urlscan.io logo urlscan.io
SecurityTrails logo

stage.youthempowered.ru Open in urlscan Pro
185.22.60.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://stage.youthempowered.ru/
Effective URL: https://stage.youthempowered.ru/login
Submission Tags: phishingrod
Submission: On October 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 185.22.60.56, located in Russian Federation and belongs to MNGTNET, RU. The main domain is stage.youthempowered.ru.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.
This is the only time stage.youthempowered.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    185.22.60.56 (Russian Federation)

ASN199274 (MNGTNET, RU)
PTR: 185-22-60-56.flops.ru
stage.youthempowered.ru
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    2a02:6b8::1:119 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
10 youthempowered.ru
stage.youthempowered.ru
2 MB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7957
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
22 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3539
70 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
140 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
351 B
24 8
Domain Requested by
10 stage.youthempowered.ru 1 redirects stage.youthempowered.ru
7 mc.yandex.com 3 redirects stage.youthempowered.ru
3 mc.yandex.ru 2 redirects stage.youthempowered.ru
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net stage.youthempowered.ru
connect.facebook.net
2 www.googletagmanager.com stage.youthempowered.ru
www.google-analytics.com
1 www.facebook.com stage.youthempowered.ru
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
24 9

This site contains links to these domains. Also see Links.

Domain
youthempowered.ru
Subject Issuer Validity Valid
stage.youthempowered.ru
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://stage.youthempowered.ru/login
Frame ID: FC5E4DA1B6BF745678C370AA8493F958
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Youth Empowered – Твой путь к успеху!

Page URL History Show full URLs

  1. https://stage.youthempowered.ru/ HTTP 302
    https://stage.youthempowered.ru/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

24
Requests

88 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

8
IPs

4
Countries

2658 kB
Transfer

3318 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://stage.youthempowered.ru/ HTTP 302
    https://stage.youthempowered.ru/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10154.qDcwL9rFcEySF2TDoXA7EISKXkr5-4T2y54gPhdBlWMvPhffii7stcoFfBo1dCM1.WZKAJoBVm8E73fPuoreJM9Aga-8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10154.xPSMvJ1JR-k47SRBQgSdSwHeeP6fibmc1KDDisE8pNbIAB-0vTSfte4QWu3wSmJ8a3Rwoh6KM61PFMK68TnRMuSaFAs_Xsej9owLIeDWHFg%2C.UhHGgIYo4B4iTESSR941kWtFKTA%2C
Request Chain 21
  • https://mc.yandex.com/watch/52704364?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1668269079137%3Ahid%3A330548794%3Az%3A120%3Ai%3A20231012180211%3Aet%3A1697126532%3Ac%3A1%3Arn%3A1009662498%3Arqn%3A1%3Au%3A169712653250473595%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C70%2C1%2C1156%2C1156%2C1%2C720%2C1%2C%2C%2C%2C1947%3Aco%3A0%3Acpf%3A1%3Ans%3A1697126529506%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697126532%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1668269079137%3Ahid%3A330548794%3Az%3A120%3Ai%3A20231012180211%3Aet%3A1697126532%3Ac%3A1%3Arn%3A1009662498%3Arqn%3A1%3Au%3A169712653250473595%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C70%2C1%2C1156%2C1156%2C1%2C720%2C1%2C%2C%2C%2C1947%3Aco%3A0%3Acpf%3A1%3Ans%3A1697126529506%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697126532%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Request Chain 22
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10154.xz1eLaxD8a-7h8nu0Ai-OD68HWrMToFGxcExrdEegvoru1fs0-N3Q2Vx8PG1e-GD.IwGChVF1nMJpxnMlwKW6kgF0LXw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10154.wFQZa1SU49axvS43Us6nv-e6TwoOY2EQ7Ocu_adq9X5TELQyKwMpGarZav5_YuSQl9Id6KPz-iz7z4GlNpzlYGIi3LPkfgnKGT5Z-xclQIg%2C.F59JaKGU7bx7MwStKD7OXXxvL74%2C

