pravoteka.ru Open in urlscan Pro
91.239.27.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://pravoteka.ru/
Submission: On February 26 via api (February 26th 2023, 9:22:02 pm UTC) from CH — Scanned from DE

Summary HTTP 62 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 15 domains to perform 62 HTTP transactions. The main IP is 91.239.27.42, located in Russian Federation and belongs to MNGTNET, RU. The main domain is pravoteka.ru.

This is the only time pravoteka.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	91.239.27.42 91.239.27.42	199274 (MNGTNET) (MNGTNET)
3	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
2 3	103.224.182.208 103.224.182.208	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
6	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
6	199.59.243.222 199.59.243.222	16509 (AMAZON-02) (AMAZON-02)
6 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
62	17

14 91.239.27.42 (Russian Federation)

ASN199274 (MNGTNET, RU)
PTR: 91-239-27-42.flops.ru

pravoteka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.224.182.208 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-208.above.com

api.leadiacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
form.leadiacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 199.59.243.222 (United States)

ASN16509 (AMAZON-02, US)

ww25.form.leadiacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pravoteka.ru pravoteka.ru	210 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	209 KB
9	leadiacloud.com 2 redirects api.leadiacloud.com form.leadiacloud.com ww25.form.leadiacloud.com	28 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9427	3 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	109 KB
5	gstatic.com fonts.gstatic.com	131 KB
5	yandex.ru 3 redirects bs.yandex.ru — Cisco Umbrella Rank: 44814 mc.yandex.ru — Cisco Umbrella Rank: 3674	58 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	5 KB
3	yandex.net site.yandex.net — Cisco Umbrella Rank: 120136	28 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
2	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 13199	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8947	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	601 B
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 7087	28 KB
0	leadia.ru Failed promo.leadia.ru Failed
62	15

	Domain	Requested by
14	pravoteka.ru	pravoteka.ru
7	mc.yandex.com	3 redirects pravoteka.ru
6	ww25.form.leadiacloud.com	pravoteka.ru ww25.form.leadiacloud.com
6	pagead2.googlesyndication.com	pravoteka.ru pagead2.googlesyndication.com tpc.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.com	ww25.form.leadiacloud.com www.google.com tpc.googlesyndication.com
4	mc.yandex.ru	3 redirects pravoteka.ru
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	site.yandex.net	pravoteka.ru site.yandex.net
3	fonts.googleapis.com	pravoteka.ru www.google.com
2	afs.googleusercontent.com	www.google.com
2	form.leadiacloud.com	2 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yastatic.net	site.yandex.net
1	bs.yandex.ru	pravoteka.ru
1	api.leadiacloud.com	pravoteka.ru
0	promo.leadia.ru Failed	pravoteka.ru
62	20

This site contains links to these domains. Also see Links.

Domain
www.namars.ru
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://pravoteka.ru/
Frame ID: CEE576451E512327B91BF84CDDA5F65C
Requests: 40 HTTP requests in this frame

Frame: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Frame ID: ECCE60150E07A72C2B51860DE33C8CB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 578E6677847AFBC6953CE9063A1AC0D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5845613288065918&output=html&h=600&slotname=4030725388&adk=788576250&adf=4059110530&pi=t.ma~as.4030725388&w=200&fwrn=4&fwrnh=100&lmt=1677446518&rafmt=1&format=200x600&url=http%3A%2F%2Fpravoteka.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677446518250&bpp=4&bdt=835&idt=389&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=617437048354&frm=20&pv=2&ga_vid=899240062.1677446519&ga_sid=1677446519&ga_hid=2013174174&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C31071869&oid=2&pvsid=958957598550098&tmod=1629389392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sGsRPxX73G&p=http%3A//pravoteka.ru&dtd=413
Frame ID: 7D3DF07178B34742EC9317715E5D899C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5845613288065918&output=html&adk=1812271804&adf=3025194257&lmt=1677446518&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fpravoteka.ru%2F&ea=0&pra=7&wgl=1&dt=1677446518266&bpp=2&bdt=851&idt=406&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=617437048354&frm=20&pv=1&ga_vid=899240062.1677446519&ga_sid=1677446519&ga_hid=2013174174&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C31071869&oid=2&pvsid=958957598550098&tmod=1629389392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=417
Frame ID: ED0D513F4588D2CF4ABF582734E64E37
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=5530669637&pcsa=false&channel=pid-bodis-gcontrol34%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol485&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww25.form.leadiacloud.com%3Fcaf%26p%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2439451366973938&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301075%2C17301078&format=r3&nocache=2151677446520913&num=0&output=afd_ads&domain_name=ww25.form.leadiacloud.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1677446520914&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=750&ish=370&psw=734&psh=76&frm=2&cl=511478063&uio=-&cont=rs&jsid=caf&jsv=511478063&rurl=http%3A%2F%2Fww25.form.leadiacloud.com%2F%3Fp%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&referer=http%3A%2F%2Fpravoteka.ru%2F&adbw=master-1%3A734
Frame ID: F91B441AEC7F0BEAAC23D9FBA67D76B7
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6A8068F7605A728BEBD438B568B7517C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A0CD55B9E0D7917492499555C51BC7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Портал правовой помощи - Правотека.ру

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

42 %
HTTPS

81 %
IPv6

15
Domains

20
Subdomains

17
IPs

5
Countries

811 kB
Transfer

1653 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.namars.ru/

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=25914452&from=informer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

http://form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref= HTTP 302
https://form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref= HTTP 302
http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc

Request Chain 24

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9926.ik_4V9u3kaoNbheUOIN42rHuZbMO5Gwh5_RHF3tWYxZu1NdKDpkGjH--EEEz3xaX.tL4X4mEfT2W7SVbxPbQP1Vkydps%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9926.4VF8Di5NLOBhd8MWknZFFtCLCXROgNPf8h1zKgqNWfreOouterO8TMcPT29Xf-L-YzfAkgb71PnsldgCx2rjmljUe9Our_j8hrYcoWaO5R8%2C.NAD6mN0tEkVzh9a_eOf1Bhd-9JU%2C

Request Chain 38

https://mc.yandex.com/watch/25914452?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1307836008595%3Ahid%3A93795336%3Az%3A0%3Ai%3A20230226212158%3Aet%3A1677446519%3Ac%3A1%3Arn%3A24992363%3Arqn%3A1%3Au%3A167744651980835774%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A303%2C75%2C825%2C223%2C0%2C0%2C%2C413%2C10%2C%2C%2C%2C1840%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446516210%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446519%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20-%20%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D1%82%D0%B5%D0%BA%D0%B0.%D1%80%D1%83&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/25914452/1?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1307836008595%3Ahid%3A93795336%3Az%3A0%3Ai%3A20230226212158%3Aet%3A1677446519%3Ac%3A1%3Arn%3A24992363%3Arqn%3A1%3Au%3A167744651980835774%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A303%2C75%2C825%2C223%2C0%2C0%2C%2C413%2C10%2C%2C%2C%2C1840%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446516210%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446519%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20-%20%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D1%82%D0%B5%D0%BA%D0%B0.%D1%80%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9926.rDqIuz526FbkBoIjLNO4xzZmP5qpNzKpQSF_CeTFN-0GbV-l3bXkxp0kl6Dg5KM6.mPEnqnlTOzq5YtCAKOCO5GVdubw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.n4bRo9zJ1J0uBMYJzjU2O7cGzk65cKT_lL-54DyOieI52EQ8q4Bi-JdKocimg7mIoWjixxQC1AMe71GRVorL1KAmpN_KvumXXWi1ZdPOQKw%2C.IlQEjFMuGZex96neLsZHfJEu-h8%2C

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pravoteka.ru/ 28 KB
28 KB 1203ms
825ms Document
text/html 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e5c448954916d1f8317d65e2e4b1989b03828e64641f9ff435fb366db952c71a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Length: 28659
Content-Type: text/html; charset=utf-8
Date: Sun, 26 Feb 2023 21:21:45 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 4.0
X-Powered-By: ASP.NET

GET
H/1.1 200
OK general.css
pravoteka.ru/content/ 41 KB
41 KB 162ms
84ms Stylesheet
text/css 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/content/general.css
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ce178ae6dde5065409f91e5e6c06687ce43a74f5907c4aefe56bcf41e0a21eac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Thu, 07 Apr 2016 05:26:24 GMT
Server: Microsoft-IIS/7.5
ETag: "463af68e90d11:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 41560

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 130ms
74ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2326c8e58bd9eee4b635b257ff6cc4eb99c3aa2bf169983fcf2860ba8dd7fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 26 Feb 2023 21:21:57 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Feb 2023 21:21:57 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 1 KB
1 KB 131ms
75ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=PT+Sans:400&subset=latin,cyrillic

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

642d14cd983fce2cea5db5afb04ff17ee03eeb3feb274a658e9b88cc8cc29d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:57 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sun, 26 Feb 2023 21:21:57 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 26 Feb 2023 21:21:57 GMT

GET
H/1.1 200
OK jquery-2.0.3.min.js Show response
pravoteka.ru/scripts/ 82 KB
82 KB 160ms
81ms Script
application/x-javascript 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/scripts/jquery-2.0.3.min.js
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:33 GMT
Server: Microsoft-IIS/7.5
ETag: "b8508745751fd01:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 83612

GET
H/1.1 200
OK jquery.unobtrusive-ajax.min.js Show response
pravoteka.ru/scripts/ 4 KB
4 KB 162ms
82ms Script
application/x-javascript 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/scripts/jquery.unobtrusive-ajax.min.js
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 125b6b268c7662f295b841038ca5f594ae1cd5adf116cfdf867f529dcf535a38

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:34 GMT
Server: Microsoft-IIS/7.5
ETag: "d2946e46751fd01:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3585

GET
H/1.1 200
OK jquery.validate.min.js Show response
pravoteka.ru/scripts/ 21 KB
21 KB 162ms
82ms Script
application/x-javascript 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/scripts/jquery.validate.min.js
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:35 GMT
Server: Microsoft-IIS/7.5
ETag: "14171347751fd01:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 21068

GET
H/1.1 200
OK jquery.validate.unobtrusive.min.js Show response
pravoteka.ru/scripts/ 6 KB
6 KB 165ms
83ms Script
application/x-javascript 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/scripts/jquery.validate.unobtrusive.min.js
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c43c532923fb3bc58b4f17d98f842122978ec76cc38d428149036e045f5ff0a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:36 GMT
Server: Microsoft-IIS/7.5
ETag: "10d69347751fd01:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 5700

GET
H/1.1 200
OK general.js Show response
pravoteka.ru/scripts/ 10 KB
10 KB 295ms
78ms Script
application/x-javascript 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to

Full URL: http://pravoteka.ru/scripts/general.js
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c23b807171deb950e3eda0e89e61b9be4e43b6f2ed05fc50ab9efa1827454f04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Sun, 24 May 2015 17:21:26 GMT
Server: Microsoft-IIS/7.5
ETag: "b4735f104696d01:0"
X-Powered-By: ASP.NET
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 10237

