klin-detstvo.ru Open in urlscan Pro
217.172.25.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://klin-detstvo.ru/
Submission: On October 25 via manual (October 25th 2022, 6:49:38 am UTC) from RU — Scanned from DE

Summary HTTP 56 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 15 domains to perform 56 HTTP transactions. The main IP is 217.172.25.35, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is klin-detstvo.ru.

This is the only time klin-detstvo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	217.172.25.35 217.172.25.35	198610 (BEGET-AS) (BEGET-AS)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
5	212.109.217.26 212.109.217.26	29182 (RU-JSCIOT) (RU-JSCIOT)
2	178.62.225.201 178.62.225.201	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	46.4.104.244 46.4.104.244	24940 (HETZNER-AS) (HETZNER-AS)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
56	17

17 217.172.25.35 (Russian Federation)

ASN198610 (BEGET-AS, RU)

klin-detstvo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

hhnhxu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 212.109.217.26 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: tapeinotita7.slickjump.org

sjsmartcontent.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.62.225.201 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

fatlossremedies.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de

rotarb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	klin-detstvo.ru klin-detstvo.ru	110 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	209 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9943	2 KB
5	rotarb.bid rotarb.bid — Cisco Umbrella Rank: 144988	40 KB
5	sjsmartcontent.org sjsmartcontent.org — Cisco Umbrella Rank: 253484	52 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6193	129 KB
3	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1336 mc.yandex.ru — Cisco Umbrella Rank: 3510	178 KB
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 13136	815 B
2	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 9135	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	5 KB
2	fatlossremedies.com fatlossremedies.com — Cisco Umbrella Rank: 617244	14 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8724	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	698 B
1	hhnhxu.com hhnhxu.com	23 KB
56	15

	Domain	Requested by
17	klin-detstvo.ru	klin-detstvo.ru
6	pagead2.googlesyndication.com	klin-detstvo.ru pagead2.googlesyndication.com tpc.googlesyndication.com
5	mc.yandex.com	2 redirects klin-detstvo.ru
5	rotarb.bid	klin-detstvo.ru rotarb.bid
5	sjsmartcontent.org	klin-detstvo.ru sjsmartcontent.org
4	yastatic.net	yandex.ru
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	sync.1dmp.io	1 redirects text
2	top-fwz1.mail.ru	1 redirects text
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects klin-detstvo.ru
2	fatlossremedies.com	klin-detstvo.ru
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yandex.ru	klin-detstvo.ru
1	hhnhxu.com	klin-detstvo.ru
56	18

This site contains links to these domains. Also see Links.

Domain
wpastra.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
set.bamboss.ru R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.sjsmartcontent.org GlobalSign GCC R3 DV TLS CA 2020	`2022-05-12` - `2023-06-13`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://klin-detstvo.ru/
Frame ID: 16C706C883A2F9AC0D5C5C9F5D78E94F
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html
Frame ID: AF3FBFA9441A22BBCF2DB7E47CC0C0D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5972419208534160&output=html&adk=1812271804&adf=1573534164&lmt=1666680573&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fklin-detstvo.ru%2F&ea=0&pra=5&wgl=1&dt=1666680573797&bpp=4&bdt=384&idt=143&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=791187226784&frm=20&pv=2&ga_vid=1566988473.1666680574&ga_sid=1666680574&ga_hid=1615146621&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070437%2C44772269%2C44775016&oid=2&pvsid=1358963706152789&tmod=1242020877&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=170
Frame ID: FDFFD4E342EFC29A956CDA17A5ACE843
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 94E85DD76F93D6104DCE054198FE763E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A2A1C24DC3D3AE0F2D9196A174C9A07
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3E49124BD8DCF30BAC4B2868F6246663
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2AC147AA64344F1EA8A164D66C6306CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Детская поликлиника Клин - Медицинский справочник

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

56
Requests

50 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

765 kB
Transfer

2611 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wpastra.com/
Title: WordPress тема Astra

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9802.bo9N11pLe6ChHpIl2wEtU5M5N5BZiXlDArBheCri6JUf6AmsU2A2o4f7DgluyVkP.exYNgv7okpeMQo6rfmXjaPjDI3g%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9802.-WzkjU_h0-0RESXJrQz6qr9z-RQIscCN-kWdCjk_WdmrYL4srEjAdepwKz5s_Xt_Rb2ZuoRtylugq4J3GLCujg%2C%2C.VigJsL2vlRInkGC3A3zqiALzkpI%2C

