URL: https://lkfl2.nalog.ru/lkfl/messages
Submission: On September 25 via api from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 213.24.64.175, located in Russian Federation and belongs to ROSTELECOM-AS, RU. The main domain is lkfl2.nalog.ru.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on October 9th 2019. Valid for: 2 years.
This is the only time lkfl2.nalog.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 213.24.64.175 12389 (ROSTELECO...)
1 5 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
19 4
Apex Domain
Subdomains
Transfer
13 nalog.ru
lkfl2.nalog.ru
1 MB
5 yandex.ru
mc.yandex.ru
47 KB
1 gstatic.com
www.gstatic.com
137 KB
1 google.com
www.google.com
720 B
19 4
Domain Requested by
13 lkfl2.nalog.ru lkfl2.nalog.ru
5 mc.yandex.ru 1 redirects lkfl2.nalog.ru
mc.yandex.ru
1 www.gstatic.com www.google.com
1 www.google.com lkfl2.nalog.ru
19 4

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
Subject Issuer Validity Valid
www.nalog.ru
Sectigo RSA Extended Validation Secure Server CA
2019-10-09 -
2021-10-09
2 years crt.sh
informer.yandex.ru
Yandex CA
2020-08-27 -
2021-08-27
a year crt.sh
www.google.com
GTS CA 1O1
2020-09-03 -
2020-11-26
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lkfl2.nalog.ru/lkfl/messages
Frame ID: A64ADEE257ED8E6097F6F5AC8534AD87
Requests: 19 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1519 kB
Transfer

5501 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://mc.yandex.ru/watch/23729197?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200925091932%3Aet%3A1601018374%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A567363616880%3Arqn%3A1%3Arn%3A802017470%3Ahid%3A1024220191%3Ads%3A12%2C238%2C61%2C1%2C0%2C0%2C0%2C1251%2C0%2C1938%2C1938%2C%2C1566%3Afp%3A1578%3Agdpr%3A14%3Av%3A1956%3Arqnl%3A1%3Ast%3A1601018374%3Au%3A16010183744178766%3At%3A%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B0%20%E2%80%94%20%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BB%D0%B8%D1%86%D0%B0 HTTP 302
  • https://mc.yandex.ru/watch/23729197/1?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200925091932%3Aet%3A1601018374%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A567363616880%3Arqn%3A1%3Arn%3A802017470%3Ahid%3A1024220191%3Ads%3A12%2C238%2C61%2C1%2C0%2C0%2C0%2C1251%2C0%2C1938%2C1938%2C%2C1566%3Afp%3A1578%3Agdpr%3A14%3Av%3A1956%3Arqnl%3A1%3Ast%3A1601018374%3Au%3A16010183744178766%3At%3A%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B0%20%E2%80%94%20%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BB%D0%B8%D1%86%D0%B0

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set messages
lkfl2.nalog.ru/lkfl/
5 KB
6 KB
Document
General
Full URL
https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
7268c86379b1d34e8b115d6fcbea8e6e5751b16f56c8c667852eba4cdb67ec03

Request headers

Host
lkfl2.nalog.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.11.13
Date
Fri, 25 Sep 2020 07:19:32 GMT
Content-Type
text/html
Content-Length
5503
Last-Modified
Fri, 11 Sep 2020 19:14:09 GMT
Connection
keep-alive
ETag
"5f5bcc81-157f"
Cache-Control
private
Accept-Ranges
bytes
Set-Cookie
f5avrbbbbbbbbbbbbbbbb=NMBNELMPPEBIPNHEOGBAEHDCGIOEFPPGICDPDINKEKIACBNKKDINIEHCJAKDBGLHLLIFGEBFMDNDAFLEKAKANODEFBBABICBOJBJPNPEIACCHHLLGJEDCCPHGEMKDNOG; HttpOnly; secure
watch.js
mc.yandex.ru/metrika/
143 KB
43 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6d7421f0c14f533633764e3afa0c6c035766023981b51afaeec558e1ab18b519
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:32 GMT
Content-Encoding
br
Last-Modified
Thu, 17 Sep 2020 08:53:45 GMT
Server
nginx/1.14.2
ETag
"5f632419-a93f"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
43327
Expires
Fri, 25 Sep 2020 08:19:32 GMT
api.js
www.google.com/recaptcha/
910 B
720 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=ru&onload=onloadReCaptcha&render=explicit
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
71d6e7f0df86943ebf2ed1d10afea346a927357d34e637dd6ebafe293cb33dcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 25 Sep 2020 07:19:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
1; mode=block
expires
Fri, 25 Sep 2020 07:19:32 GMT
31.fd681c54.chunk.js
lkfl2.nalog.ru/lkfl/static/js/
1 MB
412 KB
Script
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/js/31.fd681c54.chunk.js
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
58d4a2dddd3920f097386f6a9489b8a113733b1a7eb7e9468566ab975bb0c5d5