GET
H/1.1 404
Not Found widget.js
api.leadiacloud.com/ 0
0 596ms
238ms Script
text/html 103.224.182.208
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://api.leadiacloud.com/widget.js?p=lawyer&c=6418225625563136&pos=right&margin=0&photo=5&color=336699&w=434&t=modern
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 103.224.182.208 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: lb-182-208.above.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET runme.php
promo.leadia.ru/ 0
0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 151ms
98ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c09bb401c8c0db93f902b9ad58b89ad80ace934ed76d13b8415d915161059cfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52056
X-XSS-Protection: 0
Server: cafe
ETag: 4146434707487670273
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 26 Feb 2023 21:21:58 GMT

GET
H/1.1 200
OK icon_namars.png
pravoteka.ru/Content/images/ 2 KB
2 KB 80ms
80ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/Content/images/icon_namars.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 9bf2371fd5fce55d6fed8607d9d9f3bfc548cc5952c9017b5b2b330dfb2fae80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:26 GMT
Server: Microsoft-IIS/7.5
ETag: "fc55bf41751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2090

GET
H/1.1 404
Not Found 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
bs.yandex.ru/informer/25914452/ 10 B
340 B 161ms
82ms Image
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://bs.yandex.ru/informer/25914452/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:58 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK all.js Show response
site.yandex.net/v2.0/js/ 56 KB
18 KB 230ms
78ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

http://site.yandex.net/v2.0/js/all.js

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

HTTP/1.1

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9882e083aad0be394eef2bc511fbd204f670004b4ff09e627197805c5c7ceb9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:58 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=43200000; includeSubDomains;
NEL: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection: keep-alive
Content-Length: 17667
Last-Modified: Tue, 14 Feb 2023 08:57:29 GMT
Server: nginx/1.17.9
Etag: "1447ba0561e7db60267e8ec539062259"
Vary: Accept-Encoding
Report-To: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=216013
Accept-Ranges: bytes
Timing-Allow-Origin: *
Keep-Alive: timeout=5
X-Robots-Tag: noindex, noarchive, nofollow
Expires: Wed, 01 Mar 2023 09:21:59 GMT

GET
H/1.1 200
OK pravoteka.png
pravoteka.ru/content/images/ 4 KB
4 KB 80ms
80ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/pravoteka.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 04b015935b74fade2c32e2b92b2bdfae9bcea303f0d467541aaa0c7c0d668ea2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:28 GMT
Server: Microsoft-IIS/7.5
ETag: "1c127e42751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3698

GET
H/1.1 200
OK home_active.png
pravoteka.ru/content/images/ 1 KB
1 KB 81ms
81ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/home_active.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 5b44c0942c44f32b55cb89c8a3d9aa7a35c4be96a671a7c8519fdb273743eda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:26 GMT
Server: Microsoft-IIS/7.5
ETag: "ca317a41751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1045

GET
H/1.1 200
OK menu_item_active_arrow.png
pravoteka.ru/content/images/ 3 KB
4 KB 77ms
77ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/menu_item_active_arrow.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: aceb498ab3120229304e62efcf6f8ce3e3ecc9079422d9278574f5ec3cc119c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:27 GMT
Server: Microsoft-IIS/7.5
ETag: "c6f0fa41751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3577

GET
H/1.1 200
OK menu_item_arrow.png
pravoteka.ru/content/images/ 2 KB
2 KB 84ms
83ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/menu_item_arrow.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 5dda937522f40b5015a13566d480f17545f398444e841f8d09d21de9b1f1f2cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:27 GMT
Server: Microsoft-IIS/7.5
ETag: "eaed3842751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1571

GET
H/1.1 200
OK jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 104ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans:400&subset=latin,cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://pravoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 13:22:25 GMT
X-Content-Type-Options: nosniff
Age: 287973
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 45300
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:11:08 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 23 Feb 2024 13:22:25 GMT

GET
H/1.1 200
OK ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 105ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://pravoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 15:31:51 GMT
X-Content-Type-Options: nosniff
Age: 280207
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23948
X-XSS-Protection: 0
Last-Modified: Mon, 09 May 2022 19:47:44 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 23 Feb 2024 15:31:51 GMT

GET
H/1.1 200
OK jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 28 KB
29 KB 104ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=PT+Sans:400&subset=latin,cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://pravoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 13:42:43 GMT
X-Content-Type-Options: nosniff
Age: 286755
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 28444
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 16:45:23 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 23 Feb 2024 13:42:43 GMT

GET
H/1.1 200
OK ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2
fonts.gstatic.com/s/notoserif/v21/ 16 KB
16 KB 104ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFMWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Noto+Serif:400,700,400italic,700italic&subset=latin,cyrillic

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://pravoteka.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 21:01:39 GMT
X-Content-Type-Options: nosniff
Age: 346819
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16132
X-XSS-Protection: 0
Last-Modified: Mon, 09 May 2022 19:36:36 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 22 Feb 2024 21:01:39 GMT

GET
H/1.1

200
OK

/ Show response
ww25.form.leadiacloud.com/ Frame ECCE
Redirect Chain

http://form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=
https://form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=
http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc

1 KB
2 KB

872ms
234ms

Document
text/html

199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: f99ad11e42db1390e9a12f578d1f2959b23240d582a6fcf6d70f00624520bca8

