www.zarplata-online.ru Open in urlscan Pro
95.214.59.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdG...
Effective URL:
https://www.zarplata-online.ru/
Submission: On May 18 via manual (May 18th 2021, 12:32:21 pm UTC) from IL

Summary HTTP 169 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 28 domains to perform 169 HTTP transactions. The main IP is 95.214.59.132, located in Moscow, Russian Federation and belongs to ACTION-DIGITAL, RU. The main domain is www.zarplata-online.ru.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.zarplata-online.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.76.232.246 185.76.232.246	201193 (IPRJ-4-0) (IPRJ-4-0)
45	95.214.59.132 95.214.59.132	209684 (ACTION-DI...) (ACTION-DIGITAL)
5	95.214.58.142 95.214.58.142	209684 (ACTION-DI...) (ACTION-DIGITAL)
1 7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2 11	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	109.248.237.51 109.248.237.51	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
22	212.193.146.48 212.193.146.48	34879 (CCT-AS NG...) (CCT-AS NGENIX)
1 2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
4 13	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	185.76.234.248 185.76.234.248	201193 (IPRJ-4-0) (IPRJ-4-0)
1	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1 1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	44.238.7.162 44.238.7.162	16509 (AMAZON-02) (AMAZON-02)
1	185.221.86.2 185.221.86.2	206998 (NEW-2) (NEW-2)
169	34

1 185.76.232.246 (Russian Federation)

ASN201193 (IPRJ-4-0, RU)
PTR: kocka246.sndsy.ru

link.mail.zarplata-client-1.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 95.214.59.132 (Moscow, Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)

www.zarplata-online.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.26-2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ejournal.tool.vmcl.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.214.58.142 (Moscow, Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)

api.action-media.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Wjelsryp, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.51 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

s.luxupcdnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 212.193.146.48 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net

cdn.action-mcfr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.216 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.76.234.248 (Russian Federation)

ASN201193 (IPRJ-4-0, RU)
PTR: pusa248.sndsy.ru

image.sendsay.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

luxupcdnc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.238.7.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-7-162.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.86.2 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	zarplata-online.ru www.zarplata-online.ru	608 KB
35	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	291 KB
22	action-mcfr.ru cdn.action-mcfr.ru	251 KB
13	yandex.ru 3 redirects an.yandex.ru mc.yandex.ru	180 KB
11	yandex.com 3 redirects mc.yandex.com	4 KB
7	yastatic.net 1 redirects yastatic.net	193 KB
6	adfox.ru ads.adfox.ru	270 B
5	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	36 KB
5	action-media.ru api.action-media.ru	7 KB
4	yadro.ru 2 redirects counter.yadro.ru	3 KB
4	mail.ru top-fwz1.mail.ru ad.mail.ru	12 KB
4	luxupcdnc.com s.luxupcdnc.com luxupcdnc.com	58 KB
3	google.com 2 redirects www.google.com adservice.google.com	748 B
3	google-analytics.com 1 redirects google-analytics.com www.google-analytics.com ssl.google-analytics.com	18 KB
2	amplitude.com api2.amplitude.com	248 B
2	googletagservices.com www.googletagservices.com	63 KB
2	google.de www.google.de adservice.google.de	906 B
2	26-2.ru www.26-2.ru	19 KB
1	nr-data.net bam.eu01.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	googleadservices.com partner.googleadservices.com	644 B
1	yandex.net avatars.mds.yandex.net	17 KB
1	vmcl.ru ejournal.tool.vmcl.ru	1 KB
1	betweendigital.com ads.betweendigital.com	8 KB
1	sendsay.ru image.sendsay.ru	31 KB
1	googleapis.com fonts.googleapis.com	655 B
1	clickiocdn.com s.clickiocdn.com	125 KB
1	zarplata-client-1.ru link.mail.zarplata-client-1.ru	1 KB
169	28

	Domain	Requested by
42	www.zarplata-online.ru	link.mail.zarplata-client-1.ru www.zarplata-online.ru cdn.action-mcfr.ru
28	tpc.googlesyndication.com	link.mail.zarplata-client-1.ru googleads.g.doubleclick.net tpc.googlesyndication.com www.zarplata-online.ru pagead2.googlesyndication.com
22	cdn.action-mcfr.ru	www.zarplata-online.ru cdn.action-mcfr.ru
11	mc.yandex.com	3 redirects www.zarplata-online.ru mc.yandex.ru
11	an.yandex.ru	2 redirects www.zarplata-online.ru yastatic.net
7	pagead2.googlesyndication.com	yastatic.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	yastatic.net	1 redirects www.zarplata-online.ru yastatic.net
6	ads.adfox.ru	www.zarplata-online.ru
5	api.action-media.ru	www.zarplata-online.ru cdn.action-mcfr.ru
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	counter.yadro.ru	2 redirects www.zarplata-online.ru
3	luxupcdnc.com	s.luxupcdnc.com
3	top-fwz1.mail.ru	www.zarplata-online.ru top-fwz1.mail.ru
2	api2.amplitude.com	image.sendsay.ru
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	2 redirects
2	mc.yandex.ru	1 redirects www.zarplata-online.ru
2	www.26-2.ru	www.zarplata-online.ru
1	bam.eu01.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.zarplata-online.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	avatars.mds.yandex.net	www.zarplata-online.ru
1	www.google.de	www.zarplata-online.ru
1	stats.g.doubleclick.net	1 redirects
1	ssl.google-analytics.com	1 redirects
1	ejournal.tool.vmcl.ru	www.zarplata-online.ru
1	ad.mail.ru	yastatic.net
1	ads.betweendigital.com	yastatic.net
1	image.sendsay.ru	www.zarplata-online.ru
1	www.google-analytics.com	google-analytics.com
1	google-analytics.com	www.zarplata-online.ru
1	fonts.googleapis.com	www.zarplata-online.ru
1	s.luxupcdnc.com	www.zarplata-online.ru
1	s.clickiocdn.com	www.zarplata-online.ru
1	link.mail.zarplata-client-1.ru
169	37

This site contains links to these domains. Also see Links.

Domain
e.zarplata-online.ru
id2.action-media.ru
about.action360.ru
action-buh.ru
zarplatoved.ru
zen.yandex.ru
glavbuh.zarplata-online.ru
service.buhsoft.ru
provodki.zarplata-online.ru
calc.zarplata-online.ru
kbk.zarplata-online.ru
ads.adfox.ru
about.audit.glavbukh.ru
www.yandex.ru
action-reklama.ru
vk.com
ok.ru
www.facebook.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
zarplata-online.ru R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
api.action-media.ru R3	`2021-03-28` - `2021-06-26`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-03-03` - `2021-09-01`	6 months	crt.sh
s.clickiocdn.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
s.luxupcdna.com R3	`2021-04-28` - `2021-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
26-2.ru R3	`2021-04-08` - `2021-07-07`	3 months	crt.sh
cdn.action-mcfr.ru R3	`2021-04-28` - `2021-07-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
image.sendsay.ru Thawte RSA CA 2018	`2020-08-20` - `2021-08-25`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
tool.vmcl.ru R3	`2021-03-31` - `2021-06-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.avatars.mds.yandex.net Yandex CA	`2021-03-12` - `2021-09-10`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.adfox.ru Yandex CA	`2021-02-26` - `2021-08-08`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-13` - `2022-04-10`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
*.eu01.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.zarplata-online.ru/
Frame ID: 66365F986D3E6F7731B56F1138870594
Requests: 133 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 3685A376618579DF5F10764D20CE7BCE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html
Frame ID: 64502B4A2B63E34FA3CA7A863A651B33
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224
Frame ID: 861B4BD7A7D8A789781B4D4629CCC795
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html
Frame ID: D5FEB46417E52C10FA6D44295796D966
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js
Frame ID: A98FFAFEC72B35A9305B444965A74CB2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 923309A213F10005DB23C043B61BD9DE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1CE51AA41EAE9065A248E5635895190D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cH... Page URL
https://www.zarplata-online.ru/ Page URL
https://www.zarplata-online.ru/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

169
Requests

99 %
HTTPS

56 %
IPv6

28
Domains

37
Subdomains

34
IPs

7
Countries

1933 kB
Transfer

5324 kB
Size

26
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://e.zarplata-online.ru/889572?utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=panel_id2&utm_term=panel_id2
Title: До 20 мая сдайте новый отчет

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/Feedback?fp=0

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/Account/Registration?appid=21&callbackurl=https%3A%2F%2Fwww.zarplata-online.ru%2F%3Ffrom%3DPW_Click&form=4&rand=934db04b3ae1443d041784c403f3e322&sig=098a627b4b183a060c8d107f3f0f7090&utm_source=&utm_campaign=&utm_medium=&utm_term=&utm_content=&from=PW_Click
Title: Зарегистрироваться

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/Account/Registration?appid=21&callbackurl=https%3A%2F%2Fwww.zarplata-online.ru%2F%3Ffrom%3DPW_Click_doskroll&form=4&rand=934db04b3ae1443d041784c403f3e322&sig=e3abfd7f661eb47a109e59fcddbba328&utm_source=&utm_campaign=&utm_medium=&utm_term=&utm_content=&from=PW_Click_doskroll
Title: Зарегистрироваться

Search URL Search Domain Scan URL

URL: https://about.action360.ru/?from=logo_top_link&utm_medium=refer&utm_source=zarplata-online.ru&utm_campaign=logo&utm_content=top_link
Title:

Search URL Search Domain Scan URL

URL: https://action-buh.ru/?from=logo_top_link&utm_medium=refer&utm_source=zarplata-online.ru&utm_campaign=logo&utm_content=top_link
Title: Бухгалтерия

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/?utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=header_esite
Title: Как бухгалтеру защитить персданные работников

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=890273&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=header_esite
Title: Аванс за май 2021 года считайте по особым правилам

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=890529&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=header_esite
Title: С 1 мая указывайте в платежках только новые реквизиты

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=890627&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=header_esite
Title: Психолог и сисадмин рассказали, как защитить персданные работников, когда все вокруг отвлекает

Search URL Search Domain Scan URL

URL: http://zarplatoved.ru/?from=main_menu_zarp&utm_campaign=main_menu_zarp
Title: Школа зарплатоведа

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/zarplata-online.ru
Title: Яндекс.Дзен

Search URL Search Domain Scan URL

URL: https://glavbuh.zarplata-online.ru/
Title: Все изменения - 2021

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890273?utm_source=www.zarplata-online.ru&utm_medium=refer&utm_campaign=statbloc&utm_content=topmenu_link&utm_term=topmenu_link_demo
Title: Аванс за май 2021 года считайте по особым правилам

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890627?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744054
Title: Как бухгалтеру защитить персданные работников

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/889572?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744229
Title: До 20 мая сдайте новый отчет

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890529?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744153
Title: С 1 мая указывайте в платежках только новые реквизиты

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890526?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744348
Title: Семь подсказок бухгалтеру, чтобы не было проблем с алиментами

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890490?&from=left_rubricator_zp&utm_medium=refer&utm_source=zarp&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744298
Title: Когда нужно направить в ФСС новый реестр на выплату пособия

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890528?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744303
Title: ФСС задерживает выплату пособий. Кто виноват и что делать

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/890528?&from=left_rubricator_zp&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=statbloc&utm_term=left_rubricator_zp744378
Title: Сколько можно удержать за неотработанный отпуск

Search URL Search Domain Scan URL

URL: https://service.buhsoft.ru/?utm_source=www.zarplata-online.ru&utm_medium=refer&utm_campaign=TGB&utm_content=adv
Title:

Search URL Search Domain Scan URL

URL: http://provodki.zarplata-online.ru/?from=left_rubricator_zp&utm_medium=referer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=left_rubricator
Title: Банк проводок

Search URL Search Domain Scan URL

URL: http://calc.zarplata-online.ru/strah_staj.php?from=left_rubricator_zp&utm_medium=referer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=left_rubricator
Title: Cтраховой стаж

Search URL Search Domain Scan URL

URL: http://kbk.zarplata-online.ru/?from=left_rubricator_zp&utm_medium=referer&utm_source=www.zarplata-online.ru&utm_content=2&utm_campaign=left_rubricator
Title: Генератор КБК

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=876650&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Куда перечислять НДФЛ с дохода дистанционного работника

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=888843&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Как сравнивать с МРОТ зарплату и отпускные: вместе или отдельно

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=890528&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Сколько можно удержать за неотработанный отпуск

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=592423&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Как изменился больничный

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=740797&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Новое пособие на ребенка до трех лет

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=876615&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Как распрощаться с работником и избежать суда

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=890627&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Психолог и сисадмин рассказали, как защитить персданные работников, когда все вокруг отвлекает

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=882120&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: Новый работник потерял трудовую книжку. Как ее восстановить и посчитать страховой стаж для пособий

Search URL Search Domain Scan URL

URL: https://e.zarplata-online.ru/article.aspx?aid=331568&utm_medium=refer&utm_source=www.zarplata-online.ru&utm_campaign=statbloc&utm_content=paid_content_mainpage
Title: С какого аванса нужно удержать НДФЛ

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/252124/goLink?ad-session-id=1567941621341126768&hash=1e85929b805f232a&sj=R0idGsteX8b2e75AiNNj1phVqJ5ZCn7oGMHdEvY4D2dwkM68upQCoGgM9HAt1A%3D%3D&rand=eikxgam&rqs=xk-RwOk7S1XHs6NgvHF5ecSC-f8-cuo8&pr=dzlltxk&p1=bwiem&ytt=183618479589397&p5=jmsdk&ybv=0.14670&p2=fldc&ylv=0.14670&pf=https%3A%2F%2Fservice.buhsoft.ru%2Fmay50%2F%3Futm_source%3Dwww.zarplata-online.ru%26utm_medium%3Drefer%26utm_campaign%3Dbanner%26utm_content%3Dright_240%D1%85400%26utm_term%3Dmay2021

Search URL Search Domain Scan URL

URL: https://service.buhsoft.ru/otchetnost/?utm_source=www.zarplata-online.ru&utm_medium=refer&utm_campaign=banner&utm_content=right_240%D1%85400&utm_term=otchetnost

Search URL Search Domain Scan URL

URL: http://about.audit.glavbukh.ru/?utm_banner_640%D1%85480_refer_zarplata_statbloc_gl

Search URL Search Domain Scan URL

URL: http://www.yandex.ru/?add=163458

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/l/soglasie_na_obrabotku?id=4&site=https://www.zarplata-online.ru
Title: на обработку моих персональных данных

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/l/soglasie_na_rassilki?id=4&site=https://www.zarplata-online.ru
Title: новости и рассылки от медиагруппы Актион-МЦФЭР

Search URL Search Domain Scan URL

URL: http://action-reklama.ru/platform/zarplata/?utm_source=www.zarplata-online.ru&utm_medium=referral&utm_campaign=to%20advertisers
Title: Рекламодателям

