20191030.1122
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.66.130.94.clients.your-server.de
Software: nginx/1.15.11 /
Resource Hash: 5342190f57b872b9fad0947fe633f55125587d5183d13781a90cb8531475e027

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/landing/targentum/ORT_styles.css?v=20191030.1122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:45 GMT
Last-Modified: Wed, 20 Mar 2019 13:19:29 GMT
Server: nginx/1.15.11
ETag: "5c923de1-1ab17"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109335

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 61ms
15ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300|PT+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:26:32 GMT
x-content-type-options: nosniff
age: 350833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:26:32 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 29 KB
29 KB 90ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300|PT+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:27:09 GMT
x-content-type-options: nosniff
age: 350796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:27:09 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 37ms
36ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
access-control-allow-origin: *
cdn-proxyver: 1.02
cdn-cachedat: 06/09/2022 10:24:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5c557c01e98ec1795c647e5db4a57e0c
accept-ranges: bytes
cf-ray: 72528331e8aebbf1-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 58ms
29ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300|PT+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oneretarget.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 19:26:54 GMT
x-content-type-options: nosniff
age: 350811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 19:26:54 GMT

GET
H2 200 4Y3Au59XEI4 Show response
www.youtube.com/embed/ Frame 84D6 63 KB
27 KB 96ms
53ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e0ee77711d1a786259a40dc3f2adf2fca36a884d6abedbbd3b52ae65cc4c869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oneretarget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Sun, 03 Jul 2022 20:53:46 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 405 a
www.googletagmanager.com/ 0
0 60ms
23ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.init_consent&eid=-1&tc=14&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H3 405 a
www.googletagmanager.com/ 0
0 58ms
22ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.init&eid=0&tc=14&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7058
date: Sun, 03 Jul 2022 18:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 03 Jul 2022 20:56:08 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
70 KB 241ms
92ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-1180a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71690
expires: Sun, 03 Jul 2022 21:53:46 GMT

GET
H/1.1 200
OK 9084_oneretarget.com.js Show response
tag.oneretarget.com/ 15 KB
6 KB 46ms
12ms Script
application/javascript 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.oneretarget.com/9084_oneretarget.com.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.66.130.94.clients.your-server.de

Software

nginx/1.15.11 /

Resource Hash

5d812041c950d591302992290c2eb3eb6b2e4db73f49fe81eb16442dbe248b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Apr 2020 07:22:54 GMT
Server: nginx/1.15.11
X-Frame-Options: DENY
ETag: "5ea293ce-16d6"
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Length: 5846

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 119ms
37ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?156
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Tue, 15 Mar 2022 10:42:47 GMT
server: kittenx
etag: "62306da7-5b1b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23323
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H/1.1 200
OK 6305_oneretarget.com.js Show response
tag.oneretarget.com/ 14 KB
6 KB 46ms
12ms Script
application/javascript 94.130.66.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.oneretarget.com/6305_oneretarget.com.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

94.130.66.148 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.148.66.130.94.clients.your-server.de

Software

nginx/1.15.11 /

Resource Hash

93de9d6271884fafc3f25d0f6e45777089c25bcab3a19764ded7f35ffcc0ebfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 20:53:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 May 2019 16:03:26 GMT
Server: nginx/1.15.11
X-Frame-Options: DENY
ETag: "5ce572ce-16a4"
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report
Content-Type: application/javascript
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Length: 5796

POST
H3 405 a
www.googletagmanager.com/ 0
0 55ms
23ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.js&eid=1&tc=14&tr=1ua.1html.5html.1html.5html.1html.1html.5html&ti=1ua.1html.1html.1html.1html.1html.1html.1html&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 www-player.css
www.youtube.com/s/player/0e7373c2/ Frame 84D6 339 KB
47 KB 42ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 21:14:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47687
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 02 Jul 2023 21:14:46 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/ Frame 84D6 302 KB
93 KB 55ms
27ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 10:38:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95369
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Jul 2023 10:38:21 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame 84D6 2 MB
556 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16bd75e506b6109e4f50ea8e0b221b1c405be69c0073700247ce7a780e545c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 569701
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:24:27 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/ Frame 84D6 9 KB
3 KB 65ms
37ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 05:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 03 Jul 2023 05:33:38 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 84D6 15 KB
15 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 445625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: sMzjVUWyN6tbctPVWIHTKhbjIbNrkMjb3zqAWmWIwyRh6vVaYxz5yBo+HucLR1Rn25wTiA2Y8TRuEqiAlNQOWg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 03 Jul 2022 20:53:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 200ms
48ms Script
application/javascript 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 03 Jul 2022 21:53:46 GMT

GET
H2 200 rtrg
vk.com/ 49 B
575 B 140ms
112ms Image
image/gif 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-207619-4WdB2

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 137ms
111ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?160
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Tue, 15 Mar 2022 10:42:47 GMT
server: kittenx
etag: "62306da7-5b1b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23323
expires: Thu, 07 Jul 2022 20:53:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=162118270&t=pageview&_s=1&dl=https%3A%2F%2Foneretarget.com%2Fru%2F&ul=en-us&de=UTF-8&dt=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=874231471&gjid=1667138237&cid=1475144984.1656881626&uid=&tid=UA-67192450-1&_gid=1620855501.1656881626&_r=1&gtm=2wg6t0TBSM3V&z=399940907

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://oneretarget.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 378885329200145 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 270ms
259ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/378885329200145?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bccc43dcb74c1e7d974c6674902ffda390b349fe3483b2477794dbe9800d9ce0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: s1X9BnVZhNRrJ+M0bRmQdPpGMiQ/TVNdLUGRi0gt1for4NQnCHplTa8hde2j8jT/C9P2Kxp8hD5BH0OiIEf7dA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 03 Jul 2022 20:53:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656881626373
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 63ms
20ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67192450-1&cid=1475144984.1656881626&jid=874231471&gjid=1667138237&_gid=1620855501.1656881626&_u=YEBAAAAAAAAAAC~&z=3019951

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 03 Jul 2022 20:53:46 GMT
content-type: text/plain
access-control-allow-origin: https://oneretarget.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 405 a
www.googletagmanager.com/ 0
0 22ms
22ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.dom&eid=2&tc=14&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2

200

429.html Show response
vk.com/ Frame EF14
Redirect Chain

https://vk.com/reforged_widget.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95...
https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26wi...

29 KB
11 KB

40ms
40ms

Document
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26width=300px%26_ver=1%26gid=97311209%26disable_welcome_screen=1%26ref_source_info=undefined%26ref_source_link=https%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text=%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain=oneretarget.com%26disable_expand_chat_sound=1%26button_position=undefined%26height=399%26url=https%253A%252F%252Foneretarget.com%252Fru%252F%26referrer=%26title=OneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d
Requested by: Host: vk.com
URL: https://vk.com/js/api/openapi.js?156
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 97c3fd6c940ac42e8d4b7f9adf176658be571ad491feb8c2057cbe733849512c

Request headers

Referer: https://oneretarget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-WAF-Redirect
cache-control: no-store,no-cache,must-revalidate
content-encoding: gzip
content-type: text/html
date: Sun, 03 Jul 2022 20:53:46 GMT
etag: W/"628cef3f-73b2"
last-modified: Tue, 24 May 2022 14:44:15 GMT
pragma: no-cache
server: kittenx
x-waf-backend-status: challenge_required
x-waf-redirect: 1

Redirect headers

access-control-expose-headers: X-WAF-Redirect
cache-control: no-store,no-cache,must-revalidate
content-length: 147
content-type: text/html
date: Sun, 03 Jul 2022 20:53:46 GMT
location: /429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26width=300px%26_ver=1%26gid=97311209%26disable_welcome_screen=1%26ref_source_info=undefined%26ref_source_link=https%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text=%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain=oneretarget.com%26disable_expand_chat_sound=1%26button_position=undefined%26height=399%26url=https%253A%252F%252Foneretarget.com%252Fru%252F%26referrer=%26title=OneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d
pragma: no-cache
server: kittenx
x-waf-redirect: 1

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 85ms
37ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67192450-1&cid=1475144984.1656881626&jid=874231471&_u=YEBAAAAAAAAAAC~&z=1212372054