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: sec-ch-prefers-color-scheme
Cache-Control: no-cache no-store, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Critical-CH: sec-ch-prefers-color-scheme
Date: Sun, 26 Feb 2023 21:22:00 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_HTJqzj53RnQixmA/2JQ5IOP+JfNgcHhpVA3htOmx2MtxAMP5+34w4rAx+92f8RoYE2/vr6mhYMfRS6tGIpClWA==

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 26 Feb 2023 21:21:59 GMT
location: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK counter.png
pravoteka.ru/content/images/ 1 KB
1 KB 81ms
81ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/counter.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 32bf21d0d9c9436dbb37b5de9ef459aec4ca44a93158ddba003010649446610d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:24 GMT
Server: Microsoft-IIS/7.5
ETag: "2c167b40751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1176

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

162 KB
57 KB

330ms
163ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Sun, 26 Feb 2023 22:21:58 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK socials.png
pravoteka.ru/content/images/ 4 KB
4 KB 81ms
80ms Image
image/png 91.239.27.42
MNGTNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pravoteka.ru/content/images/socials.png
Requested by: Host: pravoteka.ru
URL: http://pravoteka.ru/content/general.css
Protocol: HTTP/1.1
Server: 91.239.27.42 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS: 91-239-27-42.flops.ru
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 1dfbc1d09e0617d703cc890ce164904a5b8c03240af16f4edb43080b631c9c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/content/general.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 26 Feb 2023 21:21:45 GMT
Last-Modified: Wed, 24 Dec 2014 12:29:28 GMT
Server: Microsoft-IIS/7.5
ETag: "b047f542751fd01:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3806

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
121 KB 240ms
113ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5845613288065918&plah=pravoteka.ru

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe18c224e62f2f96ffadce05d92d8d95aa33d41121b274340f15b973d0daacf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122956
x-xss-protection: 0
server: cafe
etag: 3758449270359411732
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 26 Feb 2023 21:21:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 578E 10 KB
5 KB 142ms
39ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 14:02:04 GMT
etag: 10353107486223812946
expires: Sun, 12 Mar 2023 14:02:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ 89 KB
28 KB 184ms
60ms Script
application/x-javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 0fd7acf73c8e2e7a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jan 2024 15:50:58 GMT

GET
H2 200 suggest.js Show response
site.yandex.net/v2.0/js/ 8 KB
3 KB 64ms
63ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/suggest.js

Requested by

Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2610
last-modified: Tue, 14 Feb 2023 08:57:29 GMT
server: nginx/1.17.9
etag: "5905bc95497a3dcdd5543e8af9bb2553"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 01 Mar 2023 09:17:02 GMT

GET
H2 200 opensearch.js Show response
site.yandex.net/v2.0/js/ 22 KB
7 KB 71ms
71ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/opensearch.js

Requested by

Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6188
last-modified: Tue, 14 Feb 2023 08:57:29 GMT
server: nginx/1.17.9
etag: "1df256fb3e065fdf3b47b6ac51380393"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 01 Mar 2023 09:21:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
601 B 214ms
73ms Script
text/javascript 2a00:1450:400d:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pravoteka.ru&callback=_gfp_s_&client=ca-pub-5845613288065918

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5845613288065918&plah=pravoteka.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c013f1fe8593a4e29433c76e0c7d326971b532db19d972495b7079f0fe78cf16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 137ms
49ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pravoteka.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 200ms
74ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pravoteka.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D3D 603 B
214 B 321ms
320ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5845613288065918&output=html&h=600&slotname=4030725388&adk=788576250&adf=4059110530&pi=t.ma~as.4030725388&w=200&fwrn=4&fwrnh=100&lmt=1677446518&rafmt=1&format=200x600&url=http%3A%2F%2Fpravoteka.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677446518250&bpp=4&bdt=835&idt=389&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=617437048354&frm=20&pv=2&ga_vid=899240062.1677446519&ga_sid=1677446519&ga_hid=2013174174&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C31071869&oid=2&pvsid=958957598550098&tmod=1629389392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sGsRPxX73G&p=http%3A//pravoteka.ru&dtd=413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED0D 0
180 B 49ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5845613288065918&output=html&adk=1812271804&adf=3025194257&lmt=1677446518&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fpravoteka.ru%2F&ea=0&pra=7&wgl=1&dt=1677446518266&bpp=2&bdt=851&idt=406&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=200x600&nras=1&correlator=617437048354&frm=20&pv=1&ga_vid=899240062.1677446519&ga_sid=1677446519&ga_hid=2013174174&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C31071869&oid=2&pvsid=958957598550098&tmod=1629389392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=417

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:21:58 GMT
expires: Sun, 26 Feb 2023 21:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9926.ik_4V9u3kaoNbheUOIN42rHuZbMO5Gwh5_RHF3tWYxZu1NdKDpkGjH--EEEz3xaX.tL4X4mEfT2W7SVbxPbQP1Vkydps%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9926.4VF8Di5NLOBhd8MWknZFFtCLCXROgNPf8h1zKgqNWfreOouterO8TMcPT29Xf-L-YzfAkgb71PnsldgCx2rjmljUe9Our_j8hrYcoWaO5R8%2C.NAD6mN0tEkVzh9a_eOf1Bhd-9JU%2C

43 B
67 B

82ms
82ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9926.4VF8Di5NLOBhd8MWknZFFtCLCXROgNPf8h1zKgqNWfreOouterO8TMcPT29Xf-L-YzfAkgb71PnsldgCx2rjmljUe9Our_j8hrYcoWaO5R8%2C.NAD6mN0tEkVzh9a_eOf1Bhd-9JU%2C

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9926.4VF8Di5NLOBhd8MWknZFFtCLCXROgNPf8h1zKgqNWfreOouterO8TMcPT29Xf-L-YzfAkgb71PnsldgCx2rjmljUe9Our_j8hrYcoWaO5R8%2C.NAD6mN0tEkVzh9a_eOf1Bhd-9JU%2C
date: Sun, 26 Feb 2023 21:21:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 85ms
82ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:58 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 Feb 2023 11:11:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63f47caa-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 26 Feb 2023 22:21:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/25914452/
Redirect Chain

https://mc.yandex.com/watch/25914452?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...
https://mc.yandex.com/watch/25914452/1?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...