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
W/"5f5a515c-17f6fb"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
private
Connection
keep-alive
main.a9ed1773.chunk.js
lkfl2.nalog.ru/lkfl/static/js/
3 MB
512 KB
Script
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/js/main.a9ed1773.chunk.js
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
3af1d30ea88360cfb0085f92a0244f6e2978ddb3ac2da7db8c864fac1e39fecb

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Sep 2020 19:14:05 GMT
Server
nginx/1.11.13
ETag
W/"5f5bcc7d-2de6fc"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
private
Connection
keep-alive
recaptcha__ru.js
www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/
372 KB
137 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/yXSLJBpiFoTYkexaPhFknpU7/recaptcha__ru.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru&onload=onloadReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea0c30ade96f3b80f9cc50ae0b9c5cc3acc2abaa439f64264a6f3a6b54bf1f4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lkfl2.nalog.ru
Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 22 Sep 2020 16:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226755
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139978
x-xss-protection
0
last-modified
Tue, 22 Sep 2020 00:07:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Sep 2021 16:20:17 GMT
8.d9dd71ab.chunk.js
lkfl2.nalog.ru/lkfl/static/js/
29 KB
7 KB
Script
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/js/8.d9dd71ab.chunk.js
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
a5ce973e4c0f6f06565e0deaf81ffae0129d7197bd983248bb0634027f8ad6e4

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
W/"5f5a515c-7483"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
private
Connection
keep-alive
chunk-Messages.16203832.chunk.js
lkfl2.nalog.ru/lkfl/static/js/
99 KB
19 KB
Script
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/js/chunk-Messages.16203832.chunk.js
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
787a97afb42a6818a0228c75a479d12ed60c8950fc783ea973b9a2275f926129

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
W/"5f5a515c-18d2c"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
private
Connection
keep-alive
main-desktop-1920.e374c433.jpg
lkfl2.nalog.ru/lkfl/static/media/
162 KB
162 KB
Image
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/media/main-desktop-1920.e374c433.jpg
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
909768d72f9245ae2e49894ca335005208f00f11d76dd93a83b51c1c396f37e4

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
"5f5a515c-28628"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
165416
logo-fns@3x.502cac06.png
lkfl2.nalog.ru/lkfl/static/media/
86 KB
86 KB
Image
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/media/logo-fns@3x.502cac06.png
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
22056e72a4054659b73a828489f0c45eb1a085495129efa1f45ea187c8f31ac4

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
"5f5a515c-15768"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87912
eye_white.170bb3b5.svg
lkfl2.nalog.ru/lkfl/static/media/
2 KB
2 KB
Image
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/media/eye_white.170bb3b5.svg
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
1bd7a738b98aa8813926dfc609ee956f86f2dbdc6e3c77b0e1a345fa2fb8a93e

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
"5f5a515c-881"
Content-Type
image/svg+xml
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2177
down-white-30.9e975d07.svg
lkfl2.nalog.ru/lkfl/static/media/
623 B
890 B
Image
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/media/down-white-30.9e975d07.svg
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
c50453d50d2b62f63caed64c8c15f4e428ae5a5685f410a394cff103d3c81c2d

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
"5f5a515c-26f"
Content-Type
image/svg+xml
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
623
DINPro-CondBold.481d38e7.otf
lkfl2.nalog.ru/lkfl/static/media/
127 KB
128 KB
Font
General
Full URL
https://lkfl2.nalog.ru/lkfl/static/media/DINPro-CondBold.481d38e7.otf
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/messages
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
8f0ebe8958bc6c00ef46cc807a1b054a0a77ef2331260c30fbe99f866d4d6ff4