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 72ms
38ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67192450-1&cid=1475144984.1656881626&jid=874231471&_u=YEBAAAAAAAAAAC~&z=1212372054

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 84D6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

49ms
21ms

XHR
application/json

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0

Protocol

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eac042c55dc021af32ea9901b767ea33fec598482d1e9921404ba57bfe53295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 84D6 29 B
588 B 71ms
23ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:39:29 GMT
x-content-type-options: nosniff
age: 857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Jul 2022 20:54:29 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 75ms
23ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 03 Jul 2022 20:53:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 84D6 63 KB
29 KB 55ms
27ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f1d57c5b476f8ab3033e3ab3a91d36cb99725bd18cb9856bb88c202a0aabe6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30092
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame 84D6 119 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7cc06a08320a714a331f843708a667aa53ac4962e45cc89a1ac7e02d8e59753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:24:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37799
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:24:28 GMT

GET
H3 200 RaLArsxvzZvWDSadiaPkG6S0RcX7_vBx8QXaB049FR8.js Show response
www.google.com/js/th/ Frame 84D6 36 KB
14 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/RaLArsxvzZvWDSadiaPkG6S0RcX7_vBx8QXaB049FR8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a2c0aecc6fcd9bd60d269d89a3e41ba4b445c5fbfef071f105da074e3d151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 04:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13906
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 04:25:19 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/ Frame 84D6 27 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

133a0196abac3c595767baee508cd6d237e432c7b2ff39b4f5a7aa47d93ef6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 01 Jul 2022 02:24:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239349
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8109
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 00:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Jul 2023 02:24:37 GMT

GET
H2 200 rtrg
vk.com/ 49 B
363 B 44ms
44ms Image
image/gif 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-317339-2sdxQ&metatag_url=https%3A%2F%2Foneretarget.com%2Fru%2F&metatag_title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9688.oyBX8sTdnGU2FrQb4U2LaiigIvLWxma7uQGSqthn3KaKQvkrk08UhZkMLpYFCW-F.4FwRcwxxAbp6aWcdgWduiXwikb4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9688.cCMJLe56iZ8Om5dITfimtKbmrkq7HS-BFGFtdcQwNKL4N7kKymDg8A26_oesxlA2IOIhcxdykOGA41uZF-1euA%2C%2C.t6LjiBKrpHlv-AaP9C9WCsoCn8Q%2C

75 B
75 B

50ms
50ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9688.cCMJLe56iZ8Om5dITfimtKbmrkq7HS-BFGFtdcQwNKL4N7kKymDg8A26_oesxlA2IOIhcxdykOGA41uZF-1euA%2C%2C.t6LjiBKrpHlv-AaP9C9WCsoCn8Q%2C

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9688.cCMJLe56iZ8Om5dITfimtKbmrkq7HS-BFGFtdcQwNKL4N7kKymDg8A26_oesxlA2IOIhcxdykOGA41uZF-1euA%2C%2C.t6LjiBKrpHlv-AaP9C9WCsoCn8Q%2C
date: Sun, 03 Jul 2022 20:53:46 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 48ms
47ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 03 Jul 2022 21:53:46 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1006 B 48ms
48ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2764177;u=https%3A//oneretarget.com/ru/;st=1656881625954;title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8ddad52aba3acab;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1656881626351%3A1656881626355%3A1%3A93616cfcdb1476e18df7802177bbb69c;opts=dl%2Cjst-gtag-ga;visible=true;_=0.4044038858298067

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://oneretarget.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://oneretarget.com
access-control-allow-headers: *

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1005 B 48ms
48ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2764177;u=https%3A//oneretarget.com/ru/;st=1656881625954;title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8ddad52aba3acab;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1656881626351%3A1656881626356%3A2%3A93616cfcdb1476e18df7802177bbb69c;opts=dl%2Cjst-gtag-ga;visible=true;_=0.9237178588022563

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://oneretarget.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://oneretarget.com
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
1004 B 48ms
48ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2764177;u=https%3A//oneretarget.com/ru/;st=1656881625954;title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8ddad52aba3acab;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1656881626351%3A1656881626357%3A3%3A93616cfcdb1476e18df7802177bbb69c;opts=dl%2Cjst-gtag-ga;visible=true;_=0.07121462829786385;e=RG%3A/OR_2182_production_s

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://oneretarget.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://oneretarget.com
access-control-allow-headers: *

GET
H2

200

widget_community_messages.php Show response
vk.com/ Frame EF14
Redirect Chain

https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=%2Freforged_widget.php%3Fapp%3D0%...
https://vk.com/reforged_widget.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95...
https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_t...

42 KB
14 KB

88ms
88ms

Document
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=

Requested by

Host: vk.com
URL: https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26width=300px%26_ver=1%26gid=97311209%26disable_welcome_screen=1%26ref_source_info=undefined%26ref_source_link=https%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text=%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain=oneretarget.com%26disable_expand_chat_sound=1%26button_position=undefined%26height=399%26url=https%253A%252F%252Foneretarget.com%252Fru%252F%26referrer=%26title=OneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

5c918ba482e530ea6f33db835cd23ef61466c6d406651d25d0ea636a71774edd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://.yandex.ru https://.google-analytics.com https://.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://.google.com https://google.com https://.vkpartner.ru https://.moatads.com https://.adlooxtracking.ru https://.serving-sys.ru https://.weborama-tech.ru https://.gstatic.com https://.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://.vk-cdn.net https://.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://.vk.com https://vk.ru https://.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	1; report=/xss_reports

Request headers

Referer: https://vk.com/429.html?hash429=YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw&redirect429=/reforged_widget.php%3Fapp=0%26width=300px%26_ver=1%26gid=97311209%26disable_welcome_screen=1%26ref_source_info=undefined%26ref_source_link=https%253A%252F%252Foneretarget.com%252Fru%252F%26tooltip_text=%25D0%2595%25D1%2581%25D1%2582%25D1%258C%2520%25D0%25B2%25D0%25BE%25D0%25BF%25D1%2580%25D0%25BE%25D1%2581%253F%26domain=oneretarget.com%26disable_expand_chat_sound=1%26button_position=undefined%26height=399%26url=https%253A%252F%252Foneretarget.com%252Fru%252F%26referrer=%26title=OneRetarget%2520-%2520%25D0%2590%25D0%25B2%25D1%2582%25D0%25BE%25D0%25BC%25D0%25B0%25D1%2582%25D0%25B8%25D0%25B7%25D0%25B0%25D1%2586%25D0%25B8%25D1%258F%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%258B%252C%2520%25D1%2582%25D0%25B0%25D1%2580%25D0%25B3%25D0%25B5%25D1%2582%25D0%25B8%25D1%2580%25D0%25BE%25D0%25B2%25D0%25B0%25D1%2582%25D1%258C%2520%25D1%2580%25D0%25B5%25D0%25BA%25D0%25BB%25D0%25B0%25D0%25BC%25D1%2583%2520%25D0%2592%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2582...%26181c5d73c3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 12590
content-security-policy: default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.ru https://*.serving-sys.ru https://*.weborama-tech.ru https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://vk.ru https://*.vk.ru https://static.vk.me https://r.mradx.net https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline';report-uri /csp
content-type: text/html; charset=windows-1251
date: Sun, 03 Jul 2022 20:53:46 GMT
server: kittenx
strict-transport-security: max-age=15768000
x-frontend: front512006
x-powered-by: KPHP/7.4.111494
x-xss-protection: 1; report=/xss_reports

Redirect headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 20
content-type: text/html; charset=windows-1251
date: Sun, 03 Jul 2022 20:53:46 GMT
location: /widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
server: kittenx
strict-transport-security: max-age=15768000
x-frontend: front512006
x-powered-by: KPHP/7.4.111494

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 84D6 4 KB
3 KB 83ms
22ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Jul 2022 20:53:46 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 84D6 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?N0li1Q
Requested by: Host: oneretarget.com
URL: https://oneretarget.com/ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/103/ Frame 84D6 52 KB
15 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/103/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 14:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15123
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:04:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 04 Jul 2022 14:44:42 GMT

GET
H3 200 527543694600199 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 155ms
155ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/527543694600199?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f868c3511c869f782d1ad9abf55c6bba0ecc60def9082d16baaaa9bcba9a127

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: /DapWvAaaG7Z+hOyeKJOfAyfn8Ker5x0O9q3zZf4y+AQ+pjltGg/stnw56jITq/N7yS8uUqL/qx55gfir+2pRw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 03 Jul 2022 20:53:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656881626636
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 33ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=378885329200145&ev=PageView&dl=https%3A%2F%2Foneretarget.com%2Fru%2F&rl=&if=false&ts=1656881626484&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656881626484.1051797073&it=1656881626106&coo=false&rqm=GET

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 03 Jul 2022 20:53:46 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 84D6 98 B
142 B 26ms
26ms XHR
application/json+protobuf 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55793efda510019fb8276869dd69b6b0cdd7080d42103dbe522dc56cb6c9ef4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 22ms
21ms Preflight
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 03 Jul 2022 20:53:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/32315484/
Redirect Chain

https://mc.yandex.com/watch/32315484?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.com/watch/32315484/1?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Au...