435 B
518 B

86ms
85ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/25914452/1?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1307836008595%3Ahid%3A93795336%3Az%3A0%3Ai%3A20230226212158%3Aet%3A1677446519%3Ac%3A1%3Arn%3A24992363%3Arqn%3A1%3Au%3A167744651980835774%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A303%2C75%2C825%2C223%2C0%2C0%2C%2C413%2C10%2C%2C%2C%2C1840%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446516210%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446519%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20-%20%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D1%82%D0%B5%D0%BA%D0%B0.%D1%80%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c7589203efaa48c6a1eda3a5276efb5726834daaf2824dcdf9c880dc2ad7126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Feb 2023 21:21:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 26-Feb-2023 21:21:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://pravoteka.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sun, 26-Feb-2023 21:21:59 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Feb 2023 21:21:59 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 26-Feb-2023 21:21:59 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/25914452/1?wmode=7&page-url=http%3A%2F%2Fpravoteka.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A1827%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A1307836008595%3Ahid%3A93795336%3Az%3A0%3Ai%3A20230226212158%3Aet%3A1677446519%3Ac%3A1%3Arn%3A24992363%3Arqn%3A1%3Au%3A167744651980835774%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A303%2C75%2C825%2C223%2C0%2C0%2C%2C413%2C10%2C%2C%2C%2C1840%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1677446516210%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1677446519%3At%3A%D0%9F%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%BC%D0%BE%D1%89%D0%B8%20-%20%D0%9F%D1%80%D0%B0%D0%B2%D0%BE%D1%82%D0%B5%D0%BA%D0%B0.%D1%80%D1%83&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://pravoteka.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 26-Feb-2023 21:21:59 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9926.rDqIuz526FbkBoIjLNO4xzZmP5qpNzKpQSF_CeTFN-0GbV-l3bXkxp0kl6Dg5KM6.mPEnqnlTOzq5YtCAKOCO5GVdubw%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.n4bRo9zJ1J0uBMYJzjU2O7cGzk65cKT_lL-54DyOieI52EQ8q4Bi-JdKocimg7mIoWjixxQC1AMe71GRVorL1KAmpN_KvumXXWi1ZdPOQKw%2C.IlQEjFMuGZex96neLs...

43 B
79 B

88ms
88ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.n4bRo9zJ1J0uBMYJzjU2O7cGzk65cKT_lL-54DyOieI52EQ8q4Bi-JdKocimg7mIoWjixxQC1AMe71GRVorL1KAmpN_KvumXXWi1ZdPOQKw%2C.IlQEjFMuGZex96neLsZHfJEu-h8%2C

Requested by

Host: pravoteka.ru
URL: http://pravoteka.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:21:59 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9926.n4bRo9zJ1J0uBMYJzjU2O7cGzk65cKT_lL-54DyOieI52EQ8q4Bi-JdKocimg7mIoWjixxQC1AMe71GRVorL1KAmpN_KvumXXWi1ZdPOQKw%2C.IlQEjFMuGZex96neLsZHfJEu-h8%2C
date: Sun, 26 Feb 2023 21:21:59 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK parking.2.103.1.js Show response
ww25.form.leadiacloud.com/js/ Frame ECCE 67 KB
22 KB 132ms
132ms Script
application/javascript 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.form.leadiacloud.com/js/parking.2.103.1.js
Requested by: Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ca10303b12baf7192561fee87604ea962a925b7070412e0bd2f8be53510b6f9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 21:22:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Feb 2023 18:58:50 GMT
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK _fd Show response
ww25.form.leadiacloud.com/ Frame ECCE 4 KB
2 KB 179ms
178ms Fetch
text/html 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.form.leadiacloud.com/_fd?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Requested by: Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/js/parking.2.103.1.js
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: cae85a61af23763a2c3708bf2d95b16cc0ee30c639c04a4c716ceefaf9ae2362

Request headers

Accept: application/json
Referer: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.103.1
Date: Sun, 26 Feb 2023 21:22:00 GMT
Content-Encoding: gzip
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ Frame ECCE 144 KB
53 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/js/parking.2.103.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bc43eda278816f1985dc4e8bbdda5d7b47db80ce6281428bf16b4fb0a1ae632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.form.leadiacloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7195251189373257755"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 26 Feb 2023 21:22:00 GMT