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
stage.youthempowered.ru/
Redirect Chain
  • https://stage.youthempowered.ru/
  • https://stage.youthempowered.ru/login
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 + Phusion Passenger(R) 6.0.13 / Phusion Passenger(R) 6.0.13
Resource Hash
b7971115d7c5f46dbf4a5defc3d4a128df4bfd9b6b2da3f158d731a0f035ceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Oct 2023 16:02:10 GMT
ETag
W/"b7971115d7c5f46dbf4a5defc3d4a128"
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 + Phusion Passenger(R) 6.0.13
Status
200 OK
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger(R) 6.0.13
X-Request-Id
0f77c168-0383-40a3-ba7e-9f0dfdc79e6f
X-Runtime
0.006850
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 12 Oct 2023 16:02:10 GMT
Location
https://stage.youthempowered.ru/login
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 + Phusion Passenger(R) 6.0.13
Status
302 Found
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger(R) 6.0.13
X-Request-Id
122e6ea8-05f6-4eae-972d-188aa9c9d4f1
X-Runtime
0.002524
X-XSS-Protection
1; mode=block
application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
stage.youthempowered.ru/assets/learning/ 		325 KB
325 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c822eff42c7f97fc250aaf9134474a5e736d8ea30c90c406b5b8090766d71987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:10 GMT
Last-Modified
Sun, 13 Aug 2023 18:37:05 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64d922d1-51300"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
332544
application-dfdd774101c9435ce12e.js
stage.youthempowered.ru/packs/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/packs/js/application-dfdd774101c9435ce12e.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9fc7e984ba3d32e502b522736b3393d2557c6b9f3989173840e5a588e0632055

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:10 GMT
Last-Modified
Mon, 09 Oct 2023 17:24:16 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243740-138c5c"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1281116
logo.svg
stage.youthempowered.ru/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/logo.svg
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9f630f7f7867f0c53283801947211ac1fd655ce8676559c50009143a27ce888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-5b15"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23317
register.png
stage.youthempowered.ru/images/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/register.png
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
af04b3138a0239cff270124c55692fb884d33d6df7bad54c4c0645b2ddda3e3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-3cc11"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
248849
gtm.js
www.googletagmanager.com/ 		154 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MV9MVGC
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ac03e363439630422f6464fbe35e75db62aa290648815c18e7c198503bb29ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57801
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Oct 2023 16:02:11 GMT
oval.svg
stage.youthempowered.ru/images/ 		612 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stage.youthempowered.ru/images/oval.svg
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
576034a52ce02a24155931839fbde48072d8aab9d69ff672d51acef53a81796a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-264"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
612
Raleway-Bold.ttf
stage.youthempowered.ru/fonts/ 		170 KB
170 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-Bold.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4509d37c427b544b0372f1042d47d880ef2f07f0ff8cfd6a54e69d2e168c606e

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-2a6bc"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173756
Raleway-SemiBold.ttf
stage.youthempowered.ru/fonts/ 		160 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-SemiBold.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
84247578b1a00a6fd6ddfdddb28015d8f7c13587d2582cc828263abc57c2d5f2

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-27eb0"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163504
Raleway-Medium.ttf
stage.youthempowered.ru/fonts/ 		160 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stage.youthempowered.ru/fonts/Raleway-Medium.ttf
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.22.60.56 , Russian Federation, ASN199274 (MNGTNET, RU),
Reverse DNS
185-22-60-56.flops.ru
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d89cac568caf6c13d9a2f1733e1842490f8f33d341f68a33cf9f1614b1b1932