357 B
466 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/32315484/1?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A297230667909%3Ahid%3A387000985%3Az%3A0%3Ai%3A20220703205346%3Aet%3A1656881626%3Ac%3A1%3Arn%3A586355837%3Arqn%3A1%3Au%3A1656881626514454103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656881625445%3Ads%3A0%2C0%2C22%2C13%2C351%2C0%2C%2C121%2C0%2C%2C%2C%2C509%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656881627%3At%3AOneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ba1638fd8d670e2654d4a9a291e111538e8e8a6c0d63cfa0eedbe10190717872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 03-Jul-2022 20:53:46 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://oneretarget.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sun, 03-Jul-2022 20:53:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:46 GMT
last-modified: Sun, 03-Jul-2022 20:53:46 GMT
location: /watch/32315484/1?wmode=7&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A30shymy8l87b25ks0fjeg%3Afp%3A502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A297230667909%3Ahid%3A387000985%3Az%3A0%3Ai%3A20220703205346%3Aet%3A1656881626%3Ac%3A1%3Arn%3A586355837%3Arqn%3A1%3Au%3A1656881626514454103%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656881625445%3Ads%3A0%2C0%2C22%2C13%2C351%2C0%2C%2C121%2C0%2C%2C%2C%2C509%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656881627%3At%3AOneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%2C%20Facebook%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B0%D1%85%2C%20%D1%80%D0%B5%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%B8%D0%BD%D0%B3%20Google%20Adwords&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://oneretarget.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 03-Jul-2022 20:53:46 GMT

GET
H2 200 loader_nav21416962262_6.js Show response
vk.com/js/ Frame EF14 174 KB
42 KB 79ms
75ms Script
text/javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/loader_nav21416962262_6.js

Requested by

Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

15ab0ca7d0cd47a3f0cb731e8d0c7065d30fd2bd89992d7fefa9aab174b0be0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 43069

GET
H2 200 fonts_cnt.5df9a2d31f91db9fc063.css
st6-20.vk.com/css/al/ Frame EF14 470 KB
352 KB 159ms
15ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/fonts_cnt.5df9a2d31f91db9fc063.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Sat, 15 Jan 2022 23:18:12 GMT
server: kittenx
etag: "61e35634-57c35"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 359477
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 lite.ad7a99566ac9e466e141.css
st6-20.vk.com/css/al/ Frame EF14 301 KB
37 KB 197ms
53ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/lite.ad7a99566ac9e466e141.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

f00e3a01f8122d5f17a85f4447eec7e9d04135307feb4c93a1c2308b7c735363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Fri, 17 Jun 2022 10:18:50 GMT
server: kittenx
etag: "62ac550a-9420"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 37920
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 lite.js Show response
vk.com/js/al/ Frame EF14 268 KB
62 KB 42ms
37ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/al/lite.js?103
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 1bdd6381a766edae29933b122f20fc6d6dbd55e6a0a9cf0ea0a40a2e62547c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Fri, 17 Jun 2022 20:12:29 GMT
server: kittenx
etag: "62ace02d-f763"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 63331
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 lang6_0.js Show response
vk.com/js/ Frame EF14 64 KB
19 KB 93ms
89ms Script
text/javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/lang6_0.js?27614693

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

5a54e34734cc2d83cda2653bbc5b63f84b98006981264fc8800aa06bfbddc2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 19136

GET
H2 200 community_messages.js Show response
st6-20.vk.com/js/api/widgets/ Frame EF14 48 KB
12 KB 199ms
55ms Script
application/x-javascript 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/js/api/widgets/community_messages.js?2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

f64a05c203ef2db5ddbc637407e082b658100832d6aeb2a96b7f78d229c6da7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-2e76"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 11894
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

vendors.00433c545bd38b87c76a.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791
https://vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791

219 KB
64 KB

43ms
42ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 878e53b32a20367d1fb28bcd7342e18f70fc3c3198045f48f94021fab43113a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Tue, 28 Jun 2022 21:19:13 GMT
server: kittenx
etag: "62bb7051-100b1"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 65713
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/vendors.00433c545bd38b87c76a.js?ddcab05d07abd692c791
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

palette.d32197405eecb47a3bd7.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4
https://vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4

98 KB
22 KB

42ms
41ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 5477a524327ebd1159eaef6aada88199b206515d2cca64d797f119a0045d2de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 13:53:42 GMT
server: kittenx
etag: "62ab35e6-56d6"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 22230
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/palette.d32197405eecb47a3bd7.js?a210aa5b5656c3da01d4
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

audioplayer.95d4be528a8d5c2e6b7c.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e
https://vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e

154 KB
38 KB

80ms
78ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: e8a5b9388350786f356aeeda76512e7e99c7e120a4f0a8b4a301936d69ba2e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 10:23:46 GMT
server: kittenx
etag: "62ab04b2-96ab"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 38571
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/audioplayer.95d4be528a8d5c2e6b7c.js?293b2430f481402c088433e
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

lottie.7d914fa3404556039ac3.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f
https://vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f

398 KB
67 KB

80ms
78ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: ebb034e271748341f4e61a93a90b242e31f55535df21c4e0b517784cb31ad004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Fri, 11 Feb 2022 05:52:21 GMT
server: kittenx
etag: "6205f995-108e8"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 67816
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/lottie.7d914fa3404556039ac3.js?ce04f009a75e25b9914f
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

common.96af089093d4e9fb7878.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97
https://vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97

1 MB
298 KB

78ms
77ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 21349e75e69112eb9e61b791c6a1d50b3c8a01669dfc6462e3dc2a97ab15f5da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Sat, 02 Jul 2022 08:18:50 GMT
server: kittenx
etag: "62bfff6a-4a45f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 304223
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/common.96af089093d4e9fb7878.js?293ed1adc32de92a8da8d97
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95
https://vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95

185 KB
50 KB

80ms
79ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 31d95fd1b4a2bc3d2060358527bb7242115b04f80ebe02e9786c90f52e027485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Wed, 29 Jun 2022 08:25:53 GMT
server: kittenx
etag: "62bc0c91-c5c7"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 50631
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/a1258c00747aa03727abf8c40b9e7df9.68f3862e0ef2f87f544d.js?c8bc04eb08d685746e95
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

emoji.e3d8b053e6603df4451f.js Show response
vk.com/dist/web/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92
https://vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92

8 KB
3 KB

80ms
79ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 82292bf05923334bf28e0d1886f336fa9b3f35d267730a4c082299bb1b89cef9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 09:52:41 GMT
server: kittenx
etag: "62aafd69-c89"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 3209
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/web/emoji.e3d8b053e6603df4451f.js?189cf5110467d88b7dbc7baab4d03b92
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

ui_common.183b7a1282ffe6b5c681.js Show response
vk.com/dist/web/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b
https://vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b

92 KB
20 KB

39ms
37ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 14bbe133ff8f19b48d375394bda3ff6ee14f607dcf420610266adc3833def3f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 09:52:41 GMT
server: kittenx
etag: "62aafd69-50f5"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 20725
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/web/ui_common.183b7a1282ffe6b5c681.js?0ff0d90f6a2f39af3fc155cdf69b200b
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa
https://vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa

148 KB
41 KB

41ms
39ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: dccf202ada11235db9f874fd09fa1a955e5359fbd8c6c800d74d38375ff473ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Wed, 29 Jun 2022 10:19:40 GMT
server: kittenx
etag: "62bc273c-a18b"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 41355
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/dbc51599ae83613d5ae9303dc38e961c.6380d0195b1f1a431bc5.js?4f775ab3397c01cb89fa
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

ui_media_selector.64db1bf63c692d0c3c22.js Show response
vk.com/dist/web/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689
https://vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689

2 KB
2 KB

41ms
39ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 8f0af876c6734b75633aa86dfc171e68d10f50eec96c5b3fe70b790a2f8505a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 09:52:41 GMT
server: kittenx
etag: "62aafd69-521"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 1313
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/web/ui_media_selector.64db1bf63c692d0c3c22.js?e202e5b3b3cd046a133eb0577f069689
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 xdm.js Show response
st6-20.vk.com/js/api/ Frame EF14 11 KB
3 KB 196ms
54ms Script
application/x-javascript 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/js/api/xdm.js?9

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-b1e"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2846
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js Show response
vk.com/dist/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2
https://vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2

62 KB
18 KB

40ms
38ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 8b9255fa05726dfac9ba9b226387b389fbc99f01a892d37b02d3b42468c02cde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Mon, 20 Jun 2022 13:51:53 GMT
server: kittenx
etag: "62b07b79-45a5"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 17829
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/db5e7763f24e9d1919decb2dcba4950b.71fa7cb8a273d124cdb0.js?a243edb9f80f4a7e5cc2
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

upload.2701cd36870ada897a7b.js Show response
vk.com/dist/web/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20
https://vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20

2 KB
1 KB

42ms
40ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 6ab689cf66db763339d14ea8692ea090d7f201993b0bd371f5b27a6cd26813d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Thu, 16 Jun 2022 09:52:41 GMT
server: kittenx
etag: "62aafd69-4a1"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 1185
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/web/upload.2701cd36870ada897a7b.js?a872b6cd0e516801bc1455782bd02b20
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2

200

stickers.2fee51abc794e7bb4fe4.js Show response
vk.com/dist/web/ Frame EF14
Redirect Chain

https://st6-20.vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084
https://vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084

9 KB
4 KB

42ms
40ms

Script
application/x-javascript

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: ebd6d0075aaced1d29f9411686960637fdb1ea381986516bcff0a443608a242a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front512006
last-modified: Fri, 24 Jun 2022 17:44:17 GMT
server: kittenx
etag: "62b5f7f1-e14"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 3604
expires: Thu, 07 Jul 2022 20:53:46 GMT

Redirect headers

date: Sun, 03 Jul 2022 20:53:46 GMT
x-frontend: front6-20
server: kittenx
strict-transport-security: max-age=15768000
content-type: text/html
location: https://vk.com/dist/web/stickers.2fee51abc794e7bb4fe4.js?ad82aff0fa8a751dd30a9c57e2d81084
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 140
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 widget_community_messages.28815eb8bca3548f2d95.css
st6-20.vk.com/css/al/ Frame EF14 30 KB
6 KB 194ms
53ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

64e9e1e6373a35eb3b56ecd22314a963557b5dfc185f7f44ba72d73842153bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Fri, 17 Jun 2022 10:18:50 GMT
server: kittenx
etag: "62ac550a-17c6"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 6086
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 notifier.43fc8362d82a6a57ed78.css
st6-20.vk.com/css/al/ Frame EF14 484 KB
41 KB 195ms
53ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/notifier.43fc8362d82a6a57ed78.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

8c7ec36c5b246bfda2f3ea6f7cd4c12b1fd202ed4c4c83c191ad3407ce2796b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Thu, 23 Jun 2022 10:50:33 GMT
server: kittenx
etag: "62b44579-a152"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41298
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 ui_common.d0d6df784b537178aa3c.css
st6-20.vk.com/css/al/ Frame EF14 102 KB
14 KB 195ms
54ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/ui_common.d0d6df784b537178aa3c.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

7750cb48135e34f35f9aba4c2885d7c226a96cc6b5bd47be5b0c81a15114f8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Fri, 17 Jun 2022 10:18:50 GMT
server: kittenx
etag: "62ac550a-3867"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 14439
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 ui_media_selector.8e997532f94fe7971cfd.css
st6-20.vk.com/css/al/ Frame EF14 26 KB
4 KB 195ms
54ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/ui_media_selector.8e997532f94fe7971cfd.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

f71be752f0ce01b7c706f7c988cd080477a477b4db81b309656ec93871333ce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 12 Apr 2022 21:49:06 GMT
server: kittenx
etag: "6255f3d2-eec"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 3820
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 openapi.js Show response
st6-20.vk.com/js/api/ Frame EF14 102 KB
23 KB 196ms
55ms Script
application/x-javascript 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/js/api/openapi.js?163

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

98cbb6b8e3650bad7d2c80c91bf27e90817f12e790b6c23d086b8279a6704f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
strict-transport-security: max-age=15768000
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400, h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 base.c18c5e4398644fc12245.css
st6-20.vk.com/css/al/ Frame EF14 110 KB
18 KB 194ms
54ms Stylesheet
text/css 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://st6-20.vk.com/css/al/base.c18c5e4398644fc12245.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

0d068f61ba776dddc73873eb3f5e0df8c76a696f7995026e4ad71a198cfe2bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Fri, 24 Jun 2022 11:48:49 GMT
server: kittenx
etag: "62b5a4a1-47b5"
strict-transport-security: max-age=15768000
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 18357
expires: Thu, 07 Jul 2022 20:53:46 GMT

GET
H2 200 lang6_0.js Show response
vk.com/js/ Frame EF14 64 KB
19 KB 102ms
100ms Script
text/javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/lang6_0.js?3535

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

5a54e34734cc2d83cda2653bbc5b63f84b98006981264fc8800aa06bfbddc2e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 19136

GET
H2 200 camera_50.png
vk.com/images/ Frame EF14 570 B
743 B 37ms
37ms Image
image/png 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vk.com/images/camera_50.png
Requested by: Host: vk.com
URL: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
last-modified: Tue, 22 Sep 2020 20:29:55 GMT
server: kittenx
etag: "5f6a5ec3-23a"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 570
expires: Sun, 10 Jul 2022 20:53:46 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527543694600199&ev=PageView&dl=https%3A%2F%2Foneretarget.com%2Fru%2F&rl=&if=false&ts=1656881626671&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656881626484.1051797073&it=1656881626106&coo=false&rqm=GET

Requested by

Host: oneretarget.com
URL: https://oneretarget.com/ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 03 Jul 2022 20:53:46 GMT

POST
H3 405 a
www.googletagmanager.com/ 0
0 22ms
22ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&e=gtm.js&eid=1&tc=14&tr=5html.5ua&ti=1html.1ua&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 w_chat_icon.png
st6-20.vk.com/images/widgets/ Frame EF14 323 B
618 B 44ms
13ms Image
image/png 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/widgets/w_chat_icon.png

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

65c13ea7389c5f9eecc2f74162fa06d25ba5aedf0fb5253d188e840e1b4ecd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-143"
strict-transport-security: max-age=15768000
content-type: image/png
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 323
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H3 200 w_chat_logo.png
st6-20.vk.com/images/widgets/ Frame EF14 309 B
604 B 44ms
14ms Image
image/png 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/widgets/w_chat_logo.png

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

5def305bc41cc4adbbbaa3626fd516df8d06b329dd71e67711e47e0f2bd42ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-135"
strict-transport-security: max-age=15768000
content-type: image/png
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 309
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
DATA 200
OK truncated
/ Frame EF14 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0791be1e8841cc52ec5bbac364c425eb644fb19668be7818a8fa2c98042af27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 chats.png
st6-20.vk.com/images/icons/ Frame EF14 1 KB
2 KB 44ms
15ms Image
image/png 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/icons/chats.png?14