Request Chain 40

https://mc.yandex.com/watch/88978187?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1565585405325%3Ahid%3A234791918%3Az%3A0%3Ai%3A20221025064934%3Aet%3A1666680574%3Ac%3A1%3Arn%3A500498136%3Arqn%3A1%3Au%3A1666680574473546648%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A111%2C76%2C79%2C76%2C0%2C0%2C%2C234%2C6%2C%2C%2C%2C578%3Acpf%3A1%3Antf%3A1%3Ans%3A1666680573142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666680574%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BF%D0%BE%D0%BB%D0%B8%D0%BA%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%9A%D0%BB%D0%B8%D0%BD%20-%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%86%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/88978187/1?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1565585405325%3Ahid%3A234791918%3Az%3A0%3Ai%3A20221025064934%3Aet%3A1666680574%3Ac%3A1%3Arn%3A500498136%3Arqn%3A1%3Au%3A1666680574473546648%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A111%2C76%2C79%2C76%2C0%2C0%2C%2C234%2C6%2C%2C%2C%2C578%3Acpf%3A1%3Antf%3A1%3Ans%3A1666680573142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666680574%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BF%D0%BE%D0%BB%D0%B8%D0%BA%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%9A%D0%BB%D0%B8%D0%BD%20-%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%86%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 54

https://top-fwz1.mail.ru/counter?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe HTTP 302
https://top-fwz1.mail.ru/counter2?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe

Request Chain 55

https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe HTTP 302
https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe&cs=1

56 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
klin-detstvo.ru/ 85 KB
22 KB 268ms
80ms Document
text/html 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 / PHP/7.4.25
Resource Hash: 4686baa1871b0e0ee30f9ab1261748068d0b0097935614a0b082778d06e19ed0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 25 Oct 2022 06:49:33 GMT
Keep-Alive: timeout=30
Server: nginx-reuseport/1.21.1
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding,Cookie
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK style.min.css
klin-detstvo.ru/wp-content/themes/astra/assets/css/minified/ 86 KB
14 KB 140ms
71ms Stylesheet
text/css 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/themes/astra/assets/css/minified/style.min.css?ver=2.4.5
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: fc736484b15c487c25384a915b92af24e0b18081d63955aea27eb48d4392fcf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:46:55 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b73f-157f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK menu-animation.min.css
klin-detstvo.ru/wp-content/themes/astra/assets/css/minified/ 3 KB
767 B 150ms
79ms Stylesheet
text/css 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/themes/astra/assets/css/minified/menu-animation.min.css?ver=2.4.5
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:46:55 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b73f-d54"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK postratings-css.css
klin-detstvo.ru/wp-content/plugins/wp-postratings/css/ 1 KB
798 B 145ms
73ms Stylesheet
text/css 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.89
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:28 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88c-549"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK bvi.min.css
klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/css/ 100 KB
11 KB 146ms
73ms Stylesheet
text/css 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/css/bvi.min.css?ver=2.0
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: fe9042540c9b96ba4743e5e9777c50e7db05ac989256734c16ede5cd62c6bd3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:29 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88d-18e47"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK responsivescrollingtables.js Show response
klin-detstvo.ru/wp-content/plugins/responsive-scrolling-tables/js/ 1 KB
1012 B 144ms
71ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/responsive-scrolling-tables/js/responsivescrollingtables.js?ver=4.9.22
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 92567833cdb642f43e56b6907245ce9f595f39c8ca6657a2c4a461d7cc9b3283

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:28 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88c-5a7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK jquery.js Show response
klin-detstvo.ru/wp-includes/js/jquery/ 95 KB
33 KB 154ms
78ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:30 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88e-17a6a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
klin-detstvo.ru/wp-includes/js/jquery/ 10 KB
4 KB 216ms
72ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:30 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88e-2748"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 80ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5972419208534160

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e2f12e7e1b4dc228905703ccf2cf3c2064e5e17f664c89bebea59437960558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55214
x-xss-protection: 0
server: cafe
etag: 18268082436295582820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 06:49:33 GMT

GET
H/1.1 200
OK vqu786ypkq02xy7.php Show response
hhnhxu.com/kesl71/912ilv/mp00y38qh786/ 72 KB
23 KB 112ms
51ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://hhnhxu.com/kesl71/912ilv/mp00y38qh786/vqu786ypkq02xy7.php
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 7d238e8dec291ed662a6f83f91477087ac4e7cb5637e7e77dabfd05f34d98bfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Oct 2022 11:34:25 GMT
Server: nginx/1.14.2
ETag: "63567841-58cb"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 22731

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 392 KB
106 KB 216ms
77ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6c374a8ed2d41901c8351d8f429d9a2d93ed412460857b343ad30bc46b98bfd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1666680573829334-9048108807524769327-sas3-0752-6e1-sas-l7-balancer-8080-BAL-2371
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 25 Oct 2022 07:49:33 GMT

GET
H/1.1 200
OK sjplugin.js Show response
sjsmartcontent.org/static/plugin-site/js/ 139 KB
50 KB 125ms
58ms Script
application/javascript 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: http://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 7fcc4995f4504f750d67e94df22aa7e076cdb619c318edaf32a2da7c93033efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Oct 2022 10:29:38 GMT
Server: nginx/1.20.2
ETag: W/"633ab992-22b37"
Transfer-Encoding: chunked
Content-Type: application/x-javascript, application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Wed, 25 Oct 2023 06:49:33 GMT