GET
H/1.1 200
OK px.gif
ww25.form.leadiacloud.com/ Frame ECCE 42 B
421 B 260ms
232ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.form.leadiacloud.com/px.gif?ch=1&rn=1.1866114062805002
Requested by: Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 21:22:00 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK px.gif
ww25.form.leadiacloud.com/ Frame ECCE 42 B
421 B 261ms
233ms Image
image/gif 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ww25.form.leadiacloud.com/px.gif?ch=2&rn=1.1866114062805002
Requested by: Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Feb 2023 21:22:00 GMT
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Server: openresty
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ads Show response
www.google.com/afs/ Frame F91B 7 KB
3 KB 130ms
128ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&psid=5530669637&pcsa=false&channel=pid-bodis-gcontrol34%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol485&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww25.form.leadiacloud.com%3Fcaf%26p%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2439451366973938&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301075%2C17301078&format=r3&nocache=2151677446520913&num=0&output=afd_ads&domain_name=ww25.form.leadiacloud.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1677446520914&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=750&ish=370&psw=734&psh=76&frm=2&cl=511478063&uio=-&cont=rs&jsid=caf&jsv=511478063&rurl=http%3A%2F%2Fww25.form.leadiacloud.com%2F%3Fp%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&referer=http%3A%2F%2Fpravoteka.ru%2F&adbw=master-1%3A734

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

2ad290e0797e658675f37b21837cf207c74addd65355fa765a5e0663c39637f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ww25.form.leadiacloud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2262
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sun, 26 Feb 2023 21:22:00 GMT
expires: Sun, 26 Feb 2023 21:22:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ Frame F91B 144 KB
52 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?pac=2

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=5530669637&pcsa=false&channel=pid-bodis-gcontrol34%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol321%2Cpid-bodis-gcontrol152%2Cpid-bodis-gcontrol485&client=dp-bodis31_3ph&r=m&sc_status=0&hl=de&rpbu=http%3A%2F%2Fww25.form.leadiacloud.com%3Fcaf%26p%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2439451366973938&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301075%2C17301078&format=r3&nocache=2151677446520913&num=0&output=afd_ads&domain_name=ww25.form.leadiacloud.com&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1677446520914&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=750&ish=370&psw=734&psh=76&frm=2&cl=511478063&uio=-&cont=rs&jsid=caf&jsv=511478063&rurl=http%3A%2F%2Fww25.form.leadiacloud.com%2F%3Fp%3Dlawyer%26t%3Dblue%26w%3D434%26product%3Dlawyer%26template%3Dblue%26style%3Ddefault%26width%3D750%26height%3D370%26ref%3D%26subid1%3D20230227-0821-5916-ad72-b483bc0758cc&referer=http%3A%2F%2Fpravoteka.ru%2F&adbw=master-1%3A734

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdaac659a10a43c1f6c2d14d81f13169532030efdd55ca4a34fcc9acd32314c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "9103135040163701854"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Sun, 26 Feb 2023 21:22:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F91B 391 B
717 B 200ms
75ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Michroma&display=swap

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?pac=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5494dd7e4456b032d0e22626505d5b6ff8725829b8fb510436b6d2b58e6a5b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 26 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 26 Feb 2023 19:31:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 26 Feb 2023 21:22:01 GMT

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame F91B 391 B
386 B 146ms
43ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%2302198b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12be4341c4c1014899b3f3c23f1c2dc362be8e5256fd5f66313e17160e3003c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 17:52:19 GMT
age: 12582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Mon, 27 Feb 2023 16:52:19 GMT

GET
H2 200 call_to_action_arrow.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame F91B 444 B
804 B 145ms
42ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/call_to_action_arrow.svg?c=%23ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Feb 2023 17:52:18 GMT
age: 12583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 14:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Mon, 27 Feb 2023 16:52:18 GMT

POST
H/1.1 200
OK _tr
ww25.form.leadiacloud.com/ Frame ECCE 2 B
0 163ms
163ms Fetch
text/html 199.59.243.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.form.leadiacloud.com/_tr
Requested by: Host: ww25.form.leadiacloud.com
URL: http://ww25.form.leadiacloud.com/js/parking.2.103.1.js
Protocol: HTTP/1.1
Server: 199.59.243.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