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/feedback/?from=www.zarplata-online.ru
Title: Обратная связь

Search URL Search Domain Scan URL

URL: https://id2.action-media.ru/l/politika-mcfr/
Title: Политика обработки персональных данных

Search URL Search Domain Scan URL

URL: https://vk.com/zarplataonline_ru

Search URL Search Domain Scan URL

URL: https://ok.ru/zhurnalzar

Search URL Search Domain Scan URL

URL: https://www.facebook.com/zarplata.online/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1 Page URL
https://www.zarplata-online.ru/ Page URL
https://www.zarplata-online.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://an.yandex.ru/system/adfox.js

Request Chain 50

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=flde&puid1=&slotNumber=1&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwo%3D&utf8=%E2%9C%93 HTTP 302
https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=flde&puid1=&slotNumber=1&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwo%3D&utf8=%E2%9C%93

Request Chain 60

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1185%2C%22top%22%3A841%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldd&puid1=&slotNumber=4&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93 HTTP 302
https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1185%2C%22top%22%3A841%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldd&puid1=&slotNumber=4&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93

Request Chain 69

https://counter.yadro.ru/hit;action?t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.9465907246098542 HTTP 302
https://counter.yadro.ru/hit;action?q;t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.9465907246098542

Request Chain 70

https://counter.yadro.ru/hit?rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.1618733998281443 HTTP 302
https://counter.yadro.ru/hit?q;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.1618733998281443

Request Chain 80

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9277.j2eSjwZfafMPfcgZstClsju8l_9HXHT4JXBCnWzkzrQFfnqNTaV2Mnv5yWiGL8sL.v3RX3p6zolhtIXv8AbwgNPYMlJg%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9277.8oQ1y944h2Gk0n7KM8zzD7NrGZaJFjdL43DP0tD_jZsYc2YfJel0AlRPiR0tjMHjtPWKyi7TPv0yvze7i0QtFfb8ln5zyKMa33awL6SZuco%2C.H-OaOL6jO1ShRbUAMtVWrJqt04M%2C

Request Chain 93

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=264563801&utmhn=www.zarplata-online.ru&utme=8(User%20Type*3!User%20Type%20byEvent*BitrixID)9(visitor*3!member_null*0)11(2*3!2*2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B&utmhid=23342685&utmr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&utmp=%2F&utmpg=1:%D0%BD%D0%B5%D1%82%20%D1%82%D0%B5%D0%B3%D0%B0,2:%D0%BD%D0%B5%D1%82%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%B0&utmht=1621341127510&utmac=UA-31417318-1&utmcc=__utma%3D70043158.296014167.1621341127.1621341127.1621341127.1%3B%2B__utmz%3D70043158.1621341127.1.1.utmcsr%3Dlink.mail.zarplata-client-1.ru%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3B&utmjid=583906421&utmredir=1&utmu=qREAAAAAAAAAAAAAAAAAABAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801&slf_rd=1&random=2196231687

Request Chain 96

https://mc.yandex.com/watch/207712?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A1065460833%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B HTTP 302
https://mc.yandex.com/watch/207712/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A1065460833%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B

Request Chain 97

https://mc.yandex.com/watch/1875979?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1815%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341127%3Ac%3A1%3Arn%3A938769170%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Ads%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C935%2C%2C%2C%2C%2C%3Adsn%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C832%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B HTTP 302
https://mc.yandex.com/watch/1875979/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1815%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341127%3Ac%3A1%3Arn%3A938769170%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Ads%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C935%2C%2C%2C%2C%2C%3Adsn%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C832%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

169 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 5008202,1701038919,208981,
link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/ 514 B
1 KB 257ms
80ms Document
text/html 185.76.232.246
IPRJ-4-0

General

Check archive.org

Show headers Download Go to

Full URL: http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1
Protocol: HTTP/1.1
Server: 185.76.232.246 , Russian Federation, ASN201193 (IPRJ-4-0, RU),
Reverse DNS: kocka246.sndsy.ru
Software: nginx /
Resource Hash

Request headers

Host: link.mail.zarplata-client-1.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Tue, 18 May 2021 12:32:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Dec 1994 00:00:00 GMT
Set-Cookie: plc=actionmedia,5008202,1701038919,208981; path=/; SameSite=None; Secure; expires=Wed, 18 May 2022 12:32:04 GMT sendsay_mrtr=actionmedia,208981; domain=.mail.zarplata-client-1.ru; path=/; SameSite=Lax; Secure; expires=31-Dec-2097 23:59:55 GMT
Refresh: 0;URL=https://www.zarplata-online.ru/
Referrer-Policy: unsafe-url
Content-Language: ru

GET
H/1.1 200
OK Cookie set / Show response
www.zarplata-online.ru/ 3 KB
1 KB 227ms
62ms Document
text/html 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/
Requested by: Host: link.mail.zarplata-client-1.ru
URL: http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8388aa0540845d02e4c9a6b86ac4c969f8fefcefc93b0187020aafdb0fc4a1c8

Request headers

Host: www.zarplata-online.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1

Response headers

Server: nginx
Date: Tue, 18 May 2021 12:32:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: fp_http_referer=http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;Domain=www.zarplata-online.ru;Path=/;SameSite=Lax;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=www.zarplata-online.ru;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=.www.zarplata-online.ru;Secure;
X-Operation-Id: 7579db82b65810d7c8f742dfe20256c8
Content-Encoding: gzip

GET
H/1.1 200
OK callback Show response
api.action-media.ru/ 262 B
2 KB 139ms
46ms XHR
application/json 95.214.58.142
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.action-media.ru/callback
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.58.142 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: ac1aa7453742763c0f17b84bd4b9c232f852a81e1c3e0048058a3b682336ac9f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:04 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 424cc15e7cc618a1c3a58e301a7fe1ce
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Expose-Headers: Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Encoding, Content-Language, Content-Length, Content-Type, Date, Set-Cookie, Server, Status, X-Forwarded-For, X-Operation-Id, X-XSS-Protection
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 30
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Content-Type, Cookie, DNT, Pragma, Referer, User-Agent, X-Forwarded-For

GET
H/1.1 200
OK Cookie set auth_sync
www.zarplata-online.ru/_api/auth/logics/ 0
716 B 57ms
57ms XHR
text/plain 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/_api/auth/logics/auth_sync?robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.zarplata-online.ru/
Cookie: fp_http_referer=http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:04 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 332f264cced8a138234ba118361c719d
Transfer-Encoding: chunked
Content-Type: text/plain
Set-Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac;Domain=.zarplata-online.ru;Path=/;SameSite=Lax;Expires=Thu, 31 Dec 2099 23:59:59 GMT;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=www.zarplata-online.ru;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=.www.zarplata-online.ru;Secure;
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.zarplata-online.ru/ 731 KB
158 KB 1272ms
1272ms Document
text/html 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 163dd8588e14318c1540f963aa426fcf3d255ea1fe77a3ea23b1c094d6455c51

Request headers

Host: www.zarplata-online.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.zarplata-online.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: fp_http_referer=http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1; robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zarplata-online.ru/

Response headers

Server: nginx
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; path=/ ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; expires=Wed, 18-May-2022 12:32:05 GMT; Max-Age=31536000; path=/; domain=zarplata-online.ru; secure; HttpOnly ASE_userLastVisit=2021-05-18+15%3A32%3A05; expires=Wed, 18-May-2022 12:32:05 GMT; Max-Age=31536000; path=/; domain=zarplata-online.ru ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D; path=/; domain=zarplata-online.ru fp_http_referer=http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;Domain=www.zarplata-online.ru;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=www.zarplata-online.ru;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=.www.zarplata-online.ru;Secure;
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Last-Modified: Tue, 18 May 2021 11:23:37 GMT
X-Operation-Id: 3181358d89d6d35c0d039721d8953a09
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
www.zarplata-online.ru/assets/44b59cdc/modules/npd/widgets/views/NpdWidget/assets/css/ 2 KB
1 KB 129ms
44ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/npd/widgets/views/NpdWidget/assets/css/styles.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5895f8084c427bfdaea3bdcfedd845d5da72c4288d914152c03a8035d270b3ae

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 5843c177aa73ce16426b305c8f2dc1ed
ETag: W/"609bcb9f-827"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2

200

adfox.js Show response
an.yandex.ru/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://an.yandex.ru/system/adfox.js

255 KB
67 KB

140ms
53ms

Script
text/javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/adfox.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7f3dc88458873499d9a3d2762d5a04082f334dd421d4df93fb996645d1218022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 47004039
x-yandex-req-id: 1621341126590965-1254249589667323774000112-production-app-host-vla-pcode-89
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 May 2021 13:32:06 GMT

Redirect headers

date: Tue, 18 May 2021 12:32:06 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://an.yandex.ru/system/adfox.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 header-bidding.js Show response
yastatic.net/pcode/adfox/ 143 KB
32 KB 173ms
82ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/header-bidding.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8f10bfcf22bce574752c355781067a6789e29dde1a58cb04dace2e336823c9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 32426
last-modified: Thu, 01 Apr 2021 15:37:05 GMT
server: nginx/1.17.9
etag: "e8015ff5ddcaff9817adaf717519d7c5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 May 2021 13:27:40 GMT

GET
H2 200 360.js Show response
s.clickiocdn.com/t/204213/ 324 KB
125 KB 57ms
17ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/204213/360.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Wjelsryp, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: d0c95c800b4d813cc6e11a6db3384af0191aca0d123c07b548a208897aa22363

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 09:11:38 GMT
server: nginx/1.16.0
etag: W/"60a384ca-511ce"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Tue, 18 May 2021 13:02:06 GMT

GET
H2 200 common_402.js Show response
s.luxupcdnc.com/t/ 140 KB
58 KB 197ms
79ms Script
application/javascript 109.248.237.51
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.luxupcdnc.com/t/common_402.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

109.248.237.51 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

427f6a0d7ae2536853e1fc27fc9f68eb57890e966fae0b811609f8d890efbaa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 14:29:21 GMT
server: nginx
etag: W/"607d93c1-22ea2"
strict-transport-security: max-age=0; includeSubdomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: noneu
cache-control: max-age=1800
expires: Tue, 18 May 2021 13:02:06 GMT

GET
H/1.1 200
OK layouts.css
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/ 118 KB
18 KB 65ms
63ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9813ee0135ff9bfd69cb811d8b97f0eb37bd6d446b52e52767406cee1d87a52c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 5c82b5a34832de6ca8a4638000ffad05
ETag: W/"609bcb9f-1d7fa"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK styles.css
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/ 2 KB
1 KB 97ms
59ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/styles.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7c3b739562e5a30ad4b69a45e6b185089ca9547dfcd3aab12a88067363f1a073

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: dcecff42210c8ea2df030160170c52fb
ETag: W/"609bcb9f-906"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK fonts.css
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/ 0
374 B 137ms
71ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Server: nginx
X-Operation-Id: 684005ced6abe94984899f7dabfeb706
ETag: "609bcb9f-0"
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK layouts.article.css
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/ 33 KB
7 KB 141ms
50ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.article.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 70213da5b18c29a61b78f0c3c049e8010542feb796840d52fa7c545960169338

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 202bbff27d0e25daa474c159be1e60c8
ETag: W/"609bcb9f-821f"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK afterload.css
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/ 203 KB
37 KB 190ms
93ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/afterload.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0b02aa2ffa977483c0f852ca16ea43199ff3bb96973fd3370eced5b28bd34e1d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: c02fb9d09636a4754a63ac298668ec41
ETag: W/"609bcb9f-32ca8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK paywall.css
www.zarplata-online.ru/assets/44b59cdc/assets/css/ 25 KB
6 KB 142ms
45ms Stylesheet
text/css 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/css/paywall.css
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7b228a00fe909590f0a7510c6fce3bc42d2e405a30cdc3c23ae833de649e0db1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 6e073543cc646d30d62e7490c0b7ee7e
ETag: W/"609bcb9f-6495"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK logo-mobile.png
www.zarplata-online.ru/themes/zarplata-online_ru/assets/frontend/images/ 1 KB
2 KB 62ms
57ms Image
image/png 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/themes/zarplata-online_ru/assets/frontend/images/logo-mobile.png
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: c0f7bbf569c09936a52c13ca35fc4c5815be11f01e4587d5c6d44a7a844ea0a3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: febeddf039dc59eb8b24248f91cdce32
ETag: W/"609b9e30-48a"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
655 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 18 May 2021 11:20:49 GMT
server: ESF
date: Tue, 18 May 2021 12:32:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 May 2021 12:32:06 GMT

GET
H/1.1 200
OK logo.png
www.zarplata-online.ru/themes/zarplata-online_ru/assets/frontend/images/ 4 KB
4 KB 56ms
50ms Image
image/png 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/themes/zarplata-online_ru/assets/frontend/images/logo.png
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4c25bb67d9e599d0be4ca6302293f44dbcd4e0347f1b02fd7b24aec99299aa02

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: bfb9b66955f37a28c6ae320aaa7376e9
ETag: W/"609b9e30-ea9"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK empty140x95.gif
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/images/ 178 B
556 B 55ms
50ms Image
image/gif 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/images/empty140x95.gif
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1fad31b9a89714b3c568ab8caa22d6e95ab7e2ceee5054ed39b3fae646990dc0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Server: nginx
X-Operation-Id: da4c8d97614173b5a7b37ab3fa9eaadb
ETag: "609bcb9f-b2"
Content-Type: image/gif
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 178
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK buhsoftlogo1.png
www.26-2.ru/images/logos/ 2 KB
3 KB 209ms
51ms Image
image/png 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.26-2.ru/images/logos/buhsoftlogo1.png
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5819771b7e613a3b74f973cf758c30212dfc93baa65b93bb67deec56ecd6dc47

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Oct 2020 14:40:14 GMT
Server: nginx
X-Operation-Id: 5a65f211abf381d98c59f5fb08576ab4
x-amz-request-id: tx00000000000008c911234-0060a3b3c6-1d725ad-msk2
ETag: W/"2bb5657b01c10abab0e96ca64636aeaa"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
H/1.1 200
OK 240400_otch2021.jpg
www.zarplata-online.ru/images/buhsoft/ 22 KB
22 KB 58ms
57ms Image
image/jpeg 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/images/buhsoft/240400_otch2021.jpg
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8eba1a687831d203fca47e148e9e672529dc7f3b3bc27f7124aa47cfd395f76b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Apr 2021 12:51:49 GMT
Server: nginx
X-Operation-Id: 43580e27154a03b701504f265dc0b9d8
x-amz-request-id: tx000000000000090c9e134-0060a3b3c6-1d41aaf-msk2
ETag: W/"e9b34cc1add910f100768cb892113541"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
H/1.1 200
OK BS-1-min.jpg
www.26-2.ru/images/banery/ 16 KB
16 KB 255ms
98ms Image
image/jpeg 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.26-2.ru/images/banery/BS-1-min.jpg
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: bf3d5278b985377eadaa08f5b5170a7ea43ead8175b88f6b934103955cfe57be