GET
H2 200 / Show response
fatlossremedies.com/ 10 B
320 B 97ms
30ms Script
application/javascript 178.62.225.201
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fatlossremedies.com/?re=giztozbrme5ha3ddf43tomrr

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.62.225.201 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3df65d7d6add27dd11c6f6a174f7940f193a6283948ad989f1462923cde8f229

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 06:49:33 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
fatlossremedies.com/ 13 KB
14 KB 97ms
31ms Script
application/javascript 178.62.225.201
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://fatlossremedies.com/?re=gm3wkmrqgy5ha3ddf44dgobq

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.62.225.201 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

9bfb643835ac8f5c0e94d08e222a9a146e7d2e32dc310aec3c3b9e481b9980a4

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Oct 2022 06:49:33 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK style.min.js Show response
klin-detstvo.ru/wp-content/themes/astra/assets/js/minified/ 10 KB
3 KB 217ms
72ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/themes/astra/assets/js/minified/style.min.js?ver=2.4.5
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: f0aaf88c113278f28ec0cf012582c29dbd564e83df5ddbdfe310623e2664cb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:46:55 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b73f-2874"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
klin-detstvo.ru/wp-includes/js/ 12 KB
5 KB 98ms
97ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-includes/js/wp-emoji-release.min.js?ver=4.9.22
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:30 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88e-2ea7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK postratings-js.js Show response
klin-detstvo.ru/wp-content/plugins/wp-postratings/js/ 3 KB
1 KB 147ms
71ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.89
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:27 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88b-d01"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK js.cookie.min.js Show response
klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/ 2 KB
1 KB 155ms
76ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/js.cookie.min.js?ver=2.2.1
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 706d32c25732e1c6e4f308c7efc13f26d5793060a137c4d52b791e4db892eacc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:29 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88d-758"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK bvi-init.min.js Show response
klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/ 62 B
418 B 204ms
68ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/bvi-init.min.js?ver=2.0
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 551cdbb16c8a9454678663aa07956177676969352f44c67d68e1b969ad7f1347

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Last-Modified: Wed, 12 Oct 2022 12:52:29 GMT
Server: nginx-reuseport/1.21.1
ETag: "6346b88d-3e"
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 62
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK bvi.min.js Show response
klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/ 28 KB
6 KB 219ms
72ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/plugins/button-visually-impaired/assets/js/bvi.min.js?ver=2.0
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2e7110dcfd188f0a768a7e3b4ce17d8f64cd4652167170300a5ba5060c295ae4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:29 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88d-7173"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
klin-detstvo.ru/wp-includes/js/ 1 KB
1 KB 218ms
71ms Script
application/x-javascript 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-includes/js/wp-embed.min.js?ver=4.9.22
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2022 12:52:30 GMT
Server: nginx-reuseport/1.21.1
ETag: W/"6346b88e-56f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=604800
Connection: keep-alive
Keep-Alive: timeout=30
Expires: Tue, 01 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK 1vxqq.min.js Show response
rotarb.bid/ 67 KB
19 KB 70ms
33ms Script
text/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rotarb.bid/1vxqq.min.js?a9c4719

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

HTTP/1.1

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

360a50055d32be58c5b0f78c54c096feeac74c8abc995d8d796494263f0d7ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Server: nginx
Duration: 2022658
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Connection: keep-alive
Keep-Alive: timeout=60
Access-Control-Allow-Headers: *
Expires: Tue, 25-Oct-2022 09:54:33 EEST

GET
H/1.1 200
OK 1vbcq.min.js Show response
rotarb.bid/ 67 KB
19 KB 71ms
35ms Script
text/javascript 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rotarb.bid/1vbcq.min.js?6e555eb

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

HTTP/1.1

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

360a50055d32be58c5b0f78c54c096feeac74c8abc995d8d796494263f0d7ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Server: nginx
Duration: 2038452
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Connection: keep-alive
Keep-Alive: timeout=60
Access-Control-Allow-Headers: *
Expires: Tue, 25-Oct-2022 09:54:33 EEST

GET
H/1.1 200
OK astra.woff
klin-detstvo.ru/wp-content/themes/astra/assets/fonts/ 3 KB
4 KB 93ms
93ms Font
application/font-woff 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://klin-detstvo.ru/wp-content/themes/astra/assets/fonts/astra.woff
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Last-Modified: Wed, 12 Oct 2022 12:46:55 GMT
Server: nginx-reuseport/1.21.1
ETag: "6346b73f-ce8"
Content-Type: application/font-woff
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 3304
Expires: Thu, 24 Nov 2022 06:49:33 GMT