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

23fba549cb868791b6e0baa5ccc2d18d486604581395d1694909e3ac8eb4ce56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
server: kittenx
etag: "5f6a5ec4-5f0"
strict-transport-security: max-age=15768000
content-type: image/png
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1520
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H3 200 community_messages_widget_small_logo.svg
st6-20.vk.com/images/svg_icons/ Frame EF14 1 KB
1 KB 44ms
14ms Image
image/svg+xml 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/svg_icons/community_messages_widget_small_logo.svg

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

ff05cd28c3e311fe65d774a74e05b5fbc8ddfbcbd98df73e38ece5bbb8f55a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-2f5"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 757
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H3 200 emoji_smile_icon.svg
st6-20.vk.com/images/svg_icons/ Frame EF14 1 KB
800 B 42ms
13ms Image
image/svg+xml 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/svg_icons/emoji_smile_icon.svg

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

b047619305b6600f282536a15cb450ef4418bde26be7f10bc145af60761c31e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-1e5"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 485
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
DATA 200
OK truncated
/ Frame EF14 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e

Request headers

Referer
Origin: https://vk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame EF14 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d

Request headers

Referer
Origin: https://vk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame EF14 62 KB
62 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5efafd26d85f9d6c3340aa7b81aff0a4d9fe27d8f9ec9885565afb9fa2097d91

Request headers

Referer
Origin: https://vk.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 abc_light.09d39943da529c4c9793.js Show response
vk.com/dist/web/ Frame EF14 53 KB
12 KB 39ms
39ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/abc_light.09d39943da529c4c9793.js?bc15642493ae7f365c5be56153e58952
Requested by: Host: vk.com
URL: https://vk.com/js/al/lite.js?103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: b7f5924278f5b9f11f20dc27c66923bcd43f2cc6aad33133f25846a726cffcf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front512006
last-modified: Wed, 22 Jun 2022 10:50:17 GMT
server: kittenx
etag: "62b2f3e9-3034"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 12340
expires: Thu, 07 Jul 2022 20:53:47 GMT

POST
H2 200 al_im.php Show response
vk.com/ Frame EF14 1 KB
1 KB 46ms
46ms XHR
application/json 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/al_im.php

Requested by

Host: vk.com
URL: https://vk.com/js/al/lite.js?103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

1c2141f6454af98bea596bd72db1e8c6e430ee8b615b5e1df88a24efc6ae89ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: application/json; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 784

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ Frame EF14 27 KB
11 KB 49ms
49ms Script
application/javascript 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sun, 03 Jul 2022 21:53:47 GMT

GET
H3 200 widget_community_messages_attach_icon.svg
st6-20.vk.com/images/svg_icons/ Frame EF14 1 KB
801 B 14ms
13ms Image
image/svg+xml 95.142.206.0
MYCOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://st6-20.vk.com/images/svg_icons/widget_community_messages_attach_icon.svg

Requested by

Host: st6-20.vk.com
URL: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

95.142.206.0 , Russian Federation, ASN60476 (MYCOM-AS, NL),

Reverse DNS

srv0-206.vkontakte.ru

Software

kittenx /

Resource Hash

28c9e129d45b3f44f06183e644a13269683baecc2ead9840d828ff933bf6a75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://st6-20.vk.com/css/al/widget_community_messages.28815eb8bca3548f2d95.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front6-20
last-modified: Tue, 22 Sep 2020 20:30:00 GMT
server: kittenx
etag: "5f6a5ec8-1e6"
strict-transport-security: max-age=15768000
content-type: image/svg+xml
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 486
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H2 206 cm_widget.mp3
vk.com/mp3/ Frame EF14 51 KB
51 KB 37ms
37ms Media
audio/mpeg 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/mp3/cm_widget.mp3

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx /

Resource Hash

2355f0f16da9a676bdf5320a5339ba7dfefa7797532d651fa366a1ecb4b6b515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-frontend: front512006
last-modified: Tue, 22 Sep 2020 20:30:01 GMT
server: kittenx
etag: "5f6a5ec9-cc13"
strict-transport-security: max-age=15768000
content-type: audio/mpeg
Content-Range: bytes 0-52242/52243
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
Content-Length: 52243
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H2 200 loader_nav6964403_6.js Show response
vk.com/js/ Frame EF14 174 KB
42 KB 57ms
57ms Script
text/javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/js/loader_nav6964403_6.js

Requested by

Host: vk.com
URL: https://vk.com/js/al/lite.js?103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

0bb65de7992fd07adb1841e5cf43d30a458063fae32bac4ac2c72a9b22bbf042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: gzip
x-frontend: front512006
server: kittenx
x-powered-by: KPHP/7.4.111494
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 43067

POST
H2 200 counter
top-fwz1.mail.ru/ Frame EF14 43 B
904 B 48ms
48ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2685520;u=https%3A//oneretarget.com/ru/;st=1656881627216;pid=0;title=OneRetarget%20-%20%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C%20%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%20%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83%20%D0%92%D0%BA%D0%BE%D0%BD%D1%82...;s=1600*1200;vp=50*50;touch=0;hds=1;frame=1;flash=;sid=8e8062d45e04b6f8;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1656881627250%3A1656881627251%3A1%3Ac573e82c3c8c8d645a2c952b049b1510;visible=true;_=0.30756317429298186

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vk.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://vk.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://vk.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://vk.com
access-control-allow-headers: *

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
921 B 49ms
49ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2764177;u=https%3A//oneretarget.com/ru/;st=1656881625954;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d8ddad52aba3acab;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1656881625445/////351/351/351/351/351//352/375/388/379/509/509/509/1858/1858/;ni=9//4g/0/0/;lvid=1656881626351%3A1656881627304%3A4%3A93616cfcdb1476e18df7802177bbb69c;opts=dl%2Cjst-gtag-ga;visible=true;_=0.47952172583019936;e=RT/load;et=1656881627304

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://oneretarget.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://oneretarget.com
access-control-allow-headers: *

GET
H2 200 common.d554f527388a4fafa406.css
vk.com/css/al/ Frame EF14 451 KB
60 KB 38ms
37ms Stylesheet
text/css 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/css/al/common.d554f527388a4fafa406.css?undefined
Requested by: Host: vk.com
URL: https://vk.com/js/al/lite.js?103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 7a6e740203e04483b33d4428a9158de99fd6a077361838b15c43e192f0507609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front512006
last-modified: Mon, 27 Jun 2022 23:18:05 GMT
server: kittenx
etag: "62ba3aad-ed4b"
content-type: text/css
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 60747
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H2

200

https://login.vk.com/?_origin=https%3A%2F%2Fvk.com&ip_h=d60c22b41364bb7dab&role=al_frame&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93Z...
https://vk.com/login.php?slogin_h=bd73207302ab2cfc32.d01009808efb44dd81&act=slogin&auto=1&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93...

2 KB
1 KB

48ms
47ms

Document
text/html

93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/login.php?slogin_h=bd73207302ab2cfc32.d01009808efb44dd81&act=slogin&auto=1&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93ZWxjb21lX3NjcmVlbj0xJnJlZl9zb3VyY2VfaW5mbz11bmRlZmluZWQmcmVmX3NvdXJjZV9saW5rPWh0dHBzJTNBJTJGJTJGb25lcmV0YXJnZXQuY29tJTJGcnUlMkYmdG9vbHRpcF90ZXh0PSVEMCU5NSVEMSU4MSVEMSU4MiVEMSU4QyslRDAlQjIlRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODElM0YmZG9tYWluPW9uZXJldGFyZ2V0LmNvbSZkaXNhYmxlX2V4cGFuZF9jaGF0X3NvdW5kPTEmYnV0dG9uX3Bvc2l0aW9uPXVuZGVmaW5lZCZoZWlnaHQ9Mzk5JnVybD1odHRwcyUzQSUyRiUyRm9uZXJldGFyZ2V0LmNvbSUyRnJ1JTJGJnJlZmVycmVyPSZ0aXRsZT1PbmVSZXRhcmdldCstKyVEMCU5MCVEMCVCMiVEMSU4MiVEMCVCRSVEMCVCQyVEMCVCMCVEMSU4MiVEMCVCOCVEMCVCNyVEMCVCMCVEMSU4NiVEMCVCOCVEMSU4RislRDElODIlRDAlQjAlRDElODAlRDAlQjMlRDAlQjUlRDElODIlRDAlQjglRDElODAlRDAlQkUlRDAlQjIlRDAlQjAlRDAlQkQlRDAlQkQlRDAlQkUlRDAlQjkrJUQxJTgwJUQwJUI1JUQwJUJBJUQwJUJCJUQwJUIwJUQwJUJDJUQxJThCJTJDKyVEMSU4MiVEMCVCMCVEMSU4MCVEMCVCMyVEMCVCNSVEMSU4MiVEMCVCOCVEMSU4MCVEMCVCRSVEMCVCMiVEMCVCMCVEMSU4MiVEMSU4QyslRDElODAlRDAlQjUlRDAlQkElRDAlQkIlRDAlQjAlRDAlQkMlRDElODMrJUQwJTkyJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgyLi4uJjE4MWM1ZDczYzNkPSZhY3Q9&s=0