X-Version: 2.103.1
Date: Sun, 26 Feb 2023 21:22:01 GMT
Content-Encoding: gzip
Pragma: no-cache
Server: openresty
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 PN_zRfy9qWD8fEagAPg9pTk.woff2
fonts.gstatic.com/s/michroma/v16/ Frame F91B 17 KB
17 KB 178ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/michroma/v16/PN_zRfy9qWD8fEagAPg9pTk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Michroma&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:35:14 GMT
x-content-type-options: nosniff
age: 269207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17156
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:38:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 18:35:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 206ms
100ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9099baecf4f4eb78ab981b5eab97866df8fadbe4335a4ad35661e514392b4b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:22:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11181
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 26 Feb 2023 21:22:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6A80 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 20:35:11 GMT
expires: Mon, 26 Feb 2024 20:35:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A0C 783 B
537 B 49ms
48ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0f763c86f379e3b17981589cf4bd9e811f19f22798f31cd045a32f59f93fe3e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HKaxEYv_7834ij6csEkAGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://pravoteka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-HKaxEYv_7834ij6csEkAGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 26 Feb 2023 21:22:01 GMT
expires: Sun, 26 Feb 2023 21:22:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A80 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bP143D2MlfrYa-8L1g1kZrRY_Hu8960J3R7GynJ9320.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 438071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 19:40:50 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A0C 0
0 84ms
84ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=958957598550098&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6A80 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MgVRdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 21:22:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=958957598550098&bg=!i4iliNzNAAZYlHKzeJQ7ADkAdvg8Ws31LXH0GPgAz79XrzAQVsZWwCjCYNYNMJ_xgOXkwIJLSgXbedgLpQk_Iaq6ofLNXouGHpACAAAAS1IAAAADaAEHmQKjr7PS9Pj_6XJR1mhUv1izjCeKiGCIOnepPGoRdBR3_hu92o7BJHGaqeFvLqISIpNeDeunodQ8vXcuWl4idN2FpBVhH6HGOv-HhbIVimd9B72CnQW6KYuVn3Z2O5sCtfKP3HoR51WEhRJRdmaLzuLPE1LLp2EaiHs3YyNErFcqnmUsxj6Bf64kzsOBOiJCTSSbdqr0guW_7X6azOisKRZUY8rSltWdb-UTdmS1M8O5s8PpF-nrhekMZbUqz83zePDPlOhZ1-4HJe0zJk829Pv_4KPPFMt9KQoobFGiWMpCnwVsryXrGedWP7DYwlWSWdPKgztqqKJtekuWnyztwxgEMaNcozJaOaLPrrWRHYYBNpEa_uc7lzr6dpnaxnQF88iTI-ZdLTcKI3Tp1KfNpktZL2oB8aXacqQaUWTwoT4WGOSK1f93h7iRv_pq_Y5AAp2_BFOU7mXwfOTb_4s62oa3BZUrpwJDdCT7xRKfMJOPnSDd0ucNCxwjbZ8667EQUa4pyTL1AiI1DBvE_d8clpttmgTJnfLPGkbD7R1smvX5W_O-4uj2qSroPqWxksKSGzH5G7mONtWfQhCyDFkSWS2P9CVBpnzc2bYeDLl88Sq_D9zMs5CkT8ShxuebFmBdFLtDwAvffBScj60Syz_7DpwqbWR9XnhRj9Qj6WGJ-pKAU23oXVbuNMhTnBZe37PWQXrivlMfXFwjJxqwOgoEUoz8b_IrSNcal12nxdMS_1g7UtKoh65mIp0aXR8wzYMtO4iDbJ26MHvL8l7ml7a6ryJqfWQ03AEUIMjbv1MuZ_RLdax0-9dVfMhssmUHK52guvk8j9QLLWRJVOK29WNY-ayz3h4uKEFF_XZlFWJLInC8VYS_5YpPhTaqDD8zdTfkuDPnMwh_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://pravoteka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET gen_204
www.google.com/afs/ Frame ECCE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: promo.leadia.ru
URL: http://promo.leadia.ru/runme.php?userid=434&product=lawyer&template=ivs2013&theme=default&language=ru&region=ru&style=default&width=728&height=400&banner=http://pravoteka.ru/Content/Images/button.png

Domain: www.google.com
URL: https://www.google.com/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=4z28n9zf2rld&aqid=eM37Y5L7O6iFjuwP69-twAU&psid=5530669637&pbt=bs&adbx=0&adby=143&adbh=482&adbw=750&adbah=155%2C155%2C155&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=511478063&csala=5%7C0%7C144%7C93%7C166&lle=0&llm=1000&ifv=1&usr=1

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pravoteka.ru/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yxscxzbkw4olti50ax3ztpbo
.pravoteka.ru/	1970-01-20 18:43:02	Name: _ym_uid Value: 167744651980835774
.pravoteka.ru/	1970-01-20 18:43:02	Name: _ym_d Value: 1677446519
.doubleclick.net/	1970-01-20 09:57:27	Name: test_cookie Value: CheckForPermission
.pravoteka.ru/	1970-01-20 09:58:38	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 09:57:27	Name: sync_cookie_csrf Value: 3215617566fake
.pravoteka.ru/	1970-01-20 19:19:02	Name: __gads Value: ID=26a94fe4dd09580c-22ed3d3b80de0034:T=1677446518:RT=1677446518:S=ALNI_MbTVkJjksTjy392AzcJffSxITkNNg
.pravoteka.ru/	1970-01-20 19:19:02	Name: __gpi Value: UID=00000bbc55c5e86e:T=1677446518:RT=1677446518:S=ALNI_MYiSLqiEJ-ujTqvtSeVkMQwNq3Cjg
.mc.yandex.ru/	1970-01-20 09:57:27	Name: sync_cookie_csrf Value: 127017683fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2133284471677446519
.yandex.com/	1970-01-20 19:33:26	Name: i Value: dUwKcN3qjJ8pyzDl/9VFIQQsIAI1HYoxim8HC7lj6xMlK6gbnZWyFfjolTFQ9nw2QWrpIIcanBVV9Qj6ILtapqgcoPI=
.yandex.com/	1970-01-20 18:43:02	Name: yandexuid Value: 9118322021677446519
.yandex.com/	1970-01-20 18:43:02	Name: yuidss Value: 9118322021677446519
.yandex.com/	1970-01-20 18:43:02	Name: ymex Value: 1708982519.yc.1677446519#1708982519.yrts.1677446519#1708982519.yrtsi.1677446519
.pravoteka.ru/	1970-01-20 09:57:28	Name: _ym_visorc Value: w