GET
H/1.1 200
OK rating_over.gif
klin-detstvo.ru/wp-content/plugins/wp-postratings/images/stars/ 523 B
867 B 76ms
76ms Image
image/gif 217.172.25.35
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://klin-detstvo.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by: Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/
Protocol: HTTP/1.1
Server: 217.172.25.35 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Last-Modified: Wed, 12 Oct 2022 12:52:28 GMT
Server: nginx-reuseport/1.21.1
ETag: "6346b88c-20b"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 523
Expires: Thu, 24 Nov 2022 06:49:33 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
72 KB 276ms
140ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-11dd4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73172
expires: Tue, 25 Oct 2022 07:49:33 GMT

POST
H/1.1 200
OK 1vbcq.json Show response
rotarb.bid/ 59 B
390 B 56ms
28ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rotarb.bid/1vbcq.json

Requested by

Host: rotarb.bid
URL: http://rotarb.bid/1vxqq.min.js?a9c4719

Protocol

HTTP/1.1

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

0db7ebe4e17aca991ae25c6e463382c73a39c9d71fee5d7dd9d6d9f228371c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Strict-Transport-Security: max-age=63072000
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 59
Access-Control-Allow-Headers: *

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/ 353 KB
116 KB 85ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5972419208534160&plah=klin-detstvo.ru&bust=31070437

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5972419208534160

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbef6976765800088eccf1878526d1aa79e1c02109c2b5896a1cdb6086ae25f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118750
x-xss-protection: 0
server: cafe
etag: 7990531123685033107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Oct 2022 06:49:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/ Frame AF3F 10 KB
5 KB 55ms
15ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5972419208534160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 15:18:21 GMT
etag: 9671129459699598864
expires: Mon, 07 Nov 2022 15:18:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK 1vbcq.json Show response
rotarb.bid/ 59 B
390 B 29ms
29ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rotarb.bid/1vbcq.json

Requested by

Host: rotarb.bid
URL: http://rotarb.bid/1vxqq.min.js?a9c4719

Protocol

HTTP/1.1

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

c08d21648a565e1066a1e5a1f8ccb9f3e67e5178c08dec638aebee94eb18ee36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 25 Oct 2022 06:49:33 GMT
Strict-Transport-Security: max-age=63072000
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 59
Access-Control-Allow-Headers: *

POST
H2 200 event
sjsmartcontent.org/wns/ 2 B
181 B 189ms
67ms Ping
text/plain 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/event
Requested by: Host: sjsmartcontent.org
URL: http://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://klin-detstvo.ru
date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
content-type: text/plain; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
698 B 84ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=klin-detstvo.ru&callback=_gfp_s_&client=ca-pub-5972419208534160&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5972419208534160&plah=klin-detstvo.ru&bust=31070437

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f38630dc906938ba8b9a474e0b6a7f764afc2efa8f939adea18bdcce89c9e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 67ms
25ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=klin-detstvo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
25ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=klin-detstvo.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDFF 603 B
67 B 70ms
37ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5972419208534160&output=html&adk=1812271804&adf=1573534164&lmt=1666680573&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fklin-detstvo.ru%2F&ea=0&pra=5&wgl=1&dt=1666680573797&bpp=4&bdt=384&idt=143&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=791187226784&frm=20&pv=2&ga_vid=1566988473.1666680574&ga_sid=1666680574&ga_hid=1615146621&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070437%2C44772269%2C44775016&oid=2&pvsid=1358963706152789&tmod=1242020877&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=170

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 06:49:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/669867/ 13 KB
5 KB 131ms
45ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/3521127290410543dbe9.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4579
last-modified: Fri, 21 Oct 2022 10:34:31 GMT
server: nginx/1.17.9
etag: "2608153af020534eac1710bcf8245ae2"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 13:24:10 GMT

GET
H2 200 329e6f52252a69a23815.js Show response
yastatic.net/partner-code-bundles/669867/ 86 KB
19 KB 169ms
84ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/329e6f52252a69a23815.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ec440fc50e56a83bca07e825b111c7cc5908db7e796a1633ee4fbd0ab2483733

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19039
last-modified: Fri, 21 Oct 2022 10:34:31 GMT
server: nginx/1.17.9
etag: "dcb92f2a535b41705f083365d1ab40c3"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 13:24:10 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 185ms
101ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 13:25:00 GMT

GET
H2 200 ca7eb8df2d2c350d6c13.js Show response
yastatic.net/partner-code-bundles/669867/ 468 KB
96 KB 201ms
120ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/669867/ca7eb8df2d2c350d6c13.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

f631727b94c34691ab989c147f47dd2d047c712bbea3000ae08a7405c7865c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: http://klin-detstvo.ru/
Origin: http://klin-detstvo.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 97599
last-modified: Fri, 21 Oct 2022 10:34:32 GMT
server: nginx/1.17.9
etag: "e3dd41c78bc5f8e123802f72a1181551"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 24 Oct 2052 13:24:10 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9802.bo9N11pLe6ChHpIl2wEtU5M5N5BZiXlDArBheCri6JUf6AmsU2A2o4f7DgluyVkP.exYNgv7okpeMQo6rfmXjaPjDI3g%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9802.-WzkjU_h0-0RESXJrQz6qr9z-RQIscCN-kWdCjk_WdmrYL4srEjAdepwKz5s_Xt_Rb2ZuoRtylugq4J3GLCujg%2C%2C.VigJsL2vlRInkGC3A3zqiALzkpI%2C