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Dec 2020 13:44:03 GMT
Server: nginx
X-Operation-Id: 13a136c082263b52f8642547fb92e572
x-amz-request-id: tx00000000000008c7448c9-0060a3b3c6-1d69f62-msk2
ETag: W/"5da2add2f67e5209293d50f4a6069c96"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
H/1.1 200
OK zarp-statblock-image-01.png
www.zarplata-online.ru/images/ 24 KB
24 KB 129ms
128ms Image
image/png 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/images/zarp-statblock-image-01.png
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 43b6cb6f1523425befb45e9e69fd5e2dc02988c31a6f723bcaf8a0c23a96c91c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Oct 2020 16:34:00 GMT
Server: nginx
X-Operation-Id: 4f25cc68761c2cb381ec7c229bc21fc3
x-amz-request-id: tx00000000000008c911227-0060a3b3c6-1d725ad-msk2
ETag: W/"6a56dbf328e0baad065c9be8878c72fc"
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate-1.4.1.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/jquery/ 10 KB
4 KB 49ms
49ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/jquery/jquery-migrate-1.4.1.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: c5c5b5e77926de4c7895a38373947e23
ETag: W/"609bcb9f-2748"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK jquery.scrollbar.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/jquery.scrollbar/ 12 KB
4 KB 58ms
57ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/jquery.scrollbar/jquery.scrollbar.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: c86f7463dc182123e1593d6a5bfaec051bfbc6cab397330fc2f2048a71fd791a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 20bb9fea13654b378694fd09c80a9827
ETag: W/"609bcb9f-2fd8"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/bootstrap/ 39 KB
11 KB 49ms
48ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/bootstrap/bootstrap.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 76d27f3e77c4a57faab1dffac7ad282d
ETag: W/"609bcb9f-9b00"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK sidebar.action.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/scripts/ 21 KB
6 KB 47ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/scripts/sidebar.action.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9f23b61ca860e3e79d9f1dfb005afa728be0b88af1488cfc7986fbea2e13304e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 1b00b4d36f8d2b7bddbf81ab9603fe32
ETag: W/"609bcb9f-527b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK vote.action.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/scripts/ 10 KB
3 KB 72ms
72ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/scripts/vote.action.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 80710e8d4021f51d90c78eeaef1096075976917a722dda460dd04d4010c414ad

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: cdbf000cd9bb5870e820caf7df3e747d
ETag: W/"609bcb9f-26ed"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK mobile.menu.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/overal/ 2 KB
1 KB 46ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/overal/mobile.menu.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: ac0afbe937bd11bf0b22834789d74bac74b679306fce6a76225e978392e313a7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: a9e75466d3553846c53f2c3d25a7fca5
ETag: W/"609bcb9f-701"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK images.loader.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/overal/ 2 KB
1 KB 45ms
45ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/overal/images.loader.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4ffeb702a10f3da1ec0602800d3e1ae338101b6f718f20fa597cc58300cb5f5b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 2c42968d980e015baefa02ff27e8b1ce
ETag: W/"609bcb9f-737"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK searchForm-custom.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/top/ 2 KB
976 B 50ms
50ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/action/top/searchForm-custom.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8ff712fcfef2da7f428a3ad324fc7aee37aea550b6620a765182b61fbcaaecc2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 1eedb2054fec586f9987f255793a20f0
ETag: W/"609bcb9f-734"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:07 GMT

GET
H/1.1 200
OK hideLink.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/js/ 740 B
746 B 76ms
76ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/js/hideLink.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 511a8d1f7240b915f88466534ab5d64632d84346e1ec3edeb0187859ab32609a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:07 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: bc98f655f228f31071bc81d639361e8e
ETag: W/"609bcb9f-2e4"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:07 GMT

GET
H/1.1 200
OK jquery.easie.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/js/ 2 KB
1 KB 46ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/js/jquery.easie.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 18801c6a8c909a0cf4e5506e45789bd17f389bff374320b0b8473c04a9cf4017

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 91901c55dcf438eb1111741d4ee037ff
ETag: W/"609bcb9f-6e2"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK AuthId2Form.js Show response
www.zarplata-online.ru/assets/44b59cdc/modules/id2Auth/assets/js/ 10 KB
3 KB 46ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/id2Auth/assets/js/AuthId2Form.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 77e4d6bac665ba03ded8aa7f600a99cf331307f1903bd63ea8368dda3ca9b11e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: b0147b86f0356b09ff4e029283b7564f
ETag: W/"609bcb9f-2937"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK admixture.js Show response
www.zarplata-online.ru/assets/44b59cdc/modules/window/widgets/views/WindowWidget/assets/js/ 3 KB
1 KB 46ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/window/widgets/views/WindowWidget/assets/js/admixture.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0d3093b20a7b1cace301205fc8a6a262b0ebac8970edae5cb23b49c00f4e00f4

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 2dc01daa7aaa19f82641da395cd4a11f
ETag: W/"609bcb9f-c1b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:07 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/js/ 21 KB
7 KB 48ms
48ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/js/jquery.validate.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: f050e1cf44584ee6b58ef820a394bd47
ETag: W/"609bcb9f-524c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK url.min.js Show response
www.zarplata-online.ru/assets/44b59cdc/assets/js/ 2 KB
2 KB 45ms
45ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/js/url.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 74430538de37319cc4a34b3affabafd491dc5c1c767df458dec4a617940f9685

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: dc69433f0317c94508cf538484de3854
ETag: W/"609bcb9f-9ed"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK SearchFormWidget.js Show response
www.zarplata-online.ru/assets/44b59cdc/modules/site/widgets/views/SearchFormWidget/assets/js/ 976 B
816 B 44ms
44ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/site/widgets/views/SearchFormWidget/assets/js/SearchFormWidget.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 14b341d6c4ca8de63f2f67b96c882fb94a05eba2759f8fb8924c58bcbd78e48d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: ae5d25d1091690a8933dfa3062d56178
ETag: W/"609bcb9f-3d0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK PollWidget.js Show response
www.zarplata-online.ru/assets/44b59cdc/modules/poll/widgets/views/PollWidget/assets/js/ 4 KB
1 KB 51ms
49ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/poll/widgets/views/PollWidget/assets/js/PollWidget.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 76c0a98410319447607f23ec916b7f8a461e5b152bf8abf5e23770fd8a9bdb62

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 81b69cdff1150289f3907ebfcf3acce3
ETag: W/"609bcb9f-f6a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:07 GMT

GET
H/1.1 200
OK DeliveryWidget.js Show response
www.zarplata-online.ru/assets/44b59cdc/modules/delivery/widgets/views/DeliveryWidget/assets/js/ 4 KB
2 KB 52ms
46ms Script
application/javascript 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/modules/delivery/widgets/views/DeliveryWidget/assets/js/DeliveryWidget.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1d4366bd030f17893c5a9e1352db2eb6f67da0a24cec4eab00d8df04be8ee087

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 2c41c83399417ff97b03966cc3590f7a
ETag: W/"609bcb9f-f88"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2 200 loader.js Show response
cdn.action-mcfr.ru/widgets/ 30 KB
11 KB 166ms
55ms Script
application/javascript 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/loader.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 9aae73532fa0e858463ac89248ba77d0856bfc1fe36ba6839198a35e97367fa5

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 15:08:00 GMT
server: nginx
x-amz-request-id: tx0000000000000015d4eb4-0060a3b233-3975a80e-default
etag: W/"b3d40a43c7b8cdb464fa61629d9c6b1c"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 6b20735d5f8c18038400.js Show response
yastatic.net/partner-code-bundles/14670/ 77 KB
17 KB 59ms
59ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14670/6b20735d5f8c18038400.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c8abcf3f7ff1842bcbc7267c65fcee425b22836664fe1d15aa919d62c9a6e086

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16850
last-modified: Mon, 17 May 2021 15:23:01 GMT
server: nginx/1.17.9
etag: "eac06fb743702a0f5c0fd00bee4940d5"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2051 19:07:52 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.80/ 29 KB
8 KB 117ms
113ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.80/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8120
last-modified: Wed, 13 Jan 2021 14:53:48 GMT
server: nginx/1.17.9
etag: "7fa61ab429a981f415ba1c49d1babdbb"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2051 19:03:24 GMT

GET
H2 200 fe35a65d5f94c59dec8d.js Show response
yastatic.net/partner-code-bundles/14670/ 12 KB
5 KB 79ms
79ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14670/fe35a65d5f94c59dec8d.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

037777f09d27126236beca101494002995765bb6f5e7dcb6e2fc676428c679c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4211
last-modified: Mon, 17 May 2021 15:23:01 GMT
server: nginx/1.17.9
etag: "789af657801615f812fc04412051552c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2051 19:07:48 GMT

GET
H2 200 3b89d24acdb4508978a3.js Show response
yastatic.net/partner-code-bundles/14670/ 404 KB
87 KB 95ms
95ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14670/3b89d24acdb4508978a3.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70ad6486ca6e6afc9a94f7e5d118592d223bc8997341a061ace70dd13ed015c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 88176
last-modified: Mon, 17 May 2021 15:23:01 GMT
server: nginx/1.17.9
etag: "8ea6dee003b9499b9cd86fb33703f49f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2051 19:07:48 GMT

GET
H2 200 8eba2c8c71809839a814.js Show response
yastatic.net/partner-code-bundles/14670/ 252 KB
43 KB 137ms
137ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/14670/8eba2c8c71809839a814.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4dd22f76e7e40da0f1f1fba289d254c2fefbc4701f02c167787278e7d698e03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 43551
last-modified: Mon, 17 May 2021 15:23:01 GMT
server: nginx/1.17.9
etag: "23270023868a10a01d6f16f58e88c283"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2051 19:07:49 GMT

GET
H2 200 ga.js Show response
google-analytics.com/ 45 KB
17 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://google-analytics.com/ga.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1328
date: Tue, 18 May 2021 12:09:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 18 May 2021 14:09:58 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
68 KB 46ms
46ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: br
last-modified: Fri, 14 May 2021 18:55:24 GMT
etag: "609e8948-11068"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69736
expires: Tue, 18 May 2021 13:32:06 GMT

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 22 KB
10 KB 142ms
47ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

05a886bace19c7470df6a82828fefee6b9ff29fcc8c50200ad01f86811734ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Tue, 13 Apr 2021 15:46:24 GMT
Server: nginx
ETag: W/"6075bcd0-580e"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Tue, 18 May 2021 13:32:06 GMT

GET
H/1.1 200
OK PTSans-Regular-latin-2.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 44 KB
44 KB 90ms
87ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/PTSans-Regular-latin-2.woff2
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 3fd542a7cf905ad1d6b23c1722a49a88
ETag: W/"609bcb9f-affc"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2

200

v2 Show response
an.yandex.ru/adfox/252124/getBulk/
Redirect Chain

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=1229015252&prr=http%3A%2...
https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=12290152...

171 B
274 B

96ms
95ms

XHR
application/json

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=flde&puid1=&slotNumber=1&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwo%3D&utf8=%E2%9C%93

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4ee96f9e28f0729ee5f15ec36d5b0787e7286fed00dc2980e6a9b8db7c36c01a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:06 GMT
location: https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.748%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1056079617&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A0%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=flde&puid1=&slotNumber=1&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwo%3D&utf8=%E2%9C%93
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:06 GMT

GET
H/1.1 200
OK PTSans-Regular-cyrillic.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 28 KB
28 KB 102ms
84ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/PTSans-Regular-cyrillic.woff2
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7a13279174940c2913595e88196ba9de5edcb06ee62a8b6b8a3fb43b49a597e9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 2ab52d36e1e5b677d5092cb39cbdab44
ETag: W/"609bcb9f-6f50"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 136 KB
38 KB 127ms
63ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e4429cbfd1ead9a9d034fbdf05409927f59345e73e122c902ad06d09cd7b1312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 3827042708
x-yandex-req-id: 1621341126908086-8117101858438429700112-production-app-host-sas-pcode-97
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 18 May 2021 13:32:06 GMT

GET
H/1.1 404
Not Found mainMenuBackground.png
www.zarplata-online.ru/images/ 224 B
224 B 82ms
75ms Image
application/xml 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/images/mainMenuBackground.png
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: a64d87c5a7aeeb6d315124369f1c1eceb1ae677e684aa8e5cc3e4d51efe5bd2a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Server: nginx
X-Operation-Id: 73dc800d618b77b308b62dfc07006db3
x-amz-request-id: tx00000000000008c7448d4-0060a3b3c6-1d69f62-msk2
Content-Type: application/xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224

GET
H/1.1 200
OK ptoday.ru_-1_preview.jpg
www.zarplata-online.ru/images/articles/162617/ 9 KB
9 KB 83ms
68ms Image
image/jpeg 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/images/articles/162617/ptoday.ru_-1_preview.jpg
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e5f7b5a52f0b40d3db325d46a04eb32b4bfe9362fd70dab772a8eed1d39318c8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 May 2021 22:14:27 GMT
Server: nginx
X-Operation-Id: 696a6d777ebc162fdc7e954c29dca826
x-amz-request-id: tx00000000000008c7448ce-0060a3b3c6-1d69f62-msk2
ETag: W/"17895e8c390d20ec18413c8fe1f43599"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
DATA 200
OK truncated
/ 612 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85bcdcb5222f3ef2485c774fbacfaaeae8c28f9fd26698be9a0ae9c0b429611c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK PTSans-Bold-latin.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 46 KB
46 KB 111ms
93ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/PTSans-Bold-latin.woff2
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 027198200d5c6dbf01bfc384db69ce94
ETag: W/"609bcb9f-b61c"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 75 KB
76 KB 74ms
49ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 745ab9172978d765a88bd44b6838de0d
ETag: W/"609bcb9f-12d68"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK WorkSans-ExtraLight-latin.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 22 KB
22 KB 88ms
58ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/WorkSans-ExtraLight-latin.woff2
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1ad0a9d456fbb5ecfde81dafa53851e775ce22a293675e7d833d06a30571c09a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: e0bc69612c0e782b6a9f65e87cfec2b7
ETag: W/"609bcb9f-576c"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H/1.1 200
OK PTSans-Bold-cyrillic.woff2
www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/ 29 KB
30 KB 68ms
50ms Font
application/octet-stream 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/fonts/PTSans-Bold-cyrillic.woff2
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: aaae2ea46474b0f58190b58cc3a1951b17441495abcbeb90ef0200508f295b3f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.zarplata-online.ru
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
Connection: keep-alive
Origin: https://www.zarplata-online.ru
Referer: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/css/layouts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 18 May 2021 12:32:06 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 1a672b7e0b7f4f0236516aeb0e4d67ba
ETag: W/"609bcb9f-74e0"
Transfer-Encoding: chunked
Content-Type: text/plain
Cache-Control: max-age=2592000 public max-age=31536000
Connection: keep-alive
Expires: Thu, 17 Jun 2021 12:32:06 GMT

GET
H2

200

v2 Show response
an.yandex.ru/adfox/252124/getBulk/
Redirect Chain

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=1229015252&prr=http%3A%2...
https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=12290152...