Requested by

Host: vk.com
URL: https://vk.com/js/al/lite.js?103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.111494

Resource Hash

4f57a1e75d1adcabf66971e0e5b086b581d23764c63d771a27f41f6b124803f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://vk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 865
content-type: text/html; charset=windows-1251
date: Sun, 03 Jul 2022 20:53:47 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: kittenx
strict-transport-security: max-age=15768000
x-frontend: front512006
x-powered-by: KPHP/7.4.111494

Redirect headers

cache-control: no-store
content-encoding: gzip
content-length: 20
content-type: text/html; charset=windows-1251
date: Sun, 03 Jul 2022 20:53:47 GMT
location: https://vk.com/login.php?slogin_h=bd73207302ab2cfc32.d01009808efb44dd81&act=slogin&auto=1&to=L3dpZGdldF9jb21tdW5pdHlfbWVzc2FnZXMucGhwP2FwcD0wJndpZHRoPTMwMHB4Jl92ZXI9MSZnaWQ9OTczMTEyMDkmZGlzYWJsZV93ZWxjb21lX3NjcmVlbj0xJnJlZl9zb3VyY2VfaW5mbz11bmRlZmluZWQmcmVmX3NvdXJjZV9saW5rPWh0dHBzJTNBJTJGJTJGb25lcmV0YXJnZXQuY29tJTJGcnUlMkYmdG9vbHRpcF90ZXh0PSVEMCU5NSVEMSU4MSVEMSU4MiVEMSU4QyslRDAlQjIlRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODElM0YmZG9tYWluPW9uZXJldGFyZ2V0LmNvbSZkaXNhYmxlX2V4cGFuZF9jaGF0X3NvdW5kPTEmYnV0dG9uX3Bvc2l0aW9uPXVuZGVmaW5lZCZoZWlnaHQ9Mzk5JnVybD1odHRwcyUzQSUyRiUyRm9uZXJldGFyZ2V0LmNvbSUyRnJ1JTJGJnJlZmVycmVyPSZ0aXRsZT1PbmVSZXRhcmdldCstKyVEMCU5MCVEMCVCMiVEMSU4MiVEMCVCRSVEMCVCQyVEMCVCMCVEMSU4MiVEMCVCOCVEMCVCNyVEMCVCMCVEMSU4NiVEMCVCOCVEMSU4RislRDElODIlRDAlQjAlRDElODAlRDAlQjMlRDAlQjUlRDElODIlRDAlQjglRDElODAlRDAlQkUlRDAlQjIlRDAlQjAlRDAlQkQlRDAlQkQlRDAlQkUlRDAlQjkrJUQxJTgwJUQwJUI1JUQwJUJBJUQwJUJCJUQwJUIwJUQwJUJDJUQxJThCJTJDKyVEMSU4MiVEMCVCMCVEMSU4MCVEMCVCMyVEMCVCNSVEMSU4MiVEMCVCOCVEMSU4MCVEMCVCRSVEMCVCMiVEMCVCMCVEMSU4MiVEMSU4QyslRDElODAlRDAlQjUlRDAlQkElRDAlQkIlRDAlQjAlRDAlQkMlRDElODMrJUQwJTkyJUQwJUJBJUQwJUJFJUQwJUJEJUQxJTgyLi4uJjE4MWM1ZDczYzNkPSZhY3Q9&s=0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: kittenx
strict-transport-security: max-age=15768000
x-powered-by: KPHP/7.4.111494

GET
H2 200 2b742a33a04fc6a3c8c2a2bd868aeac6.4652798b7d3df54ac8e2.js Show response
vk.com/dist/ Frame EF14 297 KB
83 KB 40ms
37ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/2b742a33a04fc6a3c8c2a2bd868aeac6.4652798b7d3df54ac8e2.js?db826c710a726ca1434e
Requested by: Host: vk.com
URL: https://vk.com/js/al/lite.js?103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 451ef285571594bc5cde78e11e842b2b746ae4684a6c1a24c882a77eeb20d1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front512006
last-modified: Fri, 01 Jul 2022 09:48:49 GMT
server: kittenx
etag: "62bec301-14974"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 84340
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H2 200 6fa7f4be2117d83900bce0891fd57db2.cf2a7b434dd784de6979.js Show response
vk.com/dist/ Frame EF14 52 KB
9 KB 44ms
42ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/6fa7f4be2117d83900bce0891fd57db2.cf2a7b434dd784de6979.js?ab4d04ec1857e4ae282b
Requested by: Host: vk.com
URL: https://vk.com/js/al/lite.js?103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: d628726eacc6b6013eafe87a31524df3a35049430cc5ddadc760dea25318f81c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front512006
last-modified: Tue, 21 Jun 2022 21:49:08 GMT
server: kittenx
etag: "62b23cd4-2350"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 9040
expires: Thu, 07 Jul 2022 20:53:47 GMT

GET
H2 200 notifier.0d26cb667af2c892a97e.js Show response
vk.com/dist/web/ Frame EF14 217 KB
53 KB 46ms
45ms Script
application/x-javascript 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/web/notifier.0d26cb667af2c892a97e.js?a8b3d3a683bb83c725b397e797ab904b
Requested by: Host: vk.com
URL: https://vk.com/js/al/lite.js?103
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
Software: kittenx /
Resource Hash: 359432099db11b1008af091068dc9120d4956496d88e4943199c00a64ce20148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vk.com/widget_community_messages.php?app=0&width=300px&_ver=1&gid=97311209&disable_welcome_screen=1&ref_source_info=undefined&ref_source_link=https%3A%2F%2Foneretarget.com%2Fru%2F&tooltip_text=%D0%95%D1%81%D1%82%D1%8C+%D0%B2%D0%BE%D0%BF%D1%80%D0%BE%D1%81%3F&domain=oneretarget.com&disable_expand_chat_sound=1&button_position=undefined&height=399&url=https%3A%2F%2Foneretarget.com%2Fru%2F&referrer=&title=OneRetarget+-+%D0%90%D0%B2%D1%82%D0%BE%D0%BC%D0%B0%D1%82%D0%B8%D0%B7%D0%B0%D1%86%D0%B8%D1%8F+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%BD%D0%BE%D0%B9+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%8B%2C+%D1%82%D0%B0%D1%80%D0%B3%D0%B5%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C+%D1%80%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D1%83+%D0%92%D0%BA%D0%BE%D0%BD%D1%82...&181c5d73c3d=&act=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 20:53:47 GMT
content-encoding: br
x-frontend: front512006
last-modified: Fri, 01 Jul 2022 07:53:25 GMT
server: kittenx
etag: "62bea7f5-d3fa"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 54266
expires: Thu, 07 Jul 2022 20:53:47 GMT