75 B
75 B

70ms
70ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9802.-WzkjU_h0-0RESXJrQz6qr9z-RQIscCN-kWdCjk_WdmrYL4srEjAdepwKz5s_Xt_Rb2ZuoRtylugq4J3GLCujg%2C%2C.VigJsL2vlRInkGC3A3zqiALzkpI%2C

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9802.-WzkjU_h0-0RESXJrQz6qr9z-RQIscCN-kWdCjk_WdmrYL4srEjAdepwKz5s_Xt_Rb2ZuoRtylugq4J3GLCujg%2C%2C.VigJsL2vlRInkGC3A3zqiALzkpI%2C
date: Tue, 25 Oct 2022 06:49:34 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 68ms
68ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: klin-detstvo.ru
URL: http://klin-detstvo.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 12:18:36 GMT
etag: "6351126c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Oct 2022 07:49:34 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/88978187/
Redirect Chain

https://mc.yandex.com/watch/88978187?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.com/watch/88978187/1?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3...

427 B
509 B

70ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88978187/1?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1565585405325%3Ahid%3A234791918%3Az%3A0%3Ai%3A20221025064934%3Aet%3A1666680574%3Ac%3A1%3Arn%3A500498136%3Arqn%3A1%3Au%3A1666680574473546648%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A111%2C76%2C79%2C76%2C0%2C0%2C%2C234%2C6%2C%2C%2C%2C578%3Acpf%3A1%3Antf%3A1%3Ans%3A1666680573142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666680574%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BF%D0%BE%D0%BB%D0%B8%D0%BA%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%9A%D0%BB%D0%B8%D0%BD%20-%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%86%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

df9cda6fec9254ad74f4f9904edc33e9ba1ce9d12ca3470b87d18b12b4bdaafa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 06:49:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 25-Oct-2022 06:49:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://klin-detstvo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 06:49:34 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 06:49:34 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25-Oct-2022 06:49:34 GMT
location: /watch/88978187/1?wmode=7&page-url=http%3A%2F%2Fklin-detstvo.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Al4cs6ej6vo5gha9qjtx4s%3Afp%3A537%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A1565585405325%3Ahid%3A234791918%3Az%3A0%3Ai%3A20221025064934%3Aet%3A1666680574%3Ac%3A1%3Arn%3A500498136%3Arqn%3A1%3Au%3A1666680574473546648%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A111%2C76%2C79%2C76%2C0%2C0%2C%2C234%2C6%2C%2C%2C%2C578%3Acpf%3A1%3Antf%3A1%3Ans%3A1666680573142%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1666680574%3At%3A%D0%94%D0%B5%D1%82%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BF%D0%BE%D0%BB%D0%B8%D0%BA%D0%BB%D0%B8%D0%BD%D0%B8%D0%BA%D0%B0%20%D0%9A%D0%BB%D0%B8%D0%BD%20-%20%D0%9C%D0%B5%D0%B4%D0%B8%D1%86%D0%B8%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: http://klin-detstvo.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 25-Oct-2022 06:49:34 GMT

POST
H/1.1 200
OK 1vbcq.json Show response
rotarb.bid/ 59 B
390 B 34ms
33ms XHR
application/json 46.4.104.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rotarb.bid/1vbcq.json

Requested by

Host: rotarb.bid
URL: http://rotarb.bid/1vxqq.min.js?a9c4719

Protocol

HTTP/1.1

Server

46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.244.104.4.46.clients.your-server.de

Software

nginx /

Resource Hash

56955675f41f5ee2930b6cdeeb743cff4101b3b037d1c9fe18f2429bde99ec9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 25 Oct 2022 06:49:34 GMT
Strict-Transport-Security: max-age=63072000
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 59
Access-Control-Allow-Headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 66ms
30ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb4a6a82663f4aeeb4cc311c6e55c023cdc4a90351906dcfc212619a0891f0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11189
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Oct 2022 06:49:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 94E8 13 KB
5 KB 70ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 06:36:43 GMT
expires: Wed, 25 Oct 2023 06:36:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A2A 783 B
1 KB 84ms
26ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3423b4766c9bf4862400273b8e39f9353f044676759044ec0c60ac13ee6ba446