171 B
173 B

80ms
79ms

XHR
application/json

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1185%2C%22top%22%3A841%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldd&puid1=&slotNumber=4&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f514a08500a29fd7682c4ece60434dfc22ab77b44300425bec2f7283540340bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:06 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:06 GMT
location: https://an.yandex.ru/adfox/252124/getBulk/v2?redir-setuniq=1&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A06.816%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=1859607430&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1185%2C%22top%22%3A841%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldd&puid1=&slotNumber=4&bids=W10%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:06 GMT

GET
DATA 200
OK truncated
/ 599 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0420d4216b426be0af27e46d87e3f893c7f72eec7a1bfd6fac3abc553c4b252d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9a8efe183065e5c1a5ab75b70f1dc87cc68c72b444efd7a6487bd77ae76f5f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 inpage_linkid.js Show response
www.google-analytics.com/plugins/ga/ 1 KB
849 B 8ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ga/inpage_linkid.js

Requested by

Host: google-analytics.com
URL: https://google-analytics.com/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 11:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2903
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 697
x-xss-protection: 0
expires: Tue, 18 May 2021 12:43:44 GMT

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ecc3a3ffba8ab96280fe7fade30d82a3efaf381e16ef79902a4766742ef23d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 966 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 623 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

hit;action
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;action?t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25s...
https://counter.yadro.ru/hit;action?q;t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb2...

132 B
586 B

51ms
51ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;action?q;t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.9465907246098542

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 May 2021 12:32:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Sun, 17 May 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 May 2021 12:32:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;action?q;t44.6;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.9465907246098542
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 17 May 2020 21:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s160...
https://counter.yadro.ru/hit?q;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1...

43 B
496 B

45ms
45ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.1618733998281443

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 May 2021 12:32:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 17 May 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 May 2021 12:32:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;rhttp%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;s1600*1200*24;uhttps%3A//www.zarplata-online.ru/;h%22%u0417%u0430%u0440%u043F%u043B%u0430%u0442%u0430%22%20-%20%u041F%u0440%u0430%u043A%u0442%u0438%u0447%u0435%u0441%u043A%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0434%u043B%u044F%20%u0431%u0443%u0445%u0433%u0430%u043B%u0442%u0435%u0440%u043E%u0432%20%u043E%20%u0440%u0430%u0441%u0447%u0435%u0442%u0435%20%u0437%u0430%u0440%u043F%u043B%u0430%u0442%u044B;0.1618733998281443
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 17 May 2020 21:00:00 GMT

GET
H/1.1 200
OK sdk.min.js Show response
image.sendsay.ru/app/js/sdk/ 31 KB
31 KB 259ms
94ms Script
application/javascript 185.76.234.248
IPRJ-4-0

General

Check archive.org

Show headers Download Go to

Full URL: https://image.sendsay.ru/app/js/sdk/sdk.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.76.234.248 , Russian Federation, ASN201193 (IPRJ-4-0, RU),
Reverse DNS: pusa248.sndsy.ru
Software: nginx /
Resource Hash: 44c277a589048d47753252efcc9ecf148937e56afdc20c1918e23f8887754519

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
Last-Modified: Thu, 25 Feb 2021 09:35:15 GMT
Server: nginx
ETag: "60376f53-7b0d"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: close
Accept-Ranges: bytes
Content-Length: 31501
Expires: Tue, 18 May 2021 13:02:15 GMT

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/ 1 KB
672 B 152ms
50ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 0f32b7ea4e675e62b509a7b23d5e305d2403036cfdfecc0958deec608ceddd91

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 13:40:25 GMT
server: nginx
x-amz-request-id: tx0000000000000015cc54e-0060a3aba3-3975a80e-default
etag: W/"47b19385ab447f7032f0743a201ad992"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/ 1 KB
671 B 152ms
51ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 0f32b7ea4e675e62b509a7b23d5e305d2403036cfdfecc0958deec608ceddd91

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 13:40:25 GMT
server: nginx
x-amz-request-id: tx0000000000000015cc54e-0060a3aba3-3975a80e-default
etag: W/"47b19385ab447f7032f0743a201ad992"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/ 1 KB
671 B 152ms
51ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 0f32b7ea4e675e62b509a7b23d5e305d2403036cfdfecc0958deec608ceddd91

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 13:40:25 GMT
server: nginx
x-amz-request-id: tx0000000000000015cc54e-0060a3aba3-3975a80e-default
etag: W/"47b19385ab447f7032f0743a201ad992"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/ 1 KB
671 B 151ms
50ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 0f32b7ea4e675e62b509a7b23d5e305d2403036cfdfecc0958deec608ceddd91

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 13:40:25 GMT
server: nginx
x-amz-request-id: tx0000000000000015cc54e-0060a3aba3-3975a80e-default
etag: W/"47b19385ab447f7032f0743a201ad992"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-ngenix-storage: ADC

POST
H2 200 adjson Show response
ads.betweendigital.com/ 15 KB
8 KB 44ms
19ms XHR
application/json 188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: fcadc0ac7ff81695e561900e77299d7f5efe78c002b1be78e8a45fb9a2871120

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.zarplata-online.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
345 B 136ms
48ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 973937f4e3b68343f9377d13796a0b379f476d7972714b7c630784fdf4eec4b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 175 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 587d7d0b96531a1d9f92d5a0b88594c34c7360a2b141ee48099412b3c6046d72

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9277.j2eSjwZfafMPfcgZstClsju8l_9HXHT4JXBCnWzkzrQFfnqNTaV2Mnv5yWiGL8sL.v3RX3p6zolhtIXv8AbwgNPYMlJg%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9277.8oQ1y944h2Gk0n7KM8zzD7NrGZaJFjdL43DP0tD_jZsYc2YfJel0AlRPiR0tjMHjtPWKyi7TPv0yvze7i0QtFfb8ln5zyKMa33awL6SZuco%2C.H-OaOL6jO1ShRbUAMtVWrJqt04M%2C

43 B
332 B

51ms
49ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9277.8oQ1y944h2Gk0n7KM8zzD7NrGZaJFjdL43DP0tD_jZsYc2YfJel0AlRPiR0tjMHjtPWKyi7TPv0yvze7i0QtFfb8ln5zyKMa33awL6SZuco%2C.H-OaOL6jO1ShRbUAMtVWrJqt04M%2C

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9277.8oQ1y944h2Gk0n7KM8zzD7NrGZaJFjdL43DP0tD_jZsYc2YfJel0AlRPiR0tjMHjtPWKyi7TPv0yvze7i0QtFfb8ln5zyKMa33awL6SZuco%2C.H-OaOL6jO1ShRbUAMtVWrJqt04M%2C
date: Tue, 18 May 2021 12:32:07 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
luxupcdnc.com/hbadx/ 47 B
158 B 179ms
50ms Script
text/html 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/hbadx/?f=__lxG__.tmp.pol_2hbluvhfaoofgh9b&rt=112734356&site_id=204213&title=%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B&r=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&l=https%3A%2F%2Fwww.zarplata-online.ru%2F
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7dbc419f9a961f785c05199a65e3040bdf061289641aa2a13ce777e830590dbe

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:37 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=ISO-8859-1

GET
H2 200 207712 Show response
an.yandex.ru/meta/ 141 B
664 B 153ms
153ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/207712?grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&target-ref=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&pcode-test-ids=360908%2C0%2C54%3B362215%2C0%2C34%3B362535%2C0%2C76%3B356720%2C0%2C94%3B356980%2C0%2C38%3B330366%2C0%2C22%3B351579%2C0%2C29%3B356678%2C0%2C52&pcode-flags=%7B%22ACTIVE_TESTIDS_FORMAT%22%3A%22ssrBillboard%22%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22SMART_BANNER_CAROUSEL%22%3A%22control%22%2C%22SMART_BANNER_IMAGE%22%3A%22control%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22float%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=7102885401621341126&duid=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D&imp-id=1&enable-flat-highlight=1&test-tag=183618441838594&ad-session-id=1567941621341126768&target-id=93984257&tga-with-creatives=1&pcode-version=14670&pcodever=14670&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A750%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A765%2C%22top%22%3A2661%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B3561056900203%5D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

df9a270288c9088819e838d444f9046f3efb9afd86b68c48cd284c1815e8db11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1621341127418876-60768136959837887000193-production-app-host-vla-pcode-80
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 47ms
46ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3080093;u=https%3A//www.zarplata-online.ru/;r=http%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;st=1621341127188;title=%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=c712b21e6862d777;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9//4g/0/0/;lvid=1621341127406%3A1621341127428%3A1%3Aa9a1db0251e4e9d198f59f1bbc6f785c;_=0.1601765847362997

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.zarplata-online.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.zarplata-online.ru
Keep-Alive: timeout=60

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
133 B 46ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Fri, 14 May 2021 18:55:24 GMT
etag: "609e8948-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 18 May 2021 13:32:07 GMT

GET
H/1.1 200
OK ZP_05_2021.jpg
www.zarplata-online.ru/images/site/header_oblojki/ 18 KB
18 KB 59ms
58ms Image
image/jpeg 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zarplata-online.ru/images/site/header_oblojki/ZP_05_2021.jpg
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: db0fa2bf9386f8cc4781532da6c925c5728cc48733f2cf449a2195d76f32a039

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D; _ym_uid=1621341127806057264; _ym_d=1621341127; __lxGr__ses=ks37rk444g9or7i112734054; __lxGr__var_600453=_600453; __lxGr__var_600459=_600459; __lxGr__var_661408=_661415; tmr_lvid=a9a1db0251e4e9d198f59f1bbc6f785c; tmr_lvidTS=1621341127406; tmr_reqNum=1
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 08:08:35 GMT
Server: nginx
X-Operation-Id: e76f2fef7012092714b569d280eb059b
x-amz-request-id: tx000000000000090c9e1a0-0060a3b3c7-1d41aaf-msk2
ETag: W/"5f7459c833e313a7970c865a28870132"
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: max-age=31536000
x-rgw-object-type: Normal
Connection: keep-alive

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252124/getBulk/ 6 KB
2 KB 210ms
206ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A07.447%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=739488840&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A990%2C%22h%22%3A0%2C%22width%22%3A990%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A305%2C%22top%22%3A175%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldb&puid1=&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjkyMjg3MywicmVzcG9uc2VfdGltZSI6MjMwLCJiaWQiOjAsImN1cnJlbmN5IjoiUlVCIiwidW5pdCI6MSwicGxhY2VtZW50X2lkIjoiMzc5MTU1MCJ9XQ%3D%3D&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93&duid=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c6711f367b9452167e060d52a18fa60e7661dc6134c621b2ba480b0728c91c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/252124/getBulk/ 2 KB
1 KB 163ms
162ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/252124/getBulk/v2?dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&date=2021-05-18T14%3A32%3A07.453%2B02%3A00&pd=18&pdh=1200&pdw=1600&pr1=2221720496&pr=1229015252&prr=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&pv=14&pw=2&extid_loader=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D&extid_tag_loader=www.zarplata-online.ru&ylv=0.14670&ybv=0.14670&ytt=183618479589397&is-turbo=0&skip-token=&ad-session-id=1567941621341126768&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A240%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1185%2C%22top%22%3A811%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=14670&pp=g&ps=ckuv&p2=fldc&puid1=&slotNumber=3&bids=W3siY2FtcGFpZ25faWQiOjkyMjg3MywicmVzcG9uc2VfdGltZSI6MjI4LCJiaWQiOjAsImN1cnJlbmN5IjoiUlVCIiwidW5pdCI6MSwicGxhY2VtZW50X2lkIjoiMzc5MTU0OSJ9LHsiY2FtcGFpZ25faWQiOjgyNDQwNCwicmVzcG9uc2VfdGltZSI6MjM1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiNzM2Mzk3In1d&grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&utf8=%E2%9C%93&duid=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3e3c3c659b88505aed194d76647b52be30e416be1cc4b822f156a6126f87896b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/auth-button/latest/ 30 B
314 B 134ms
134ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/latest/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Tue, 28 Jan 2020 13:17:58 GMT
server: nginx
x-amz-request-id: tx00000000000000085cf8a-0060a3b33b-3de44544-default
etag: "a4491fabe18c7b40df08f874b8c956e4"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/favorite/latest/ 27 B
311 B 134ms
134ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/favorite/latest/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: a64f018a3f0c1fc9340f88963c5c28895b21c3ef7c024078bcfaad2f5b03fb6d

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Thu, 30 Jan 2020 11:42:16 GMT
server: nginx
x-amz-request-id: tx00000000000000084bba4-0060a3a697-3de44544-default
etag: "8d486c3a57663e012587335ecb417acb"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/marketing-lib/latest/ 30 B
314 B 134ms
134ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-lib/latest/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Tue, 28 Jan 2020 13:18:05 GMT
server: nginx
x-amz-request-id: tx000000000000000156587-0060a3b33e-3e38fb39-default
etag: "a4491fabe18c7b40df08f874b8c956e4"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/latest/ 30 B
313 B 134ms
133ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/latest/manifest.json
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Tue, 28 Jan 2020 13:17:47 GMT
server: nginx
x-amz-request-id: tx000000000000000156261-0060a3b2c0-3e38fb39-default
etag: "a4491fabe18c7b40df08f874b8c956e4"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30

GET
H/1.1 200
OK / Show response
ejournal.tool.vmcl.ru/service/popularArticles/ 1 KB
1 KB 205ms
53ms XHR
application/json 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://ejournal.tool.vmcl.ru/service/popularArticles/?pressId=31&bitrixId=0
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: c548123a91e66a0823032e745c055f3a69b1b923795fbd0bb4ee873f279f1ca9

Request headers

Accept: */*
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: e891e5e793c4bde898e210c4377285e5
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=264563801&utmhn=www.zarplata-online.ru&utme=8(User%20Type*3!User%20Type%20byEvent*BitrixID)9(visitor*3!member_null*0)11(2*3!2*2)...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801&slf_rd=1&random=2196231687

42 B
107 B

31ms
31ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801&slf_rd=1&random=2196231687

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31417318-1&cid=296014167.1621341127&jid=583906421&_v=5.7.2&z=264563801&slf_rd=1&random=2196231687
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
luxupcdnc.com/clickiotag_log/sensitive/ 0
56 B 406ms
405ms Script
text/javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://luxupcdnc.com/clickiotag_log/sensitive/?site_id=204213&time=186&r=112752962
Requested by: Host: s.luxupcdnc.com
URL: https://s.luxupcdnc.com/t/common_402.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:37 GMT
server: nginx
content-length: 0
content-type: text/javascript

GET
H2 200 207712 Show response
an.yandex.ru/meta/ 141 B
223 B 193ms
192ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/207712?grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&target-ref=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&pcode-test-ids=360908%2C0%2C54%3B362215%2C0%2C34%3B362535%2C0%2C76%3B356720%2C0%2C94%3B356980%2C0%2C38%3B330366%2C0%2C22%3B351579%2C0%2C29%3B356678%2C0%2C52&pcode-flags=%7B%22ACTIVE_TESTIDS_FORMAT%22%3A%22ssrBillboard%22%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22SMART_BANNER_CAROUSEL%22%3A%22control%22%2C%22SMART_BANNER_IMAGE%22%3A%22control%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22float%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=7102885401621341126&duid=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D&imp-id=3&enable-flat-highlight=1&test-tag=183618441838594&ad-session-id=1567941621341126768&target-id=36040298&tga-with-creatives=1&pcode-version=14670&pcodever=14670&flash-ver=0&available-width=240&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1185%2C%22top%22%3A1841%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&callback=Ya%5B2810654207085%5D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a49f6e05d8b2575d5c9fd852367b1b327474edece85156eea2ad8939144770d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1621341127597060-474404413719702386400159-production-app-host-man-pcode-25
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/207712/
Redirect Chain

https://mc.yandex.com/watch/207712?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2...
https://mc.yandex.com/watch/207712/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg...