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://promo.leadia.ru/runme.php?userid=434&product=lawyer&template=ivs2013&theme=default&language=ru&region=ru&style=default&width=728&height=400&banner=http://pravoteka.ru/Content/Images/button.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://api.leadiacloud.com/widget.js?p=lawyer&c=6418225625563136&pos=right&margin=0&photo=5&color=336699&w=434&t=modern Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bs.yandex.ru/informer/25914452/3_1_FFFFFFFF_EFEFEFFF_0_pageviews Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5845613288065918&output=html&h=600&slotname=4030725388&adk=788576250&adf=4059110530&pi=t.ma~as.4030725388&w=200&fwrn=4&fwrnh=100&lmt=1677446518&rafmt=1&format=200x600&url=http%3A%2F%2Fpravoteka.ru%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1677446518250&bpp=4&bdt=835&idt=389&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=617437048354&frm=20&pv=2&ga_vid=899240062.1677446519&ga_sid=1677446519&ga_hid=2013174174&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777877%2C44759876%2C44759927%2C31071869&oid=2&pvsid=958957598550098&tmod=1629389392&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=sGsRPxX73G&p=http%3A//pravoteka.ru&dtd=413 Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: http://ww25.form.leadiacloud.com/js/parking.2.103.1.js Message: Unsafe attempt to initiate navigation for frame with URL 'http://pravoteka.ru/' from frame with URL 'http://ww25.form.leadiacloud.com/?p=lawyer&t=blue&w=434&product=lawyer&template=blue&style=default&width=750&height=370&ref=&subid1=20230227-0821-5916-ad72-b483bc0758cc'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
afs.googleusercontent.com
api.leadiacloud.com
bs.yandex.ru
fonts.googleapis.com
fonts.gstatic.com
form.leadiacloud.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pravoteka.ru
promo.leadia.ru
site.yandex.net
tpc.googlesyndication.com
ww25.form.leadiacloud.com
www.google.com
yastatic.net
promo.leadia.ru
www.google.com
103.224.182.208
199.59.243.222
2a00:1450:4001:802::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:400d:802::200a
2a00:1450:400d:803::2002
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2002
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
91.239.27.42
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04b015935b74fade2c32e2b92b2bdfae9bcea303f0d467541aaa0c7c0d668ea2
125b6b268c7662f295b841038ca5f594ae1cd5adf116cfdf867f529dcf535a38
1dfbc1d09e0617d703cc890ce164904a5b8c03240af16f4edb43080b631c9c10
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
2ad290e0797e658675f37b21837cf207c74addd65355fa765a5e0663c39637f2
32bf21d0d9c9436dbb37b5de9ef459aec4ca44a93158ddba003010649446610d
5455d8d4b8ae5150039ff7a83a6679d4338a435945985fa9f8d0ecbea9ae2f6e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5494dd7e4456b032d0e22626505d5b6ff8725829b8fb510436b6d2b58e6a5b4b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b44c0942c44f32b55cb89c8a3d9aa7a35c4be96a671a7c8519fdb273743eda0
5bc43eda278816f1985dc4e8bbdda5d7b47db80ce6281428bf16b4fb0a1ae632
5dda937522f40b5015a13566d480f17545f398444e841f8d09d21de9b1f1f2cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642d14cd983fce2cea5db5afb04ff17ee03eeb3feb274a658e9b88cc8cc29d80
6cfd78dc3d8c95fad86bef0bd60d6466b458fc7bbcf7ad09dd1ec6ca727ddf6d
6fe18c224e62f2f96ffadce05d92d8d95aa33d41121b274340f15b973d0daacf
749532b47faa826b6001b06da2e4085a3118525b9c9164fd0aa10e9944b9967a
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
9882e083aad0be394eef2bc511fbd204f670004b4ff09e627197805c5c7ceb9a
9bf2371fd5fce55d6fed8607d9d9f3bfc548cc5952c9017b5b2b330dfb2fae80
9cdaac659a10a43c1f6c2d14d81f13169532030efdd55ca4a34fcc9acd32314c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aceb498ab3120229304e62efcf6f8ce3e3ecc9079422d9278574f5ec3cc119c6
b0f763c86f379e3b17981589cf4bd9e811f19f22798f31cd045a32f59f93fe3e
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
c013f1fe8593a4e29433c76e0c7d326971b532db19d972495b7079f0fe78cf16
c09bb401c8c0db93f902b9ad58b89ad80ace934ed76d13b8415d915161059cfc
c12be4341c4c1014899b3f3c23f1c2dc362be8e5256fd5f66313e17160e3003c
c2326c8e58bd9eee4b635b257ff6cc4eb99c3aa2bf169983fcf2860ba8dd7fcf
c23b807171deb950e3eda0e89e61b9be4e43b6f2ed05fc50ab9efa1827454f04
c43c532923fb3bc58b4f17d98f842122978ec76cc38d428149036e045f5ff0a1
c7589203efaa48c6a1eda3a5276efb5726834daaf2824dcdf9c880dc2ad7126c
c9099baecf4f4eb78ab981b5eab97866df8fadbe4335a4ad35661e514392b4b9
ca10303b12baf7192561fee87604ea962a925b7070412e0bd2f8be53510b6f9c
cae85a61af23763a2c3708bf2d95b16cc0ee30c639c04a4c716ceefaf9ae2362
ce178ae6dde5065409f91e5e6c06687ce43a74f5907c4aefe56bcf41e0a21eac
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
da748253b458c5fc9c9a5e3c108b1cda280f52df4008702b9cea695ec23332aa
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c448954916d1f8317d65e2e4b1989b03828e64641f9ff435fb366db952c71a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f99ad11e42db1390e9a12f578d1f2959b23240d582a6fcf6d70f00624520bca8

pravoteka.ru Open in urlscan Pro 91.239.27.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

42 %HTTPS

81 %IPv6

15 Domains

20 Subdomains

17 IPs

5 Countries

811 kBTransfer

1653 kBSize

15 Cookies

2 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pravoteka.ru Open in urlscan Pro
91.239.27.42 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

42 %
HTTPS

81 %
IPv6

15
Domains

20
Subdomains

17
IPs

5
Countries

811 kB
Transfer

1653 kB
Size

15
Cookies

62 HTTP transactions
0 data transactions