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C04NXy_m32P1q84fOr6nPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-C04NXy_m32P1q84fOr6nPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 06:49:34 GMT
expires: Tue, 25 Oct 2022 06:49:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js Show response
pagead2.googlesyndication.com/bg/ Frame 94E8 36 KB
16 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15854
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 06:30:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A2A 0
0 49ms
49ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221020&jk=1358963706152789&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 94E8 0
10 B 15ms
15ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?4ZnS5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221020&jk=1358963706152789&bg=!R0SlRADNAAaaxvStusY7ACkAdvg8Wo9I8tgSemrf7EitFUmC2Jlf89xm_MTw3QfQtlIRlpJI40UNvgIAAABaUgAAAANoAQcKAF3o-av-NkMU_J-doVvrWWeWIxGNhxPv9gm66w7gTxnWVmPD3mcvb5OUTTR7n5QBzYjSWsDnZyGrLhDQ18k8gTf15A1Zx4nx7JHM5DImDM9zOoMuwjQQO5tGVO0nyKyZAqQkyX-30mAxXOuQE2PL-xk5E9iY53MGY0vQLmnSIAGgUKNnEhygompMyQFft0FU_PyYRClhiHGidm2YZQqUP6syyifk5n3ccF4rqXVEsZeXncW4jTGP9rL4IULeqsWZ-cS1ffXhrJAsTEyQDy_u4FrUxhVHZ2RzVOKh7EMMOvrUW64CusXzj0nskEOBupg6fU8RYj-t0sjKBZElvJdMlcvnjdNzn9WFPbPeAJXRjAQEMETJ275GLeedK-oFUsGV5GrMTNQw-RCrqH0FiRAGqrQNSHCGe11dzDCP0Wx_2GlFRuVIm07HjMNzYiAh0OJUahfZfZZr5dR89t97LAj61KivLzpArTVjWIKWAygDbL-I1fCM-lyuiVzNdHBB4Z-dUFORqvwaKfUFDDUUA3QwQ66qLEOoTQmJiFyory3r5bg3EqlUjFcv7bh7iyPY6LjQov5PCT31uLWJpkOwwRxrqOlrXa7xVj9NEBEvuE8T3-qihD4RIxFRCbNW3bKsA9fauwzqAKv0isDWcUHgZG0lCrSlabJfeNLsGfUDvWsQ83YdBrBIN5ldM0427xgqa2TkYrbb8x0e0q0gHFGnkEuNGaYrxLEc1_Z68yxH3MnIjXvtiWADFxaTzGg27b4cuAdvlvshEYj1zCLmA_eqYP21TzZzyeGmBuc1hDmFUs-xmpDxyTH_gqdVzfngssjS7RyVKFyPYuRdft-17j5y6c6TPxCt-N38_I0xHlhuQDYbsYwuV0XB8P13In0l1Jj1sm4g8hAZHd6Tj_j4YnSRpIQ2W5jeDJqY9ta3Zi3tyFsJr671s4ZN34NNkcQi5tNF0ubWy5h-0BjnNlNc0zPjctq61QaN_JPIo7GBIbSUHiMZczFg4ADVBNTH1Rh6_c39AFZGUN9DqGXZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://klin-detstvo.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 200 top2 Show response
sjsmartcontent.org/wns/ 486 B
966 B 68ms
67ms XHR
text/json 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/top2
Requested by: Host: sjsmartcontent.org
URL: http://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: f50367f78a1894d59e970ce77130f919049db20a8c3caf289bf017520879a893

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://klin-detstvo.ru
date: Tue, 25 Oct 2022 06:49:37 GMT
content-encoding: gzip
access-control-allow-credentials: true
x-slickjump-counter: sessions=1 d_device=1, loads=0 time=2 top=1, dcfp=0, dcfn=0
server: nginx/1.20.2
content-type: text/json; charset=utf-8

POST
H2 200 event
sjsmartcontent.org/wns/ 2 B
180 B 65ms
64ms Ping
text/plain 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/event
Requested by: Host: sjsmartcontent.org
URL: http://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://klin-detstvo.ru
date: Tue, 25 Oct 2022 06:49:37 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
content-type: text/plain; charset=UTF-8

GET
DATA 200
OK truncated Show response
/ Frame 3E49 94 B
94 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf1f49da04be2a1aa26188bbee0f46bc28cf1e7e5a957daa0483445471843b90

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html

GET
DATA 200
OK truncated Show response
/ Frame 2AC1 170 B
170 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b07fc73814501f6ae926a6ef5d1cb6df9ffe16c36b4796160715946e1c03ae6

Request headers

Referer: http://klin-detstvo.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame 3E49
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe
https://top-fwz1.mail.ru/counter2?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe

43 B
961 B

67ms
66ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe

Requested by

Host: text
URL: data:text/html,<img src='https://top-fwz1.mail.ru/counter?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe%27%20/%3E

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 06:49:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Tue, 25 Oct 2022 06:49:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3015210;pid=1218c9397fd445c023bb30b76a8b80fe
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 2AC1
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe
https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe&cs=1

35 B
376 B

29ms
28ms

Image
image/gif

136.243.148.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe&cs=1
Requested by: Host: text
URL: data:text/html,<img src='https://sync.1dmp.io/pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe%27%20/%3E
Protocol: H2
Server: 136.243.148.229 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.229.148.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Tue, 25 Oct 2022 06:49:37 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=9650c6fa-0307-429f-a7cd-02b8194310c0&brid=9793d77b-f9fc-4343-a4d3-9779efd2f770&pid=w&uid=1218c9397fd445c023bb30b76a8b80fe&cs=1
date: Tue, 25 Oct 2022 06:49:37 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