184 B
222 B

49ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/207712/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A1065460833%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9baa6c9282878c7e4d64def6cd6ca45fd55920fb909df9eff18128c38900a512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
location: /watch/207712/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A1065460833%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/1875979/
Redirect Chain

https://mc.yandex.com/watch/1875979?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%...
https://mc.yandex.com/watch/1875979/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7p...

219 B
600 B

47ms
46ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1875979/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1815%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341127%3Ac%3A1%3Arn%3A938769170%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Ads%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C935%2C%2C%2C%2C%2C%3Adsn%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C832%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ee774391dc264b60c5d1e6bc68cfa9bbd20055584e430caaea802db16dd7f765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 219
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
location: /watch/1875979/1?wmode=7&page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1815%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341127%3Ac%3A1%3Arn%3A938769170%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621341124977%3Ads%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C935%2C%2C%2C%2C%2C%3Adsn%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C832%2C%2C%2C%2C%2C%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/marketing-lib/1_0_0/ 102 B
386 B 85ms
85ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-lib/1_0_0/manifest.json?rnd=256438872
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 1ae9d4e543f031d64f2066cf209748068e98140a15a04734f09cd8ec8f9cd24e

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Fri, 13 Nov 2020 16:17:10 GMT
server: nginx
x-amz-request-id: tx00000000000000085880c-0060a3aff2-3de44544-default
etag: "02574cceb930d7a71b1b7b76f5d5988c"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 102

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/ 102 B
386 B 85ms
85ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/manifest.json?rnd=7927708
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 820d2826119d8d0462d6b6cf1bd25e2de01792ba2cd9d5dbaa4e0af378710064

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Wed, 23 Sep 2020 13:21:28 GMT
server: nginx
x-amz-request-id: tx0000000000000015d19ce-0060a3afbb-3975a80e-default
etag: "71360784e67df4471113fdaa0356a15b"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 102

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/ 206 B
489 B 86ms
86ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/manifest.json?rnd=372786892
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 62cad51d4297eb6f87dd4029eca5a9cd4f66d7843f5c9df6bfeb3595ae970344

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Mon, 12 Apr 2021 16:30:08 GMT
server: nginx
x-amz-request-id: tx000000000000000152182-0060a3aa44-3e38fb39-default
etag: "e5070abdfa91995a9af03427fcb272b8"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 206

GET
H2 200 manifest.json Show response
cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/ 206 B
490 B 86ms
85ms XHR
application/json 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/manifest.json?rnd=160624677
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 86da7d78f53c75377309128eb7ac024ee28f904cd85a81b0292ac036e3076991

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
x-ngenix-storage: ADC
last-modified: Fri, 28 Aug 2020 12:22:14 GMT
server: nginx
x-amz-request-id: tx0000000000000001512b6-0060a3a8af-3e38fb39-default
etag: "75a95431d6dfad1e45c2b99526c38bd7"
x-ngenix-cache: HIT
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 206

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2765366/210514_adfox_1630507_4335776.18f3020b51e1ab79426a3d1328427b5c.png/ 16 KB
17 KB 176ms
83ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2765366/210514_adfox_1630507_4335776.18f3020b51e1ab79426a3d1328427b5c.png/optimize.webp
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 58d847cab5180d8a07b864bf8f2e538f5168f3de3663a007a9548eecf969e014

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Fri, 14 May 2021 12:22:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 16710
x-request-id: dcb0c833e6fe08d

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3685 141 KB
49 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51347e5b4036f4ff0a92ba97e5daef833e73439c5a3ff34e530179da33082cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49781
x-xss-protection: 0
server: cafe
etag: 6222799596991222010
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H2 204 event
ads.adfox.ru/252124/ 0
107 B 168ms
61ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=c4969255fccea3c6&pm=bmo&pxo=LuveRLcJMZjoJ4VHVZQoQIYLzkPXG4Z992KmTbyZ9Zt_7QE80mBCsGzQFewQUTe3zUeAXqZWKvwkV-b4TMd_Qj7peTNHWGsa5fIACfXM563d6uelo5tmdwx8_cnGM60EIIZETrxfnyNoA1gMG5fNVnf7TxRBWVze37oraBVaLXIS2SWHWIA%3D&p5=hqfcx&rand=kikrtsi&sj=481z6QCJQEXQwPLnb96HOtARWyNFa6Njua4mJnjp6N52shNOQOtFVYR-Rln5YQ%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwieg&rqs=xk-RwOk7S1XHs6Nga5m4uHpJS2VWVFNh&rtb-si=b&p2=fldb

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:07 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H2 200 1 Show response
mc.yandex.com/watch/1875979/ 43 B
85 B 50ms
50ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1875979/1?page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A184010159%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621341124977%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C1%2C%2C%2C%2C2467%3Adsn%3A%2C%2C%2C%2C%2C%2C%2C%2C1%2C%2C%2C%2C2467%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1875979/ 43 B
73 B 49ms
49ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1875979/1?page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A841457241498%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A202349469%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/207712/ 43 B
73 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/207712/1?page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1815%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A333378467%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621341124977%3Ads%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C935%2C1%2C%2C%2C%2C2467%3Adsn%3A0%2C0%2C1272%2C105%2C0%2C0%2C%2C832%2C1%2C%2C%2C%2C2467%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

GET
H2 200 main.d5e8045067228fae802f.js Show response
cdn.action-mcfr.ru/widgets/prod/marketing-lib/1_0_0/ 41 KB
14 KB 57ms
56ms Script
application/javascript 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-lib/1_0_0/main.d5e8045067228fae802f.js
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: a3696116b711f196e109836bf868ac6a319ee95d2f9d543c63407c0f879a572f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 16:16:14 GMT
server: nginx
x-amz-request-id: tx00000000000000055ac36-005faeb189-26a99602-default
etag: W/"ac47574b6ab6b121ac1840173ec207c3"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 main.fc062cbe7e42d9ccc1a2.js Show response
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/ 69 KB
19 KB 59ms
59ms Script
application/javascript 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/main.fc062cbe7e42d9ccc1a2.js
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 93fe12b3db0ba3c1760139be2453d7941f98eddb51d18c3f308ce13ff2af3cb1

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 13:19:43 GMT
server: nginx
x-amz-request-id: tx0000000000000021109aa-005f6b5818-21f48ced-default
etag: W/"c17515374220ba5ed8b4e90c4713a556"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 main.a9daf42b47def9434b37.css
cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/ 8 KB
2 KB 57ms
55ms Stylesheet
text/css 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: a413e87a34bc04aab8c9809dec7b2b4511e32b492ce3c1a7b853ac5480972a0c

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 16:28:23 GMT
server: nginx
x-amz-request-id: tx000000000000001fab94f-0060747592-3885ee53-default
etag: W/"b77f08ebf09704477b205c2110430b8a"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 main.a9daf42b47def9434b37.js Show response
cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/ 204 KB
73 KB 63ms
62ms Script
application/javascript 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: f1b80bd32c35ba35640e2937ef9b217aa3c5fe1b6359626bfd1daf2dab21cd74

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Mon, 12 Apr 2021 16:28:23 GMT
server: nginx
x-amz-request-id: tx0000000000000017b0d89-0060747592-37cee100-default
etag: W/"c59752f102e5472d3b76df90500d3ee6"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 main.c67296b83a7294516e5d.css
cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/ 3 KB
2 KB 88ms
87ms Stylesheet
text/css 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/main.c67296b83a7294516e5d.css
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 1216be4e4fabf0e9e9c65f01db095a6d99d09cbb569fd70459501df2d621e31f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 13:29:02 GMT
server: nginx
x-amz-request-id: tx000000000000002ba5b31-005f6b51be-213bf93b-default
etag: W/"7802c4d023f884803b9774bfe4a952d9"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 main.c67296b83a7294516e5d.js Show response
cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/ 31 KB
12 KB 89ms
88ms Script
application/javascript 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/widgets/prod/favorite/1_0_0/main.c67296b83a7294516e5d.js
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 0aa8a51ad0d0c0e7038d8c983c37851f636460e6aafd18e80727054e15ac9cc4

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 13:29:02 GMT
server: nginx
x-amz-request-id: tx000000000000002ba5ada-005f6b51ba-213bf93b-default
etag: W/"c94aa3febbc3b4bc4df0f14b16a27a12"
x-ngenix-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
x-ngenix-storage: ADC

GET
H2 200 207712 Show response
mc.yandex.com/watch/ 43 B
73 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/207712?page-url=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A1%3Als%3A180160127008%3Ahid%3A536415213%3Az%3A120%3Ai%3A20210518143207%3Aet%3A1621341128%3Ac%3A1%3Arn%3A412680558%3Au%3A1621341127806057264%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621341124977%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621341128%3At%3A%22%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D0%B0%22%20-%20%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%D0%B4%D0%BB%D1%8F%20%D0%B1%D1%83%D1%85%D0%B3%D0%B0%D0%BB%D1%82%D0%B5%D1%80%D0%BE%D0%B2%20%D0%BE%20%D1%80%D0%B0%D1%81%D1%87%D0%B5%D1%82%D0%B5%20%D0%B7%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Tue, 18-May-2021 12:32:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18-May-2021 12:32:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/ Frame 6450 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210511/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zarplata-online.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zarplata-online.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 17 May 2021 20:20:17 GMT
expires: Mon, 31 May 2021 20:20:17 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 58310
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/ Frame 3685 223 KB
82 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7168377611570943&plah=www.zarplata-online.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
server: cafe
etag: 12558658968377452156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H2 200 207712 Show response
an.yandex.ru/meta/ 141 B
224 B 216ms
216ms XHR
application/json 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/207712?grab=dCLQl9Cw0YDQv9C70LDRgtCwIiAtINCf0YDQsNC60YLQuNGH0LXRgdC60LjQuSDQttGD0YDQvdCw0Lsg0LTQu9GPINCx0YPRhdCz0LDQu9GC0LXRgNC-0LIg0L4g0YDQsNGB0YfQtdGC0LUg0LfQsNGA0L_Qu9Cw0YLRiwoxINCd0L7QstGL0LUg0LLRi9C_0LvQsNGC0Ysg0L3QsCDQtNC10YLQtdC5INCyIDIwMjEg0LPQvtC00YMgCg%3D%3D&target-ref=https%3A%2F%2Fwww.zarplata-online.ru%2F&page-ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&charset=utf-8&pcode-test-ids=360908%2C0%2C54%3B362215%2C0%2C34%3B362535%2C0%2C76%3B356720%2C0%2C94%3B356980%2C0%2C38%3B330366%2C0%2C22%3B351579%2C0%2C29%3B356678%2C0%2C52&pcode-flags=%7B%22ACTIVE_TESTIDS_FORMAT%22%3A%22ssrBillboard%22%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22SMART_BANNER_CAROUSEL%22%3A%22control%22%2C%22SMART_BANNER_IMAGE%22%3A%22control%22%2C%22LEADERBOARD_VIDEO%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22ctl%22%2C%22RMP_POSTER_2%22%3A%22float%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=7102885401621341126&duid=MTYyMTM0MTEyNzgwNjA1NzI2NA%3D%3D&imp-id=4&enable-flat-highlight=1&test-tag=183618441838594&ad-session-id=1567941621341126768&target-id=30840474&tga-with-creatives=1&pcode-version=14670&pcodever=14670&flash-ver=0&available-width=240&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9%2C%22w%22%3A0%2C%22h%22%3A0%2C%22width%22%3A240%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A1185%2C%22top%22%3A2645%2C%22ad_no%22%3A0%2C%22req_no%22%3A2%7D&callback=Ya%5B4112944932183%5D

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0e828707b05651751cdf3a852029638f238580549b16a4b735e348c6547c887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
last-modified: Tue, 18 May 2021 12:32:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1621341127835492-1482898745764000247000159-production-app-host-man-pcode-41
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zarplata-online.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H/1.1 200
OK callback Show response
api.action-media.ru/ 262 B
2 KB 44ms
44ms XHR
application/json 95.214.58.142
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.action-media.ru/callback?rand=7717729
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.58.142 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: ac1aa7453742763c0f17b84bd4b9c232f852a81e1c3e0048058a3b682336ac9f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:07 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: 3817c8d2351a122613a52a3e4c3fbeb2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Expose-Headers: Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Encoding, Content-Language, Content-Length, Content-Type, Date, Set-Cookie, Server, Status, X-Forwarded-For, X-Operation-Id, X-XSS-Protection
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 30
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Content-Type, Cookie, DNT, Pragma, Referer, User-Agent, X-Forwarded-For

GET
H2 200 proximanova-regular-webfont.woff
cdn.action-mcfr.ru/fonts/ 38 KB
38 KB 107ms
107ms Font
application/font-woff 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/fonts/proximanova-regular-webfont.woff
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 814d0f1af1ebf4dbe91fd647ab1cbecfced9359736024611927ccfa15f3e7666

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Wed, 23 Sep 2020 13:15:43 GMT
server: nginx
x-amz-request-id: tx000000000000002bad725-005f6b5739-213bf93b-default
etag: "3b0faf94343b05a5137725f94762fef8"
x-ngenix-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-length: 38444
accept-ranges: bytes
x-ngenix-storage: ADC

GET
H2 200 proximanova-semibold-webfont.woff
cdn.action-mcfr.ru/fonts/ 37 KB
37 KB 113ms
113ms Font
application/font-woff 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/fonts/proximanova-semibold-webfont.woff
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 959585ddcd887676b28628f1ec3f0d98e017fbed9093eb783a619a4e559a3c06

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Wed, 23 Sep 2020 13:15:42 GMT
server: nginx
x-amz-request-id: tx000000000000002ba08ee-005f6b4e7e-213bf93b-default
etag: "120c319df94de87a2ffd54dd240366eb"
x-ngenix-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-length: 37888
accept-ranges: bytes
x-ngenix-storage: ADC