POST
H3 405 a
www.googletagmanager.com/ 0
0 21ms
21ms Ping
text/html 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.load&eid=3&tc=14&z=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBSM3V
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oneretarget.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F3F6 0
15 B 8ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://oneretarget.com
Referer: https://oneretarget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://oneretarget.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 20:53:48 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6585 0
15 B 9ms
9ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://oneretarget.com
Referer: https://oneretarget.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://oneretarget.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 03 Jul 2022 20:53:48 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 84D6 28 B
54 B 27ms
26ms XHR
application/json 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0e7373c2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/4Y3Au59XEI4?rel=0
X-YouTube-Client-Version: 1.20220629.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt1eURoMFlwOExFbyjag4iWBg%3D%3D
X-YouTube-Ad-Signals: dt=1656881626213&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 03 Jul 2022 20:53:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Sun, 03 Jul 2022 20:53:48 GMT

POST
H2 200 32315484 Show response
mc.yandex.com/webvisor/ 43 B
176 B 190ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/32315484?wmode=0&wv-part=1&wv-hit=387000985&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&rn=338978583&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1656881629%3Aw%3A1600x1200%3Av%3A832%3Az%3A0%3Ai%3A20220703205349%3Au%3A1656881626514454103%3Avf%3A30shymy8l87b25ks0fjeg%3Awe%3A1%3Ast%3A1656881629&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:49 GMT
last-modified: Sun, 03-Jul-2022 20:53:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 03-Jul-2022 20:53:49 GMT

POST
H2 200 32315484 Show response
mc.yandex.com/webvisor/ 43 B
85 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/32315484?wmode=0&wv-part=1&wv-hit=387000985&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&rn=159142274&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1656881630%3Aw%3A1600x1200%3Av%3A832%3Az%3A0%3Ai%3A20220703205349%3Au%3A1656881626514454103%3Avf%3A30shymy8l87b25ks0fjeg%3Awe%3A1%3Ast%3A1656881630&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:49 GMT
last-modified: Sun, 03-Jul-2022 20:53:49 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 03-Jul-2022 20:53:49 GMT

POST
H2 200 32315484 Show response
mc.yandex.com/webvisor/ 43 B
145 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/32315484?wmode=0&wv-part=2&wv-hit=387000985&page-url=https%3A%2F%2Foneretarget.com%2Fru%2F&rn=545938684&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1656881631%3Aw%3A1600x1200%3Av%3A832%3Az%3A0%3Ai%3A20220703205350%3Au%3A1656881626514454103%3Avf%3A30shymy8l87b25ks0fjeg%3Awe%3A1%3Ast%3A1656881631&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oneretarget.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 03 Jul 2022 20:53:50 GMT
last-modified: Sun, 03-Jul-2022 20:53:50 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://oneretarget.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 03-Jul-2022 20:53:50 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oneretarget.com/	1970-01-27 11:33:53	Name: oneretarget_user_id Value:
oneretarget.com/	1970-01-27 11:33:53	Name: visit Value: true
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: D8QS-gAve7U
.youtube.com/	1970-01-20 08:33:53	Name: VISITOR_INFO1_LIVE Value: uyDh0Yp8LEo
.oneretarget.com/	1970-01-20 21:45:53	Name: _ga Value: GA1.2.1475144984.1656881626
.oneretarget.com/	1970-01-20 04:16:08	Name: _gid Value: GA1.2.1620855501.1656881626
.oneretarget.com/	1970-01-20 04:14:41	Name: _gat Value: 1
.vk.com/	1970-01-20 12:56:52	Name: remixlang Value: 6
.vk.com/	1970-01-20 13:00:17	Name: remixstlid Value: 9075671104506788116_vzC25QH6Btb6s5V3EVyTNnczQokwkzq5YK1Kwi1Edmo
.vk.com/	1970-01-20 04:14:41	Name: hash429 Value: YCEVnQtKePamzMP7v_WBcOfAyzSLBab0gVgTiSF5iprTNKCttowhoM8uskH8lhYPq-V0xXVVgU_6kIzIpQCA9pnPcRnqup9FmwHHZigOGRq7gR_xNvwK0iw
.oneretarget.com/	1970-01-20 13:00:17	Name: _ym_uid Value: 1656881626514454103
.oneretarget.com/	1970-01-20 13:00:17	Name: _ym_d Value: 1656881626
.oneretarget.com/	1970-01-20 12:14:12	Name: tmr_lvid Value: 93616cfcdb1476e18df7802177bbb69c
.oneretarget.com/	1970-01-20 12:14:12	Name: tmr_lvidTS Value: 1656881626351
.mc.yandex.com/	1970-01-20 04:14:42	Name: sync_cookie_csrf Value: 1275723761fake
.vk.com/	1970-01-20 04:15:24	Name: solution429 Value: w0M80IVoGEkLbaQzqQEqWvZMtt8_rVIVGlSP6YpC4fjzDVj1LQWin4vvOJhz73j0Wt-U9h0XC2jFHwF0RVGxqN73_HoqkSJhrktISzxgduFPwNhqE7E09H0
.vk.com/	1970-01-20 13:06:18	Name: remixstid Value: 985741192_AZhLshbj1foYGhOSEFajypjJzgr8sMqrDWbbgS0E3r0
.oneretarget.com/	1970-01-20 04:15:53	Name: _ym_isad Value: 2
.oneretarget.com/	1970-01-20 06:24:17	Name: _fbp Value: fb.1.1656881626484.1051797073
.mc.yandex.ru/	1970-01-20 04:14:42	Name: sync_cookie_csrf Value: 1239758165fake
.yandex.com/	1970-01-20 13:00:17	Name: yandexuid Value: 8122179151656881626
.yandex.com/	1970-01-20 13:00:17	Name: yuidss Value: 8122179151656881626
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 995822671656881626
.yandex.com/	1970-01-23 19:50:41	Name: i Value: Egn6s9qh178Q8cBOQL1zq1SlZTHthVi7Y/rd7YFs4yXZKYiCno/jicXGgHlvE5kQbVWNvczlaDmPN0b2/eRLTAJ7E7U=
.yandex.com/	1970-01-20 13:00:17	Name: ymex Value: 1688417626.yrts.1656881626#1688417626.yrtsi.1656881626
.oneretarget.com/	1970-01-20 04:14:43	Name: _ym_visorc Value: w
.oneretarget.com/	1970-01-20 12:14:12	Name: tmr_reqNum Value: 4
.mail.ru/	1970-01-20 13:01:44	Name: VID Value: 350iPM2WnhIB00000e1GL42B:::0-0-0-7dc5a9a:CAASEIow0e_Djg-yApw7LZREpqUaYLu5WW3h6PGL6FR_93B5mlUFzNFzB5xNlQGOiSyX9zk061_QbRe2AE5KFeZ2pCFWmBjmMPWmZovOKJQR97Vw3GwF6ZrODjYH7sOezJJOjpyYv0WwWDTR1wKvoNaHF-ATWw
.vk.com/	1970-01-20 04:14:41	Name: remixlns Value: a4a00f83e5701f35bf
oneretarget.com/	1970-01-20 04:16:08	Name: tmr_detect Value: 0%7C1656881628987