POST
H2 200 event
sjsmartcontent.org/wns/ 2 B
180 B 67ms
67ms Ping
text/plain 212.109.217.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL: https://sjsmartcontent.org/wns/event
Requested by: Host: sjsmartcontent.org
URL: http://sjsmartcontent.org/static/plugin-site/js/sjplugin.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.109.217.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS: tapeinotita7.slickjump.org
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: http://klin-detstvo.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://klin-detstvo.ru
date: Tue, 25 Oct 2022 06:49:38 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.2
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sjsmartcontent.org/wns/top2	1970-01-20 07:42:38	Name: wnid Value: 1218c9397fd445c023bb30b76a8b80fe
.sjsmartcontent.org/wns/tpx	1970-01-20 07:42:38	Name: wnid Value: 1218c9397fd445c023bb30b76a8b80fe
.sjsmartcontent.org/xpx	1970-01-20 07:42:38	Name: wnid Value: 1218c9397fd445c023bb30b76a8b80fe
klin-detstvo.ru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.fatlossremedies.com/	1970-01-20 07:41:12	Name: uuid Value: 81e7c4ee-4954-4d9b-ad83-46ed631eca66
.klin-detstvo.ru/	1970-01-20 06:59:26	Name: surfer_uuid Value: db08d926-c3eb-45ab-a41d-8ff280d74e9a
.klin-detstvo.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22http%3A%2F%2Fklin-detstvo.ru%2F%22%2C%22depth%22%3A1%7D
.klin-detstvo.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: ce80b799-4a83-4d6c-aa59-6dae106a61d1
.yandex.ru/	1970-01-20 16:34:00	Name: i Value: I7MLf5eYOW/LUzxAZa3sxEmjSid4/b11xPsUoUSdt15WBpiMlxyXsrJulUt8bdziEVmwxAjy2f6QrXgi+1fubLkJpTw=
.klin-detstvo.ru/	1970-01-20 16:19:36	Name: __gads Value: ID=119df3967c2f92aa-224c593455ce00f2:T=1666680574:RT=1666680574:S=ALNI_Mbs0r6APhFMzM5n41oi7iqzuz6ngw
.klin-detstvo.ru/	1970-01-20 16:19:36	Name: __gpi Value: UID=00000b783e96074e:T=1666680574:RT=1666680574:S=ALNI_MaXKc2Z5vuEw58N4klBFQulxs3y-w
.doubleclick.net/	1970-01-20 06:58:01	Name: test_cookie Value: CheckForPermission
.klin-detstvo.ru/	1970-01-20 15:43:36	Name: _ym_uid Value: 1666680574473546648
.klin-detstvo.ru/	1970-01-20 15:43:36	Name: _ym_d Value: 1666680574
.mc.yandex.com/	1970-01-20 06:58:01	Name: sync_cookie_csrf Value: 3837269016fake
.klin-detstvo.ru/	1970-01-20 06:59:12	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 06:58:01	Name: sync_cookie_csrf Value: 1357303752fake
.yandex.com/	1970-01-20 15:43:36	Name: yandexuid Value: 9645412741666680574
.yandex.com/	1970-01-20 15:43:36	Name: yuidss Value: 9645412741666680574
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 790656081666680574
.yandex.com/	1970-01-20 16:34:00	Name: i Value: xjn8P6+WpVzqtVCY0Dq+fjBuEpIWcIgVWi93yV3SC+HBw25V7QjPrnZPXrNVJC34zFOY2fkdd2w442Y0RKxEpi4UEps=
.yandex.com/	1970-01-20 15:43:36	Name: ymex Value: 1698216574.yrts.1666680574#1698216574.yrtsi.1666680574
.sjsmartcontent.org/	1970-01-20 07:42:38	Name: wnid Value: 1218c9397fd445c023bb30b76a8b80fe
.1dmp.io/	1970-01-20 15:43:36	Name: uid Value: 3151ab80-5431-11ed-acfd-901b0e8b2a6e
.mail.ru/	1970-01-20 15:45:02	Name: VID Value: 3a8X0p1dTiID00000i1OL4YD:::0-0-0-871dfc1:CAASEAZQmHkSFG7ADXZEsaYNdfMaYJ05foo_BLpVCkpvEBRKi7UI1R4qjK7Gd4L9841koPKjdi8IyH_oGI75vo8lHHpvFvH3lavCTQxS-3xkXEh58hXVbrZA7F9v-BThU4RkHLC6ILlxpMenG7x28GBUbsJ-4g