GET
H2 200 proximanova-bold-webfont.woff
cdn.action-mcfr.ru/fonts/ 37 KB
38 KB 117ms
117ms Font
application/font-woff 212.193.146.48
CCT-AS NGENIX

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.action-mcfr.ru/fonts/proximanova-bold-webfont.woff
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS: cdn.ngenix.net
Software: nginx /
Resource Hash: 233bf372b1496bfe3f7af2810f38405e80955da643b0ad890a9737149a29dd19

Request headers

Origin: https://www.zarplata-online.ru
Referer: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
last-modified: Wed, 23 Sep 2020 13:15:43 GMT
server: nginx
x-amz-request-id: tx000000000000002b9fee5-005f6b4e12-213bf93b-default
etag: "8e5c40f0111db2b986ee8b6d4448250d"
x-ngenix-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
content-length: 38380
accept-ranges: bytes
x-ngenix-storage: ADC

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3685 208 B
644 B 63ms
40ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zarplata-online.ru&callback=_gfp_s_&client=ca-pub-7168377611570943

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210511/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7168377611570943&plah=www.zarplata-online.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

4c8360fc3499ef2aaaafd7768468e84c66b22a7e2accf19a4322bf189abdccef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3685 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zarplata-online.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3685 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zarplata-online.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 861B 99 KB
31 KB 447ms
445ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb980dea5165f5cbb926054d6d05b6baa20b9f74327d4d3d1fab99c295831720

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMq4-q-e0_ACFQ6YhQod-zkJ7w&gqi=yLOjYLIDkd-ewQ_RnZfADg&layout=/sadbundle/%24csp%253Der3%24/14028886511722743726/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zarplata-online.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zarplata-online.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMq4-q-e0_ACFQ6YhQod-zkJ7w&gqi=yLOjYLIDkd-ewQ_RnZfADg&layout=/sadbundle/%24csp%253Der3%24/14028886511722743726/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 18 May 2021 12:32:08 GMT
server: cafe
content-length: 31729
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 18-May-2021 12:47:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 May 2021 12:32:08 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3685 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251140663589"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27994
x-xss-protection: 0
expires: Tue, 18 May 2021 12:32:07 GMT

GET
H/1.1 200
OK Cookie set auth_sync Show response
www.zarplata-online.ru/_api/auth/logics/ 0
716 B 50ms
48ms XHR
text/plain 95.214.59.132
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zarplata-online.ru/_api/auth/logics/auth_sync?robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac&rand=3633599
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.59.132 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.zarplata-online.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://www.zarplata-online.ru/
Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac; ASE_PHPSESSID=62gpju5mnjalb6mg2pbd9oc7j2; ASE_anonymousId=fd68c134544f52eab5bbfb86f7e9bb9a; ASE_userLastVisit=2021-05-18+15%3A32%3A05; ASE_YII_CSRF_TOKEN=RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D; _ym_uid=1621341127806057264; _ym_d=1621341127; __lxGr__ses=ks37rk444g9or7i112734054; __lxGr__var_600453=_600453; __lxGr__var_600459=_600459; __lxGr__var_661408=_661415; tmr_lvid=a9a1db0251e4e9d198f59f1bbc6f785c; tmr_lvidTS=1621341127406; tmr_reqNum=1; __utma=70043158.296014167.1621341127.1621341127.1621341127.1; __utmc=70043158; __utmz=70043158.1621341127.1.1.utmcsr=link.mail.zarplata-client-1.ru|utmccn=(referral)|utmcmd=referral|utmcct=/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,; __utmt=1; __utmb=70043158.1.10.1621341127; _ym_isad=2; amnesty=robinSameSite
Connection: keep-alive
Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:08 GMT
Content-Encoding: gzip
Server: nginx
X-Operation-Id: c76d2e0132ecf570e1c4581eaeeba4ed
Transfer-Encoding: chunked
Content-Type: text/plain
Set-Cookie: robin=badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac;Domain=.zarplata-online.ru;Path=/;SameSite=Lax;Expires=Thu, 31 Dec 2099 23:59:59 GMT;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=www.zarplata-online.ru;Secure; robin=;Path=/;SameSite=Lax;Expires=Sat, 01 Jan 2000 00:00:01 GMT;Domain=.www.zarplata-online.ru;Secure;
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive

OPTIONS
H/1.1 204
No Content sync-deadpool
api.action-media.ru/ Frame 0
0 138ms
47ms Preflight
application/octet-stream 95.214.58.142
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.action-media.ru/sync-deadpool
Protocol: HTTP/1.1
Server: 95.214.58.142 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-indexed-db,x-local-storage,x-session-storage,x-target-cookie,x-web-sql,x-window-name
Origin: https://www.zarplata-online.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Tue, 18 May 2021 12:32:08 GMT
Content-Type: application/octet-stream
Connection: keep-alive
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type, Cookie, X-Anchor-Cookie, X-Target-Cookie, X-Indexed-DB, X-Local-Storage, X-Session-Storage, X-Web-SQL, X-Window-Name
Access-Control-Max-Age: 600
Allow: GET, OPTIONS
X-Operation-Id: c4ccfebf07a8513163c5e438b86d175e 5628d4a680d6e3ef8106e37608e9d764

GET
H/1.1 200
OK sync-deadpool Show response
api.action-media.ru/ 84 B
1 KB 47ms
46ms Fetch
application/json 95.214.58.142
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.action-media.ru/sync-deadpool
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/main.fc062cbe7e42d9ccc1a2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.58.142 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7cdaa9a2152ecfb233d5e8d1a53af7e41eda35f2247904e0aa0cfb8f3482e10a

Request headers

X-Window-Name
X-Web-SQL
X-Session-Storage
X-Target-Cookie
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zarplata-online.ru/
X-Local-Storage
X-Indexed-DB

Response headers

Date: Tue, 18 May 2021 12:32:08 GMT
Server: nginx
X-Operation-Id: ef1377f3cac6b370977f7d2ac8e319f1, baab9f7ab6043df25fa24653b6d17cd3
Etag: 57791aaa-a0cf-4e12-9b2c-b4c78ccec69d
Content-Type: application/json
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 84

GET
H/1.1 200
OK auth_check Show response
api.action-media.ru/auth/check-backend/api/v2/ 85 B
2 KB 57ms
57ms XHR
application/json 95.214.58.142
ACTION-DIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.action-media.ru/auth/check-backend/api/v2/auth_check?rand=4570773
Requested by: Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.214.58.142 Moscow, Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2aca6a67b50c7228f89cd7f568816d7ae7ee067e09b265d9c7d15b835ce0977f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 May 2021 12:32:08 GMT
Server: nginx
X-Operation-Id: ec2e5b6e65b4981616e6d8932462065b, ec2e5b6e65b4981616e6d8932462065b
Access-Control-Max-Age: 30
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Expose-Headers: Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Authorization,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For,X-Guest-Key
Content-Length: 85

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 171 KB
26 KB 35ms
12ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html

Requested by

Host: link.mail.zarplata-client-1.ru
URL: http://link.mail.zarplata-client-1.ru/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,?aHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed2087ff684fe32c0b1e8d61cb3dad4d2dbb7c0c59aeea543e63ad1c39ca6b21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/14028886511722743726/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 15 May 2021 14:48:43 GMT
expires: Sun, 15 May 2022 14:48:43 GMT
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 24982
age: 251005
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/ Frame A98F 17 KB
7 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7042
x-xss-protection: 0
server: cafe
etag: 2725110100707361309
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Jun 2021 12:30:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A98F 2 KB
1 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Jun 2021 12:31:07 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A98F 118 KB
36 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621251134821955"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36689
x-xss-protection: 0
expires: Tue, 18 May 2021 12:32:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/ Frame A98F 13 KB
6 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:29:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Jun 2021 12:29:40 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9233 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7168377611570943&output=html&h=140&slotname=adfox_rub_03800aop&adk=1709088882&adf=3279755397&pi=t.ma~as.adfox_rub_03800aop&w=990&lmt=1621341127&psa=0&format=990x140&url=https%3A%2F%2Fwww.zarplata-online.ru%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621341127760&bpp=5&bdt=93&idt=140&shv=r20210511&cbv=%2Fr20190131&ptt=9&saldr=aa&correlator=5953552400190&frm=23&ife=1&pv=2&ga_vid=171083829.1621341128&ga_sid=1621341128&ga_hid=1554833244&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=305&ady=105&biw=1600&bih=1200&isw=990&ish=140&ifk=1327218171&scr_x=0&scr_y=0&eid=21066432%2C31060956%2C44743003&oid=3&pvsid=3378138049864981&ref=http%3A%2F%2Flink.mail.zarplata-client-1.ru%2Factionmedia%2F34066%2C%3D0e538UqOyV2nw6Au2gAE7pg%2F5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1&loc=https%3A%2F%2Fwww.zarplata-online.ru%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C990%2C140&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5cs0cbcs1aly&fsb=1&dtd=224

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 18 May 2021 12:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 169
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A98F 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14584d7c1279d9bf0f4a1fc66a05a7e0aa9a6848b4f22931645856294f669d09

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 event
ads.adfox.ru/252124/ 0
38 B 62ms
62ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=17b1388e1751ada1&pm=bmu&pxo=LuveRLcJMZjoJ4VHVZQoQIYLzkPXG4Z992KmTbyZ9Zt_7QE80mBCsGzQFewQUTe3zUeAXqZWKvwkV-b4TMd_Qj7peTNHWGsa5fIACfXM563d6uelo5tmdwx8_cnGM60EIIZETrxfnyNoA1gMG5fNVnf7TxRBWVze37oraBVaLXIS2SWHWIA%3D&p5=hqfcx&rand=gyvqftu&sj=481z6QCJQEXQwPLnb96HOtARWyNFa6Njua4mJnjp6N52shNOQOtFVYR-Rln5YQ%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwieg&rqs=xk-RwOk7S1XHs6Nga5m4uHpJS2VWVFNh&rtb-si=b&p2=fldb&resp-time=887

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:08 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D5FE 16 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 17:09:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 18 May 2021 17:09:25 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D5FE 26 KB
10 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 18 May 2021 23:11:01 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9233
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 May 2021 12:32:08 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 18-May-2021 13:32:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 18 May 2021 12:32:08 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 18 May 2021 12:32:08 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame D5FE 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 11:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Wed, 18 May 2022 11:11:31 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3685 10 KB
8 KB 33ms
32ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210511&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32a57e5adc4264b8ef8c8ab0d8981af04d3d1c788812790ed8188a147b2d3042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7699
x-xss-protection: 0

GET
H3-29 200 F3_Txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 1 KB
1 KB 14ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F3_Txt1.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08d468d1b937b903ea45198f2d6b231cabe8e5a817bee40d332458514ee62ecd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F3_Txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 1 KB
1 KB 14ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F3_Txt2.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dffe65d31bd4b97827906e2f8a3df5313f19e2be43442062ad083911a9e1f525

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1177
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F3_Txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 1 KB
1 KB 15ms
9ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F3_Txt3.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f12b993bf6bbe484873218b863875a8f0dae82e4c56e6e7805e2e39d1e148b6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1298
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 Big.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 772 B
798 B 17ms
12ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/Big.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d36171254e4f97d97a2cadf29d3bbb980e00d2e1c8c6a4a3980563eed950eb2a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F1_CTB.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 1 KB
2 KB 16ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F1_CTB.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb51150632c9c5c5ff72d7323035c076d46e892940460e6fea32956e8cb597e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1527
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 1 KB
1 KB 22ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/Small.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c21176127f2af3f8fa4be4166c58f0496131da596306d9fa6fdeca1865f3a89d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1254
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F1_header.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 8 KB
8 KB 22ms
16ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F1_header.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71d1b705eea6e26801733fb78bbaa68a506f9636604504301067364a61003905

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8168
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:46 GMT

GET
H3-29 200 ball.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 4 KB
4 KB 20ms
14ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ball.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed15a1170946287be31f3402579efc38f4c38faf1a5de77b75092792f439096

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 Grass_Effect.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 5 KB
5 KB 20ms
15ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/Grass_Effect.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05d8db6ee945a1da151737089afea0354128bcbce393f79d326c83b49c598413

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5478
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 Grass.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 9 KB
10 KB 27ms
22ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/Grass.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e12968b1e2294688c9ecb3e58a734a41ef5e9bb5ed72d7161f52e4923ada457

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9717
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Stick.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 2 KB
2 KB 26ms
21ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Stick.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82e1996df55265a5dbc7098b57113d3b5353860cf16cb71d5b2d9509bcf3a794

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Stick_neu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 734 B
760 B 26ms
21ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Stick_neu.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

159e8120da561257520ff0751f44119ea92b528f0097e35ecaa65d913fbbb78c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 734
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Shoe1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 4 KB
4 KB 24ms
20ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Shoe1.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee7ed21503a410168346977220ea6b34a971eeca316231b7e3d1f8c51b950991

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3829
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Shoe1_parchentage.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 822 B
848 B 24ms
19ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Shoe1_parchentage.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5daecf75f6d5889eed50e364042ab61c61845a67e88d960a3f806c91919ccf7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 822
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Shoe2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 4 KB
4 KB 23ms
19ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Shoe2.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff549f4a756b1a80eac34bbea6901f6ea31c6fdb5b2814dff792284b2ac97dc3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3870
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 F2_Shoe2_neu.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 833 B
859 B 22ms
18ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/F2_Shoe2_neu.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2402114f0a436b33ca4db2c26879db4e578fe8fc0f31ae9f3d6c157c6041a4a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 833
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 T_Shirt.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 13 KB
13 KB 21ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/T_Shirt.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

670459102d4974b1cee75ec274d80cae133927722cdd86d7c994ad91536d1685

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13133
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 T_shirt_parchentage.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 829 B
855 B 20ms
17ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/T_shirt_parchentage.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5b787c299d1696adb80ad0c150e328032cf6e8a4e96c99f156790527309a65e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 829
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 Stick.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 5 KB
5 KB 20ms
16ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/Stick.png

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa775aedad3f370583ec3f63ebaaa54ff98525be2b2b3c5e2d225650c7678708

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4974
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H3-29 200 728x90_bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/ Frame D5FE 9 KB
9 KB 19ms
16ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14028886511722743726/728x90_bg.jpg

Requested by

Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e9c1eba629856d70ba7f45abe32168a1e30ce45e6136b58da22bcdfdcc1a65

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 137841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9533
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 07:39:56 GMT
server: sffe
date: Sun, 16 May 2021 22:14:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 May 2022 22:14:47 GMT