Request headers

Referer
https://stage.youthempowered.ru/assets/learning/application-6570928939341c9a2b732eb3539bd4a2fbd2073e5a7738f32d35523419171e23.css
Origin
https://stage.youthempowered.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Thu, 12 Oct 2023 16:02:11 GMT
Last-Modified
Mon, 09 Oct 2023 17:20:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"65243659-27eac"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163500
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV9MVGC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Oct 2023 15:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
749
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 12 Oct 2023 17:49:42 GMT
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 06 Oct 2023 14:28:02 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"651fef42-11470"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70768
expires
Thu, 12 Oct 2023 17:02:11 GMT
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 12 Oct 2023 16:02:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53364
x-xss-protection
0
pragma
public
x-fb-debug
hgAMCc7eBLHYYCwrdO+AELoJCDJrC6RLaaadPgFlBCaX5WMjHxQZUg2yc28aW3w/tx5xQnp7S3LS0Yrc9mt2uQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 15:25:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
2193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 12 Oct 2023 16:25:38 GMT
424196042576148
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/424196042576148?v=2.9.133&r=stable&domain=stage.youthempowered.ru
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed3c813e0b0791634432001d126c094f859503697604b15cbd685f144bc74d24
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 12 Oct 2023 16:02:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
zmpM1xKdjcfZz8hCefTuPHMUk6HBN+DQ5VWqMH9QI4o1QitSXIH5c+9/iDNgGJ9h9mMCsYOM7jIP9amqQguEJQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1072457294&t=pageview&_s=1&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&ul=en-us&de=UTF-8&dt=Youth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAEO~&jid=909267663&gjid=1648607420&cid=166421332.1697126532&tid=UA-10318504-37&_gid=292241624.1697126532&_r=1&_slc=1&gtm=45He3ab0n81MV9MVGC&cd2=1697126531605.3yu2ujj7&cd1=166421332.1697126532&z=780842769
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f5bb0edb86e5c3dd2873c2c0ac0c0523e9ef397bd3e48586ec513efd0e70c2a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://stage.youthempowered.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10318504-37&cid=166421332.1697126532&jid=909267663&gjid=1648607420&_gid=292241624.1697126532&_u=aGBAAEAiAAAAACAEO~&z=1724013669
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://stage.youthempowered.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 12 Oct 2023 16:02:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		240 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CDN98FTLPN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4284b6c6ed0bc28191918f577b5fa214ada27a16bec8a4eb27bd3dd53408f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85065
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 12 Oct 2023 16:02:11 GMT
collect
region1.google-analytics.com/g/ 		0
259 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CDN98FTLPN&gtm=45je3ab0&_p=1072457294&ul=en-us&sr=1600x1200&cid=166421332.1697126532&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&dt=Youth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83!&sid=1697126531&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_2=1697126531605.3yu2ujj7&ep.ua_dimension_1=166421332.1697126532
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CDN98FTLPN&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:02:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10154.qDcwL9rFcEySF2TDoXA7EISKXkr5-4T2y54gPhdBlWMvPhffii7stcoFfBo1dCM1.WZKAJoBVm8E73fPuoreJM9Aga-8%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10154.xPSMvJ1JR-k47SRBQgSdSwHeeP6fibmc1KDDisE8pNbIAB-0vTSfte4QWu3wSmJ8a3Rwoh6KM61PFMK68TnRMuSaFAs_Xsej9owLIeDWHFg%2C.UhHGgIYo4B4iTESSR941kWtFKTA%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10154.xPSMvJ1JR-k47SRBQgSdSwHeeP6fibmc1KDDisE8pNbIAB-0vTSfte4QWu3wSmJ8a3Rwoh6KM61PFMK68TnRMuSaFAs_Xsej9owLIeDWHFg%2C.UhHGgIYo4B4iTESSR941kWtFKTA%2C