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5972419208534160&output=html&adk=1812271804&adf=1573534164&lmt=1666680573&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fklin-detstvo.ru%2F&ea=0&pra=5&wgl=1&dt=1666680573797&bpp=4&bdt=384&idt=143&shv=r20221020&mjsv=m202210170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=791187226784&frm=20&pv=2&ga_vid=1566988473.1666680574&ga_sid=1666680574&ga_hid=1615146621&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531705%2C31070437%2C44772269%2C44775016&oid=2&pvsid=1358963706152789&tmod=1242020877&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=170 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9802.-WzkjU_h0-0RESXJrQz6qr9z-RQIscCN-kWdCjk_WdmrYL4srEjAdepwKz5s_Xt_Rb2ZuoRtylugq4J3GLCujg%2C%2C.VigJsL2vlRInkGC3A3zqiALzkpI%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fatlossremedies.com
googleads.g.doubleclick.net
hhnhxu.com
klin-detstvo.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rotarb.bid
sjsmartcontent.org
sync.1dmp.io
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google.com
yandex.ru
yastatic.net
136.243.148.229
178.62.225.201
212.109.217.26
217.172.25.35
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
46.4.104.244
62.76.25.28
95.163.52.67
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0db7ebe4e17aca991ae25c6e463382c73a39c9d71fee5d7dd9d6d9f228371c9e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29f38630dc906938ba8b9a474e0b6a7f764afc2efa8f939adea18bdcce89c9e5
2e7110dcfd188f0a768a7e3b4ce17d8f64cd4652167170300a5ba5060c295ae4
3423b4766c9bf4862400273b8e39f9353f044676759044ec0c60ac13ee6ba446
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
360a50055d32be58c5b0f78c54c096feeac74c8abc995d8d796494263f0d7ba4
3df65d7d6add27dd11c6f6a174f7940f193a6283948ad989f1462923cde8f229
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4686baa1871b0e0ee30f9ab1261748068d0b0097935614a0b082778d06e19ed0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551cdbb16c8a9454678663aa07956177676969352f44c67d68e1b969ad7f1347
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56955675f41f5ee2930b6cdeeb743cff4101b3b037d1c9fe18f2429bde99ec9f
5a6f5d09e9a2fe3c649c80d0172bda7faf99040c8f45c175efede441a729ff8a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
6c374a8ed2d41901c8351d8f429d9a2d93ed412460857b343ad30bc46b98bfd4
706d32c25732e1c6e4f308c7efc13f26d5793060a137c4d52b791e4db892eacc
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
72e2f12e7e1b4dc228905703ccf2cf3c2064e5e17f664c89bebea59437960558
7b07fc73814501f6ae926a6ef5d1cb6df9ffe16c36b4796160715946e1c03ae6
7d238e8dec291ed662a6f83f91477087ac4e7cb5637e7e77dabfd05f34d98bfb
7fcc4995f4504f750d67e94df22aa7e076cdb619c318edaf32a2da7c93033efb
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
92567833cdb642f43e56b6907245ce9f595f39c8ca6657a2c4a461d7cc9b3283
9bfb643835ac8f5c0e94d08e222a9a146e7d2e32dc310aec3c3b9e481b9980a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b6e169ac07a49b2c9d2b726bb3c384097badcc093dc6322c9a2ba066ae8e06a8
bac87240d43f2059419ce7f7fdc63e99966069af39def1f6bcbc59eed1f69cfc
c08d21648a565e1066a1e5a1f8ccb9f3e67e5178c08dec638aebee94eb18ee36
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
cb4a6a82663f4aeeb4cc311c6e55c023cdc4a90351906dcfc212619a0891f0a9
cf1f49da04be2a1aa26188bbee0f46bc28cf1e7e5a957daa0483445471843b90
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
dbef6976765800088eccf1878526d1aa79e1c02109c2b5896a1cdb6086ae25f5
df9cda6fec9254ad74f4f9904edc33e9ba1ce9d12ca3470b87d18b12b4bdaafa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec440fc50e56a83bca07e825b111c7cc5908db7e796a1633ee4fbd0ab2483733
ec7ef7aa5fd1e019f1c26193e95e46d481d4983673936a9dda086705ada6e3d5
f0aaf88c113278f28ec0cf012582c29dbd564e83df5ddbdfe310623e2664cb2d
f50367f78a1894d59e970ce77130f919049db20a8c3caf289bf017520879a893
f631727b94c34691ab989c147f47dd2d047c712bbea3000ae08a7405c7865c3d
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fc736484b15c487c25384a915b92af24e0b18081d63955aea27eb48d4392fcf0
fe9042540c9b96ba4743e5e9777c50e7db05ac989256734c16ede5cd62c6bd3c

klin-detstvo.ru Open in urlscan Pro 217.172.25.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

50 %HTTPS

56 %IPv6

15 Domains

18 Subdomains

17 IPs

3 Countries

765 kBTransfer

2611 kBSize

25 Cookies

1 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

klin-detstvo.ru Open in urlscan Pro
217.172.25.35 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

50 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

17
IPs

3
Countries

765 kB
Transfer

2611 kB
Size

25
Cookies

56 HTTP transactions
2 data transactions