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 35ms
7ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.zarplata-online.ru
URL: https://www.zarplata-online.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: A02DEH9V1ZH4ZTRC
x-cache: HIT
content-length: 11777
x-amz-id-2: ocVkuy41kUftSE5BA/GKw2M3LJmnaVCfxWfyfl8qMj4WNffnFmZmG1m5F5uMoEBLQK0QO4MTB9o=
x-served-by: cache-hhn4038-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1621341129.657426,VS0,VE0
date: Tue, 18 May 2021 12:32:08 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 878

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 55ms
52ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3080093;u=https%3A//www.zarplata-online.ru/;r=http%3A//link.mail.zarplata-client-1.ru/actionmedia/34066%2C%3D0e538UqOyV2nw6Au2gAE7pg/5008202%2C1701038919%2C208981%2C%3FaHR0cHM6Ly93d3cuemFycGxhdGEtb25saW5lLnJ1;st=1621341127188;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=c712b21e6862d777;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=1/0/1621341124977/1276/1276///0/0/0/0/0//1/1273/1378/1276/2211/2467/2468/3649/3650/;ni=9//4g/0/0/;lvid=1621341127406%3A1621341128632%3A2%3Aa9a1db0251e4e9d198f59f1bbc6f785c;_=0.9604607264678795;e=RT/load;et=1621341128629

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 18 May 2021 12:32:08 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://www.zarplata-online.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zarplata-online.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://www.zarplata-online.ru
Keep-Alive: timeout=60

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 522ms
171ms Preflight 44.238.7.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Server

44.238.7.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-7-162.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zarplata-online.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 18 May 2021 12:32:09 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type
strict-transport-security: max-age=15768000

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 93 B
248 B 185ms
185ms Fetch
application/json 44.238.7.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: image.sendsay.ru
URL: https://image.sendsay.ru/app/js/sdk/sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.7.162 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-7-162.us-west-2.compute.amazonaws.com

Software

Resource Hash

84ebc4ecaf22a5ee3f1701a6d7f0c67c653662f1aa021b0905e8fb6b604962fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:09 GMT
content-length: 93
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: application/json

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3685 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 12:32:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 18 May 2021 12:32:08 GMT

GET
H/1.1 200
OK NRBR-b623917760fb7bb71aa Show response
bam.eu01.nr-data.net/1/ 57 B
275 B 75ms
21ms Script
text/javascript 185.221.86.2
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRBR-b623917760fb7bb71aa?a=100558803&v=1208.49599aa&to=MhBSZQoZChZTVhFcCwtacVIMEQsLHWYMQQEmGl5FChcICVdHSlwKARBI&rst=3775&ck=1&ref=https://www.zarplata-online.ru/&ap=1140&be=1281&fe=3650&dc=2467&perf=%7B%22timing%22:%7B%22of%22:1621341124977,%22n%22:0,%22u%22:1276,%22ue%22:1276,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:1,%22rp%22:1273,%22rpe%22:1378,%22dl%22:1276,%22di%22:2211,%22ds%22:2467,%22de%22:2468,%22dc%22:3649,%22l%22:3650,%22le%22:3667%7D,%22navigation%22:%7B%22ty%22:1%7D%7D&fp=1814&fcp=1814&at=HldRE0IDGRg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.221.86.2 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1CE5 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zarplata-online.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.zarplata-online.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 18 May 2021 12:31:51 GMT
expires: Wed, 18 May 2022 12:31:51 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CE5 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/TMm5Vd8VytjbCcmIcJumdaM-J7Gy9TN2HX45D5FEMFw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 11:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 09:28:00 GMT
server: sffe
age: 4837
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5679
x-xss-protection: 0
expires: Wed, 18 May 2022 11:11:31 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3685 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210511&jk=3378138049864981&bg=!RUalRgLNAAY59bwoOfU7ACkAdvg8WqBIHfMjlShQR2-LplgDzIyN0I0C8_fciEsapKiwv7oiiCqaDgIAAABjUgAAAA1oAQeZAmCi1knBTLdt9bj6DNb1YUC9WF64o5Eb7VOSOGzhT3mCjMd6OCv58tmiLhPYlg6ArYAMni9VL-n56JPh-ncMZB4AZlaRbn0sWprdz_5eVLU9SwDXLPP0btvAGYUQt_QBynMtSZE8vXK2mYZ2PfXbdmEEA-J9kqp3kGw8OCTBKA_71PTP7YoJeOfOfou5clYwtDXNl0giCmbkMqR5dFVcPyS6jEVwZUFbNFJaZnGwNkqTKG27z5_3sFanNdF0xLb_a5YS3ejqjaEvo3XAGPKOZPlu_ssZd0nh5hdIzEVxCvgjs68njykWzHBxfRspNpRW5pifHe4KLKu-ecc0UrzZFTbYjEaQw9kNw_9EmwuW3q3kujsmUOrfLKU1WgCXnZFKeToOcmFI2eE_ZEBpwzznS2x3DJU6YlQ9JpSocf9Ej6j-_1t67MYpZ5QWpQTOr-7pDDhESpqVd0xrdUXm7FEI7yHYSJlq4CDjkVOYCpN17_kUC583wXg9JeWmHZo7d4bKBYPalKjwnTxJlt70b6Ok0rCf-W88gMknHm28rFoddRsJSXAqkTQERFhROb_4jfjowfqrRl2w-DQ-WfufvgiYwIN9qXsxX5z57NT23Asen_o9bE77jGv9XgYNYhXkOe7-Nri9lyqIT0qLUCx9w4wQ4trhKk_b1xKepkxIs8xTNXEL5bCthr2hpNvrRegWQII0UaWac_4zNGPw3hvgfOXmp0Hia9-XYj7bHU0ExPV-z0YMu4s3UyHDlnEOdbUStnZsG0fFsnPTzfJEw6GIMRZSs_ANda3jqi872cAMTLHkR262pw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
luxupcdnc.com/utr/logst_sa/c2FpZD02NjE0MTB+NjYxNDA5fjY3MTUwNn42NzE1MDR+NjY3MDUyfjY3MDM0NH42NzAzNTB+NjY0NTI3fjY3MTUwNn42MDA0NTN+NjAwNDU5fjY2MTQxNSZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX4tfi1+LX4tfi1+LX... 42 B
145 B 43ms
43ms Image
image/gif 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://luxupcdnc.com/utr/logst_sa/c2FpZD02NjE0MTB+NjYxNDA5fjY3MTUwNn42NzE1MDR+NjY3MDUyfjY3MDM0NH42NzAzNTB+NjY0NTI3fjY3MTUwNn42MDA0NTN+NjAwNDU5fjY2MTQxNSZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX4tfi1+LX4tfi1+LX5mbmRfb25fcGd+cnRyX3Zhcl9jaHNufi1+LSZ1cmw9fnd3dy56YXJwbGF0YS1vbmxpbmUucnUmdmNudD0xMiZybmQ9MTEyOTMzNTQ3/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:30:38 GMT
cache-control: no-cache
server: nginx
content-length: 42
content-type: image/gif

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A98F 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQzZ_51ZfsFnH40HyerXYIG4LQrJUYSgdeLf7UBvkOslecPayG_sENoVWU6i5EBG1h2rOmF16R_wnjV3Ut1xCXSVUU_1rgLWOP1j296SiiNPwrC7UQ4VsFZ6BQNg&sai=AMfl-YTD9m92FcEyObJxole05isC4LyLj-91JgYQW4_u_pFqLxzAYHf9nT3vW4khiOwmlv4PVgH1ZgIFFFW1&sig=Cg0ArKJSzMpKEjjmePkJEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210517&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1709088882&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&rst=1621341127987&dlt=454&rpt=96&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 May 2021 12:32:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/252124/ 0
37 B 72ms
72ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=ea6fafae798080fc&pm=bmp&pxo=LuveRLcJMZjoJ4VHVZQoQIYLzkPXG4Z992KmTbyZ9Zt_7QE80mBCsGzQFewQUTe3zUeAXqZWKvwkV-b4TMd_Qj7peTNHWGsa5fIACfXM563d6uelo5tmdwx8_cnGM60EIIZETrxfnyNoA1gMG5fNVnf7TxRBWVze37oraBVaLXIS2SWHWIA%3D&p5=hqfcx&rand=mtzkjka&sj=481z6QCJQEXQwPLnb96HOtARWyNFa6Njua4mJnjp6N52shNOQOtFVYR-Rln5YQ%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwieg&rqs=xk-RwOk7S1XHs6Nga5m4uHpJS2VWVFNh&rtb-si=b&p2=fldb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:09 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/252124/ 0
37 B 68ms
67ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=5baf66dcf92d17a4&pm=bmn&p5=jmsdk&rand=dfupsge&sj=R0idGsteX8b2e75AiNNj1phVqJ5ZCn7oGMHdEvY4D2dwkM68upQCoGgM9HAt1A%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwiem&rqs=xk-RwOk7S1XHs6NgvHF5ecSC-f8-cuo8&p2=fldc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:10 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/252124/ 0
14 B 69ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=8fca1ef8a11aa4ea&pm=bmn&pxo=LuveRLcJMZjoJ4VHVZQoQIYLzkPXG4Z992KmTbyZ9Zt_7QE80mBCsGzQFewQUTe3zUeAXqZWKvwkV-b4TMd_Qj7peTNHWGsa5fIACfXM563d6uelo5tmdwx8_cnGM60EIIZETrxfnyNoA1gMG5fNVnf7TxRBWVze37oraBVaLXIS2SWHWIA%3D&p5=hqfcx&rand=lhnhfal&sj=481z6QCJQEXQwPLnb96HOtARWyNFa6Njua4mJnjp6N52shNOQOtFVYR-Rln5YQ%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwieg&rqs=xk-RwOk7S1XHs6Nga5m4uHpJS2VWVFNh&rtb-si=b&p2=fldb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:10 GMT
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 204 event
ads.adfox.ru/252124/ 0
37 B 67ms
67ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/252124/event?hash=830884595fb763bc&pm=bmq&pxo=LuveRLcJMZjoJ4VHVZQoQIYLzkPXG4Z992KmTbyZ9Zt_7QE80mBCsGzQFewQUTe3zUeAXqZWKvwkV-b4TMd_Qj7peTNHWGsa5fIACfXM563d6uelo5tmdwx8_cnGM60EIIZETrxfnyNoA1gMG5fNVnf7TxRBWVze37oraBVaLXIS2SWHWIA%3D&p5=hqfcx&rand=mzmicrt&sj=481z6QCJQEXQwPLnb96HOtARWyNFa6Njua4mJnjp6N52shNOQOtFVYR-Rln5YQ%3D%3D&ad-session-id=1567941621341126768&lts=fglzlqd&ytt=183618479589397&ybv=0.14670&ylv=0.14670&dl=https%3A%2F%2Fwww.zarplata-online.ru%2F&pr=dzlltxk&p1=bwieg&rqs=xk-RwOk7S1XHs6Nga5m4uHpJS2VWVFNh&rtb-si=b&p2=fldb

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zarplata-online.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 May 2021 12:32:12 GMT
x-content-type-options: nosniff
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:22:22	Name: test_cookie Value: CheckForPermission
www.zarplata-online.ru/	1969-12-31 23:59:59	Name: sndsy_dvc_id Value: kou0n9h8.zeh
.zarplata-online.ru/	1970-01-20 02:21:52	Name: tmr_reqNum Value: 2
.www.zarplata-online.ru/	1970-02-25 06:56:54	Name: deadpool Value: 57791aaa-a0cf-4e12-9b2c-b4c78ccec69d
.www.zarplata-online.ru/	1970-02-25 06:22:21	Name: amnesty Value: robinSameSite
.www.zarplata-online.ru/	1970-01-19 18:22:22	Name: __utmb Value: 70043158.1.10.1621341127
.www.zarplata-online.ru/	1969-12-31 23:59:59	Name: __utmc Value: 70043158
.zarplata-online.ru/	1970-01-20 03:43:57	Name: __gads Value: ID=36099d76443c70ef-2278e81516c8009b:T=1621341128:RT=1621341128:S=ALNI_Mbrws16snM2-nP1_ubR4lu_fw3jwg
.www.zarplata-online.ru/	1970-01-19 18:22:21	Name: __utmt Value: 1
.www.zarplata-online.ru/	1970-01-20 11:53:33	Name: __utma Value: 70043158.296014167.1621341127.1621341127.1621341127.1
.zarplata-online.ru/	1970-01-20 02:21:52	Name: tmr_lvidTS Value: 1621341127406
www.zarplata-online.ru/	1970-01-19 18:22:22	Name: __lxGr__var_661408 Value: _661415
www.zarplata-online.ru/	1970-01-19 18:22:22	Name: __lxGr__var_600459 Value: _600459
.zarplata-online.ru/	1970-01-20 02:21:52	Name: tmr_lvid Value: a9a1db0251e4e9d198f59f1bbc6f785c
.zarplata-online.ru/	1970-01-20 03:07:57	Name: _ym_uid Value: 1621341127806057264
www.zarplata-online.ru/	1970-01-19 18:22:22	Name: __lxGr__ses Value: ks37rk444g9or7i112734054
.zarplata-online.ru/	1970-01-20 03:07:57	Name: _ym_d Value: 1621341127
.zarplata-online.ru/	1970-01-19 18:23:33	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-19 18:22:24	Name: DSID Value: NO_DATA
.zarplata-online.ru/	1969-12-31 23:59:59	Name: ASE_YII_CSRF_TOKEN Value: RE5wNFNzfnpsX0hZUkxpYnZfNWxaRWlWMWIzTjkzVTRTjG0KNuZdhOg4-JdxLbEuFGysMUIPVHQYFCmUx0x-NQ%3D%3D
.zarplata-online.ru/	1970-01-20 03:07:57	Name: ASE_userLastVisit Value: 2021-05-18+15%3A32%3A05
www.zarplata-online.ru/	1970-01-19 18:22:22	Name: __lxGr__var_600453 Value: _600453
.zarplata-online.ru/	1970-02-17 11:34:04	Name: robin Value: badeeec1c22f4f4ea9abb95bb03e618fe2b08b5367204d35b05f06b601c7bfac
.www.zarplata-online.ru/	1970-01-19 22:45:09	Name: __utmz Value: 70043158.1621341127.1.1.utmcsr=link.mail.zarplata-client-1.ru\|utmccn=(referral)\|utmcmd=referral\|utmcct=/actionmedia/34066,=0e538UqOyV2nw6Au2gAE7pg/5008202,1701038919,208981,
.zarplata-online.ru/	1970-01-20 03:07:57	Name: ASE_anonymousId Value: fd68c134544f52eab5bbfb86f7e9bb9a
www.zarplata-online.ru/	1969-12-31 23:59:59	Name: ASE_PHPSESSID Value: 62gpju5mnjalb6mg2pbd9oc7j2