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10154.xPSMvJ1JR-k47SRBQgSdSwHeeP6fibmc1KDDisE8pNbIAB-0vTSfte4QWu3wSmJ8a3Rwoh6KM61PFMK68TnRMuSaFAs_Xsej9owLIeDWHFg%2C.UhHGgIYo4B4iTESSR941kWtFKTA%2C
date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 06 Oct 2023 14:26:04 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"651feecc-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 12 Oct 2023 17:02:12 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=424196042576148&ev=PageView&dl=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&rl=&if=false&ts=1697126531986&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.1.1697126531983.621024778&cs_est=true&ler=empty&it=1697126531765&coo=false&rqm=GET
Requested by
Host: stage.youthempowered.ru
URL: https://stage.youthempowered.ru/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 12 Oct 2023 16:02:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1
mc.yandex.com/watch/52704364/
Redirect Chain
  • https://mc.yandex.com/watch/52704364?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Afu%...
  • https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Af...
454 B
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1668269079137%3Ahid%3A330548794%3Az%3A120%3Ai%3A20231012180211%3Aet%3A1697126532%3Ac%3A1%3Arn%3A1009662498%3Arqn%3A1%3Au%3A169712653250473595%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C70%2C1%2C1156%2C1156%2C1%2C720%2C1%2C%2C%2C%2C1947%3Aco%3A0%3Acpf%3A1%3Ans%3A1697126529506%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697126532%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7a7f437287a38280cb58863d275650e6ef0492e4d0b69f6e0b69bfaf5cf53ee8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 12-Oct-2023 16:02:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Thu, 12-Oct-2023 16:02:12 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 12-Oct-2023 16:02:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/52704364/1?wmode=7&page-url=https%3A%2F%2Fstage.youthempowered.ru%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2028%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1668269079137%3Ahid%3A330548794%3Az%3A120%3Ai%3A20231012180211%3Aet%3A1697126532%3Ac%3A1%3Arn%3A1009662498%3Arqn%3A1%3Au%3A169712653250473595%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C70%2C1%2C1156%2C1156%2C1%2C720%2C1%2C%2C%2C%2C1947%3Aco%3A0%3Acpf%3A1%3Ans%3A1697126529506%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697126532%3At%3AYouth%20Empowered%20%E2%80%93%20%D0%A2%D0%B2%D0%BE%D0%B9%20%D0%BF%D1%83%D1%82%D1%8C%20%D0%BA%20%D1%83%D1%81%D0%BF%D0%B5%D1%85%D1%83%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://stage.youthempowered.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 12-Oct-2023 16:02:12 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10154.xz1eLaxD8a-7h8nu0Ai-OD68HWrMToFGxcExrdEegvoru1fs0-N3Q2Vx8PG1e-GD.IwGChVF1nMJpxnMlwKW6kgF0LXw%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10154.wFQZa1SU49axvS43Us6nv-e6TwoOY2EQ7Ocu_adq9X5TELQyKwMpGarZav5_YuSQl9Id6KPz-iz7z4GlNpzlYGIi3LPkfgnKGT5Z-xclQIg%2C.F59JaKGU7bx7MwStK...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10154.wFQZa1SU49axvS43Us6nv-e6TwoOY2EQ7Ocu_adq9X5TELQyKwMpGarZav5_YuSQl9Id6KPz-iz7z4GlNpzlYGIi3LPkfgnKGT5Z-xclQIg%2C.F59JaKGU7bx7MwStKD7OXXxvL74%2C
Protocol
H2
Server
2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://stage.youthempowered.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10154.wFQZa1SU49axvS43Us6nv-e6TwoOY2EQ7Ocu_adq9X5TELQyKwMpGarZav5_YuSQl9Id6KPz-iz7z4GlNpzlYGIi3LPkfgnKGT5Z-xclQIg%2C.F59JaKGU7bx7MwStKD7OXXxvL74%2C
date
Thu, 12 Oct 2023 16:02:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Color function| Chart object| jsSocials boolean| _rails_loaded function| $ object| gon object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter52704364