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.init&eid=0&tc=14&z=0 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.init_consent&eid=-1&tc=14&z=0 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.js&eid=1&tc=14&tr=1ua.1html.5html.1html.5html.1html.1html.5html&ti=1ua.1html.1html.1html.1html.1html.1html.1html&z=0 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.dom&eid=2&tc=14&z=0 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9688.cCMJLe56iZ8Om5dITfimtKbmrkq7HS-BFGFtdcQwNKL4N7kKymDg8A26_oesxlA2IOIhcxdykOGA41uZF-1euA%2C%2C.t6LjiBKrpHlv-AaP9C9WCsoCn8Q%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&e=gtm.js&eid=1&tc=14&tr=5html.5ua&ti=1html.1ua&z=0 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://www.googletagmanager.com/a?id=GTM-TBSM3V&cv=65&v=3&t=t&pid=1560257240&rv=6t0&es=1&e=gtm.load&eid=3&tc=14&z=0 Message: Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jnn-pa.googleapis.com
login.vk.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
oneretarget.com
st6-20.vk.com
stackpath.bootstrapcdn.com
static.doubleclick.net
stats.g.doubleclick.net
tag.oneretarget.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
2001:4de0:ac18::1:a:1a
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2006
2a00:1450:400c:c06::9a
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
87.240.129.181
93.186.225.208
94.130.66.148
95.142.206.0
95.163.52.67
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0bb65de7992fd07adb1841e5cf43d30a458063fae32bac4ac2c72a9b22bbf042
0d068f61ba776dddc73873eb3f5e0df8c76a696f7995026e4ad71a198cfe2bc8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11148ace6157cd94751922d3c17557609a94b6c2a56ebbf7efcfe1eefba2f27a
133a0196abac3c595767baee508cd6d237e432c7b2ff39b4f5a7aa47d93ef6fe
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14bbe133ff8f19b48d375394bda3ff6ee14f607dcf420610266adc3833def3f9
15ab0ca7d0cd47a3f0cb731e8d0c7065d30fd2bd89992d7fefa9aab174b0be0a
16bd75e506b6109e4f50ea8e0b221b1c405be69c0073700247ce7a780e545c9c
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1bdd6381a766edae29933b122f20fc6d6dbd55e6a0a9cf0ea0a40a2e62547c4a
1c2141f6454af98bea596bd72db1e8c6e430ee8b615b5e1df88a24efc6ae89ca
21349e75e69112eb9e61b791c6a1d50b3c8a01669dfc6462e3dc2a97ab15f5da
22519a6535daecb71fc2b3b4e9d1ecba8eebe974c915bac8670900c3a9ed6224
2355f0f16da9a676bdf5320a5339ba7dfefa7797532d651fa366a1ecb4b6b515
23fba549cb868791b6e0baa5ccc2d18d486604581395d1694909e3ac8eb4ce56
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26e384d9e188a122e6ba90ca91efb5e0b19cbeb9b0dd4c974ff5e72057142eb1
28c9e129d45b3f44f06183e644a13269683baecc2ead9840d828ff933bf6a75f
2b86791b4bc5469817735d814f73f5b52cdc6078c60befd4c6cbe27c68b40027
2e0ee77711d1a786259a40dc3f2adf2fca36a884d6abedbbd3b52ae65cc4c869
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31d95fd1b4a2bc3d2060358527bb7242115b04f80ebe02e9786c90f52e027485
359432099db11b1008af091068dc9120d4956496d88e4943199c00a64ce20148
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f1d57c5b476f8ab3033e3ab3a91d36cb99725bd18cb9856bb88c202a0aabe6b
451ef285571594bc5cde78e11e842b2b746ae4684a6c1a24c882a77eeb20d1fa
45a2c0aecc6fcd9bd60d269d89a3e41ba4b445c5fbfef071f105da074e3d151f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4f57a1e75d1adcabf66971e0e5b086b581d23764c63d771a27f41f6b124803f6
5342190f57b872b9fad0947fe633f55125587d5183d13781a90cb8531475e027
5477a524327ebd1159eaef6aada88199b206515d2cca64d797f119a0045d2de6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55793efda510019fb8276869dd69b6b0cdd7080d42103dbe522dc56cb6c9ef4d
5a54e34734cc2d83cda2653bbc5b63f84b98006981264fc8800aa06bfbddc2e8
5c918ba482e530ea6f33db835cd23ef61466c6d406651d25d0ea636a71774edd
5d812041c950d591302992290c2eb3eb6b2e4db73f49fe81eb16442dbe248b37
5def305bc41cc4adbbbaa3626fd516df8d06b329dd71e67711e47e0f2bd42ce0
5eac042c55dc021af32ea9901b767ea33fec598482d1e9921404ba57bfe53295
5efafd26d85f9d6c3340aa7b81aff0a4d9fe27d8f9ec9885565afb9fa2097d91
5f04f87ba7cd3beb8f840e33441bdc8cfee7fe74a49cd8abdcc8ac7727b6bbda
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
637db52b59204c4d40f9104e92deca17d8fff2f5baf0da5616a75114cb9fb9c3
64e9e1e6373a35eb3b56ecd22314a963557b5dfc185f7f44ba72d73842153bd0
65c13ea7389c5f9eecc2f74162fa06d25ba5aedf0fb5253d188e840e1b4ecd40
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6ab689cf66db763339d14ea8692ea090d7f201993b0bd371f5b27a6cd26813d5
70a64c9912aae092f9cc15fd4015d474e13b9a08b018c0e761ee183cae873bfa
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
76335dc7257d65639f71a4cd69dec2e4fb4f60120d966fa9c3bb0741b02df2bc
7750cb48135e34f35f9aba4c2885d7c226a96cc6b5bd47be5b0c81a15114f8c5
7a6e740203e04483b33d4428a9158de99fd6a077361838b15c43e192f0507609
7f868c3511c869f782d1ad9abf55c6bba0ecc60def9082d16baaaa9bcba9a127
82292bf05923334bf28e0d1886f336fa9b3f35d267730a4c082299bb1b89cef9
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878e53b32a20367d1fb28bcd7342e18f70fc3c3198045f48f94021fab43113a3
8b9255fa05726dfac9ba9b226387b389fbc99f01a892d37b02d3b42468c02cde
8c7ec36c5b246bfda2f3ea6f7cd4c12b1fd202ed4c4c83c191ad3407ce2796b2
8f0af876c6734b75633aa86dfc171e68d10f50eec96c5b3fe70b790a2f8505a7
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93de9d6271884fafc3f25d0f6e45777089c25bcab3a19764ded7f35ffcc0ebfd
97c3fd6c940ac42e8d4b7f9adf176658be571ad491feb8c2057cbe733849512c
98cbb6b8e3650bad7d2c80c91bf27e90817f12e790b6c23d086b8279a6704f77
9e97e6cc6b0649701a5750c216e5a16432aa03a991db578146d4183acf5c0b0a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b047619305b6600f282536a15cb450ef4418bde26be7f10bc145af60761c31e8
b0791be1e8841cc52ec5bbac364c425eb644fb19668be7818a8fa2c98042af27
b7cc06a08320a714a331f843708a667aa53ac4962e45cc89a1ac7e02d8e59753
b7f5924278f5b9f11f20dc27c66923bcd43f2cc6aad33133f25846a726cffcf6
ba1638fd8d670e2654d4a9a291e111538e8e8a6c0d63cfa0eedbe10190717872
bccc43dcb74c1e7d974c6674902ffda390b349fe3483b2477794dbe9800d9ce0
c9f5d3a9393a5b72d23dc40f3e637b7cf5a8d9de6bb82fd36780577071be82d4
ca075b633165b868754e71df03db5a163040350f4c524f2cb31477cc675e1a0f
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
d628726eacc6b6013eafe87a31524df3a35049430cc5ddadc760dea25318f81c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dccf202ada11235db9f874fd09fa1a955e5359fbd8c6c800d74d38375ff473ae
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9c102be54a21fc534271c42ff116be61325240fac9649023cc6adf41d8e72
e8a5b9388350786f356aeeda76512e7e99c7e120a4f0a8b4a301936d69ba2e6b
ebb034e271748341f4e61a93a90b242e31f55535df21c4e0b517784cb31ad004
ebd6d0075aaced1d29f9411686960637fdb1ea381986516bcff0a443608a242a
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00e3a01f8122d5f17a85f4447eec7e9d04135307feb4c93a1c2308b7c735363
f036531b5f9e56993ce2f6c3677bb3b3734859f9747fca67a7095f25095330bc
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f64a05c203ef2db5ddbc637407e082b658100832d6aeb2a96b7f78d229c6da7d
f71be752f0ce01b7c706f7c988cd080477a477b4db81b309656ec93871333ce6
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
ff05cd28c3e311fe65d774a74e05b5fbc8ddfbcbd98df73e38ece5bbb8f55a89

oneretarget.com Open in urlscan Pro 94.130.66.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

80 %HTTPS

79 %IPv6

18 Domains

26 Subdomains

24 IPs

5 Countries

3561 kBTransfer

11490 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oneretarget.com Open in urlscan Pro
94.130.66.148 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

80 %
HTTPS

79 %
IPv6

18
Domains

26
Subdomains

24
IPs

5
Countries

3561 kB
Transfer

11490 kB
Size

30
Cookies

119 HTTP transactions
4 data transactions