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zarplata-online.ru/(Line 3270) Message: 23123123
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7050) Message:
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7051) Message: ---- ASE CONSOLE DEBUG BEGIN (18-05-2021 15:32:06) ----
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7056) Message: === ID2 ===
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7057) Message: bitrixId:
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7059) Message: products 2.0: нет продуктов
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7061) Message: Yii::app()->user->isGuest = Y
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7066) Message: === MAIN EDITION ===
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7067) Message: appId: 21
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7068) Message: publicationCode: 133
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7073) Message: === CURRENT EDITION ===
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7074) Message: appId: null
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7075) Message: publicationCode: null
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7079) Message: ---- ASE CONSOLE DEBUG END ----
console-api	debug	URL: https://www.zarplata-online.ru/(Line 7080) Message:
console-api	log	URL: https://www.zarplata-online.ru/assets/44b59cdc/assets/frontend/assets/jquery/jquery-migrate-1.4.1.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js(Line 44) Message: Default strategy!
console-api	info	URL: https://cdn.action-mcfr.ru/widgets/prod/auth-button/1_0_0/main.a9daf42b47def9434b37.js(Line 44) Message: Default strategy!
console-api	error	URL: https://image.sendsay.ru/app/js/sdk/sdk.min.js(Line 1) Message: [SENDSAY SDK]: Web-push notifications are not supported

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
ads.adfox.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
api.action-media.ru
api2.amplitude.com
avatars.mds.yandex.net
bam.eu01.nr-data.net
cdn.action-mcfr.ru
counter.yadro.ru
ejournal.tool.vmcl.ru
fonts.googleapis.com
google-analytics.com
googleads.g.doubleclick.net
image.sendsay.ru
js-agent.newrelic.com
link.mail.zarplata-client-1.ru
luxupcdnc.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s.clickiocdn.com
s.luxupcdnc.com
ssl.google-analytics.com
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.26-2.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.zarplata-online.ru
yastatic.net
109.248.237.36
109.248.237.51
151.101.114.110
172.217.23.98
185.221.86.2
185.76.232.246
185.76.234.248
188.42.196.115
212.193.146.48
217.69.133.145
2a00:1148:db00::17
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:803::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:400c:c06::9d
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
44.238.7.162
77.88.21.179
88.212.201.216
95.211.66.35
95.214.58.142
95.214.59.132
037777f09d27126236beca101494002995765bb6f5e7dcb6e2fc676428c679c7
0420d4216b426be0af27e46d87e3f893c7f72eec7a1bfd6fac3abc553c4b252d
05a886bace19c7470df6a82828fefee6b9ff29fcc8c50200ad01f86811734ff8
05d8db6ee945a1da151737089afea0354128bcbce393f79d326c83b49c598413
080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df
08d468d1b937b903ea45198f2d6b231cabe8e5a817bee40d332458514ee62ecd
0aa8a51ad0d0c0e7038d8c983c37851f636460e6aafd18e80727054e15ac9cc4
0b02aa2ffa977483c0f852ca16ea43199ff3bb96973fd3370eced5b28bd34e1d
0d3093b20a7b1cace301205fc8a6a262b0ebac8970edae5cb23b49c00f4e00f4
0e828707b05651751cdf3a852029638f238580549b16a4b735e348c6547c887c
0f32b7ea4e675e62b509a7b23d5e305d2403036cfdfecc0958deec608ceddd91
1216be4e4fabf0e9e9c65f01db095a6d99d09cbb569fd70459501df2d621e31f
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
14584d7c1279d9bf0f4a1fc66a05a7e0aa9a6848b4f22931645856294f669d09
14b341d6c4ca8de63f2f67b96c882fb94a05eba2759f8fb8924c58bcbd78e48d
159e8120da561257520ff0751f44119ea92b528f0097e35ecaa65d913fbbb78c
163dd8588e14318c1540f963aa426fcf3d255ea1fe77a3ea23b1c094d6455c51
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18801c6a8c909a0cf4e5506e45789bd17f389bff374320b0b8473c04a9cf4017
1ad0a9d456fbb5ecfde81dafa53851e775ce22a293675e7d833d06a30571c09a
1ae9d4e543f031d64f2066cf209748068e98140a15a04734f09cd8ec8f9cd24e
1d4366bd030f17893c5a9e1352db2eb6f67da0a24cec4eab00d8df04be8ee087
1fad31b9a89714b3c568ab8caa22d6e95ab7e2ceee5054ed39b3fae646990dc0
233bf372b1496bfe3f7af2810f38405e80955da643b0ad890a9737149a29dd19
2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2a138f5a790f47f9c8e1b3b6c88ea4fecb1abd1b1011a7d842b721d2fa943ed3
2aca6a67b50c7228f89cd7f568816d7ae7ee067e09b265d9c7d15b835ce0977f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e12968b1e2294688c9ecb3e58a734a41ef5e9bb5ed72d7161f52e4923ada457
2ecc3a3ffba8ab96280fe7fade30d82a3efaf381e16ef79902a4766742ef23d6
32a57e5adc4264b8ef8c8ab0d8981af04d3d1c788812790ed8188a147b2d3042
3e3c3c659b88505aed194d76647b52be30e416be1cc4b822f156a6126f87896b
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
427f6a0d7ae2536853e1fc27fc9f68eb57890e966fae0b811609f8d890efbaa5
43b6cb6f1523425befb45e9e69fd5e2dc02988c31a6f723bcaf8a0c23a96c91c
44c277a589048d47753252efcc9ecf148937e56afdc20c1918e23f8887754519
47e9c1eba629856d70ba7f45abe32168a1e30ce45e6136b58da22bcdfdcc1a65
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c25bb67d9e599d0be4ca6302293f44dbcd4e0347f1b02fd7b24aec99299aa02
4c8360fc3499ef2aaaafd7768468e84c66b22a7e2accf19a4322bf189abdccef
4cc9b955df15cad8db09c988709ba675a33e27b1b2f533761d7e390f9144305c
4dd22f76e7e40da0f1f1fba289d254c2fefbc4701f02c167787278e7d698e03b
4ed15a1170946287be31f3402579efc38f4c38faf1a5de77b75092792f439096
4ee96f9e28f0729ee5f15ec36d5b0787e7286fed00dc2980e6a9b8db7c36c01a
4ffeb702a10f3da1ec0602800d3e1ae338101b6f718f20fa597cc58300cb5f5b
511a8d1f7240b915f88466534ab5d64632d84346e1ec3edeb0187859ab32609a
51347e5b4036f4ff0a92ba97e5daef833e73439c5a3ff34e530179da33082cc0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5819771b7e613a3b74f973cf758c30212dfc93baa65b93bb67deec56ecd6dc47
587d7d0b96531a1d9f92d5a0b88594c34c7360a2b141ee48099412b3c6046d72
5895f8084c427bfdaea3bdcfedd845d5da72c4288d914152c03a8035d270b3ae
58d847cab5180d8a07b864bf8f2e538f5168f3de3663a007a9548eecf969e014
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f4f2e8ffc67a3c2544f8be9672125a0c5a5f0035fa6bfc6d75ee297e30461e5
62cad51d4297eb6f87dd4029eca5a9cd4f66d7843f5c9df6bfeb3595ae970344
66f661926ae6c1e13c6b2169733476eb03b9be46e333e5f81eab69a5b0d27ace
670459102d4974b1cee75ec274d80cae133927722cdd86d7c994ad91536d1685
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520
70213da5b18c29a61b78f0c3c049e8010542feb796840d52fa7c545960169338
70ad6486ca6e6afc9a94f7e5d118592d223bc8997341a061ace70dd13ed015c8
71d1b705eea6e26801733fb78bbaa68a506f9636604504301067364a61003905
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74430538de37319cc4a34b3affabafd491dc5c1c767df458dec4a617940f9685
76c0a98410319447607f23ec916b7f8a461e5b152bf8abf5e23770fd8a9bdb62
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
77e4d6bac665ba03ded8aa7f600a99cf331307f1903bd63ea8368dda3ca9b11e
7a13279174940c2913595e88196ba9de5edcb06ee62a8b6b8a3fb43b49a597e9
7b228a00fe909590f0a7510c6fce3bc42d2e405a30cdc3c23ae833de649e0db1
7c3b739562e5a30ad4b69a45e6b185089ca9547dfcd3aab12a88067363f1a073
7cdaa9a2152ecfb233d5e8d1a53af7e41eda35f2247904e0aa0cfb8f3482e10a
7dbc419f9a961f785c05199a65e3040bdf061289641aa2a13ce777e830590dbe
7f12b993bf6bbe484873218b863875a8f0dae82e4c56e6e7805e2e39d1e148b6
7f3dc88458873499d9a3d2762d5a04082f334dd421d4df93fb996645d1218022
80710e8d4021f51d90c78eeaef1096075976917a722dda460dd04d4010c414ad
814d0f1af1ebf4dbe91fd647ab1cbecfced9359736024611927ccfa15f3e7666
820d2826119d8d0462d6b6cf1bd25e2de01792ba2cd9d5dbaa4e0af378710064
82e1996df55265a5dbc7098b57113d3b5353860cf16cb71d5b2d9509bcf3a794
8388aa0540845d02e4c9a6b86ac4c969f8fefcefc93b0187020aafdb0fc4a1c8
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84ebc4ecaf22a5ee3f1701a6d7f0c67c653662f1aa021b0905e8fb6b604962fd
85bcdcb5222f3ef2485c774fbacfaaeae8c28f9fd26698be9a0ae9c0b429611c
85e3697fdb65077432d19ff2953a9384b12c6971b9187fd719ac2cf0f1f472d5
86da7d78f53c75377309128eb7ac024ee28f904cd85a81b0292ac036e3076991
8eba1a687831d203fca47e148e9e672529dc7f3b3bc27f7124aa47cfd395f76b
8f10bfcf22bce574752c355781067a6789e29dde1a58cb04dace2e336823c9ed
8ff712fcfef2da7f428a3ad324fc7aee37aea550b6620a765182b61fbcaaecc2
93fe12b3db0ba3c1760139be2453d7941f98eddb51d18c3f308ce13ff2af3cb1
959585ddcd887676b28628f1ec3f0d98e017fbed9093eb783a619a4e559a3c06
973937f4e3b68343f9377d13796a0b379f476d7972714b7c630784fdf4eec4b5
9813ee0135ff9bfd69cb811d8b97f0eb37bd6d446b52e52767406cee1d87a52c
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a10b1418ae87e1667a44c85f39b5e1af9b8a24279d9a2743c0859d478f3f925
9aae73532fa0e858463ac89248ba77d0856bfc1fe36ba6839198a35e97367fa5
9baa6c9282878c7e4d64def6cd6ca45fd55920fb909df9eff18128c38900a512
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f23b61ca860e3e79d9f1dfb005afa728be0b88af1488cfc7986fbea2e13304e
a3696116b711f196e109836bf868ac6a319ee95d2f9d543c63407c0f879a572f
a413e87a34bc04aab8c9809dec7b2b4511e32b492ce3c1a7b853ac5480972a0c
a49f6e05d8b2575d5c9fd852367b1b327474edece85156eea2ad8939144770d5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b787c299d1696adb80ad0c150e328032cf6e8a4e96c99f156790527309a65e
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a5daecf75f6d5889eed50e364042ab61c61845a67e88d960a3f806c91919ccf7
a64d87c5a7aeeb6d315124369f1c1eceb1ae677e684aa8e5cc3e4d51efe5bd2a
a64f018a3f0c1fc9340f88963c5c28895b21c3ef7c024078bcfaad2f5b03fb6d
aa775aedad3f370583ec3f63ebaaa54ff98525be2b2b3c5e2d225650c7678708
aaae2ea46474b0f58190b58cc3a1951b17441495abcbeb90ef0200508f295b3f
ac0afbe937bd11bf0b22834789d74bac74b679306fce6a76225e978392e313a7
ac1aa7453742763c0f17b84bd4b9c232f852a81e1c3e0048058a3b682336ac9f
b2402114f0a436b33ca4db2c26879db4e578fe8fc0f31ae9f3d6c157c6041a4a
b9a8efe183065e5c1a5ab75b70f1dc87cc68c72b444efd7a6487bd77ae76f5f5
bf3d5278b985377eadaa08f5b5170a7ea43ead8175b88f6b934103955cfe57be
c0f7bbf569c09936a52c13ca35fc4c5815be11f01e4587d5c6d44a7a844ea0a3
c21176127f2af3f8fa4be4166c58f0496131da596306d9fa6fdeca1865f3a89d
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c548123a91e66a0823032e745c055f3a69b1b923795fbd0bb4ee873f279f1ca9
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6711f367b9452167e060d52a18fa60e7661dc6134c621b2ba480b0728c91c17
c86f7463dc182123e1593d6a5bfaec051bfbc6cab397330fc2f2048a71fd791a
c8abcf3f7ff1842bcbc7267c65fcee425b22836664fe1d15aa919d62c9a6e086
d0c95c800b4d813cc6e11a6db3384af0191aca0d123c07b548a208897aa22363
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d36171254e4f97d97a2cadf29d3bbb980e00d2e1c8c6a4a3980563eed950eb2a
db0fa2bf9386f8cc4781532da6c925c5728cc48733f2cf449a2195d76f32a039
df9a270288c9088819e838d444f9046f3efb9afd86b68c48cd284c1815e8db11
dffe65d31bd4b97827906e2f8a3df5313f19e2be43442062ad083911a9e1f525
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4429cbfd1ead9a9d034fbdf05409927f59345e73e122c902ad06d09cd7b1312
e5f7b5a52f0b40d3db325d46a04eb32b4bfe9362fd70dab772a8eed1d39318c8
eb980dea5165f5cbb926054d6d05b6baa20b9f74327d4d3d1fab99c295831720
ed2087ff684fe32c0b1e8d61cb3dad4d2dbb7c0c59aeea543e63ad1c39ca6b21
ee774391dc264b60c5d1e6bc68cfa9bbd20055584e430caaea802db16dd7f765
ee7ed21503a410168346977220ea6b34a971eeca316231b7e3d1f8c51b950991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b80bd32c35ba35640e2937ef9b217aa3c5fe1b6359626bfd1daf2dab21cd74
f514a08500a29fd7682c4ece60434dfc22ab77b44300425bec2f7283540340bf
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
fcadc0ac7ff81695e561900e77299d7f5efe78c002b1be78e8a45fb9a2871120
feb51150632c9c5c5ff72d7323035c076d46e892940460e6fea32956e8cb597e
ff549f4a756b1a80eac34bbea6901f6ea31c6fdb5b2814dff792284b2ac97dc3

www.zarplata-online.ru Open in urlscan Pro 95.214.59.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

99 %HTTPS

56 %IPv6

28 Domains

37 Subdomains

34 IPs

7 Countries

1933 kBTransfer

5324 kBSize

26 Cookies

47 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zarplata-online.ru Open in urlscan Pro
95.214.59.132 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

99 %
HTTPS

56 %
IPv6

28
Domains

37
Subdomains

34
IPs

7
Countries

1933 kB
Transfer

5324 kB
Size

26
Cookies

169 HTTP transactions
11 data transactions