17 Cookies

Domain/Path Name / Value
stage.youthempowered.ru/ Name: _youthempowered_ru_session
Value: RWY%2BbPsmuYr6AOBQ106aJrTIejE9ebrZhlCD0B1%2FP8Wcky5wKSU3JZsXdj7Wxuoy%2BbJpEjpofTCUBreriao68Vqh4BOKjx6cacbqk8Slau5s%2BQM%2FRXv6fQIzIqAL5e7MMCcOlQJLQUPx69Ia%2F3Z5uv%2FxinJM2%2B5hfjwoobkIhYwYKAxKYygHbwTt8Ili6doOquiXPlY3Oetyalo2Lt9pv1WqzBXHqllYXskNL3LkkgkbuCqjSG6VOxaa8pt9en7kY6Fv7r3b5BOqF7qlGwWRnIDaohIMgQt9HZ7tEhV7Xt9VZQ%3D%3D--B6yBQR277hxhY3Gu--usDqtt5lVmzCm2afyP8NDA%3D%3D
.youthempowered.ru/ Name: auto
Value: GA1.2.166421332.1697126532
.youthempowered.ru/ Name: auto_gid
Value: GA1.2.292241624.1697126532
.youthempowered.ru/ Name: _gat_UA-10318504-37
Value: 1
.youthempowered.ru/ Name: auto_ga_CDN98FTLPN
Value: GS1.2.1697126531.1.0.1697126531.0.0.0
.youthempowered.ru/ Name: _ym_uid
Value: 169712653250473595
.youthempowered.ru/ Name: _ym_d
Value: 1697126532
.youthempowered.ru/ Name: _fbp
Value: fb.1.1697126531983.621024778
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 419741384fake
.youthempowered.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4250201081fake
mc.yandex.com/ Name: yabs-sid
Value: 2133263901697126532
.yandex.com/ Name: i
Value: gqiNnsHyjuI+f+cjF0GEoeEz/KtC74TnlzEQ7jTmBIDnLsMEhfwDcrrCmNddgQoAyRUNMmkan1Gf1zirXgnB9M+Vw7k=
.yandex.com/ Name: yandexuid
Value: 4989509741697126532
.yandex.com/ Name: yuidss
Value: 4989509741697126532
.yandex.com/ Name: ymex
Value: 1728662532.yrts.1697126532#1728662532.yrtsi.1697126532
.yandex.com/ Name: bh
Value: KgI/MA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
mc.yandex.com
mc.yandex.ru
region1.google-analytics.com
stage.youthempowered.ru
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
185.22.60.56
2001:4860:4802:34::36
2a00:1450:4001:802::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9a
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
0ac03e363439630422f6464fbe35e75db62aa290648815c18e7c198503bb29ff
1d89cac568caf6c13d9a2f1733e1842490f8f33d341f68a33cf9f1614b1b1932
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
4509d37c427b544b0372f1042d47d880ef2f07f0ff8cfd6a54e69d2e168c606e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
576034a52ce02a24155931839fbde48072d8aab9d69ff672d51acef53a81796a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a7f437287a38280cb58863d275650e6ef0492e4d0b69f6e0b69bfaf5cf53ee8
84247578b1a00a6fd6ddfdddb28015d8f7c13587d2582cc828263abc57c2d5f2
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9fc7e984ba3d32e502b522736b3393d2557c6b9f3989173840e5a588e0632055
af04b3138a0239cff270124c55692fb884d33d6df7bad54c4c0645b2ddda3e3c
b7971115d7c5f46dbf4a5defc3d4a128df4bfd9b6b2da3f158d731a0f035ceb4
c822eff42c7f97fc250aaf9134474a5e736d8ea30c90c406b5b8090766d71987
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
e9f630f7f7867f0c53283801947211ac1fd655ce8676559c50009143a27ce888
ed3c813e0b0791634432001d126c094f859503697604b15cbd685f144bc74d24
f4284b6c6ed0bc28191918f577b5fa214ada27a16bec8a4eb27bd3dd53408f95
f5bb0edb86e5c3dd2873c2c0ac0c0523e9ef397bd3e48586ec513efd0e70c2a6