Request headers

Origin
https://lkfl2.nalog.ru
Referer
https://lkfl2.nalog.ru/lkfl/messages
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:33 GMT
Last-Modified
Thu, 10 Sep 2020 16:16:28 GMT
Server
nginx/1.11.13
ETag
"5f5a515c-1fcf8"
Content-Type
application/octet-stream
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
130296
settings
lkfl2.nalog.ru/lkfl/api/v1/
319 B
712 B
XHR
General
Full URL
https://lkfl2.nalog.ru/lkfl/api/v1/settings?objectType=MW
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/static/js/31.fd681c54.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
38f76592f50d2847f935a012a7bb9d763ce9f118db3316c41948de47c0cb5343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Basic dGF4cGF5ZXItYnJvd3Nlcjo3VklQS25aQXR3UUw3Zm10dnUycm5BSFQ2YzM0RGtrRw==

Response headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.11.13
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate, no-cache
Connection
keep-alive
Content-Length
319
X-XSS-Protection
1; mode=block
X-Application-Context
application:8090
Expires
0
settings
lkfl2.nalog.ru/lkfl/api/v1/
654 B
1 KB
XHR
General
Full URL
https://lkfl2.nalog.ru/lkfl/api/v1/settings?objectType=RF
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/static/js/31.fd681c54.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
dc178df97f0e3a50a6a0b6fdf9440679078a92313c426ec552d83eb9a9d2db83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Basic dGF4cGF5ZXItYnJvd3Nlcjo3VklQS25aQXR3UUw3Zm10dnUycm5BSFQ2YzM0RGtrRw==

Response headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.11.13
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate, no-cache
Connection
keep-alive
Content-Length
654
X-XSS-Protection
1; mode=block
X-Application-Context
application:8090
Expires
0
techWork
lkfl2.nalog.ru/lkfl/api/v1/banner/
712 B
1 KB
XHR
General
Full URL
https://lkfl2.nalog.ru/lkfl/api/v1/banner/techWork
Requested by
Host: lkfl2.nalog.ru
URL: https://lkfl2.nalog.ru/lkfl/static/js/31.fd681c54.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.24.64.175 , Russian Federation, ASN12389 (ROSTELECOM-AS, RU),
Reverse DNS
lkfl.nalog.ru
Software
nginx/1.11.13 /
Resource Hash
33cfcdf66824735d15cd3fa257b88ec3a197c23cfca485cf3f8ac717c933879c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization
Basic dGF4cGF5ZXItYnJvd3Nlcjo3VklQS25aQXR3UUw3Zm10dnUycm5BSFQ2YzM0RGtrRw==

Response headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.11.13
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate, no-cache
Connection
keep-alive
Content-Length
712
X-XSS-Protection
1; mode=block
X-Application-Context
application:8090
Expires
0
1
mc.yandex.ru/watch/23729197/
Redirect Chain
  • https://mc.yandex.ru/watch/23729197?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%...
  • https://mc.yandex.ru/watch/23729197/1?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afp...
167 B
717 B
XHR
General
Full URL
https://mc.yandex.ru/watch/23729197/1?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200925091932%3Aet%3A1601018374%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A567363616880%3Arqn%3A1%3Arn%3A802017470%3Ahid%3A1024220191%3Ads%3A12%2C238%2C61%2C1%2C0%2C0%2C0%2C1251%2C0%2C1938%2C1938%2C%2C1566%3Afp%3A1578%3Agdpr%3A14%3Av%3A1956%3Arqnl%3A1%3Ast%3A1601018374%3Au%3A16010183744178766%3At%3A%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B0%20%E2%80%94%20%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BB%D0%B8%D1%86%D0%B0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
22207e7475aced70e479a8b687de962694f446ec44358ec4c99faae1b6c8a752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25-Sep-2020 07:19:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://lkfl2.nalog.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
167
X-XSS-Protection
1; mode=block
Expires
Fri, 25-Sep-2020 07:19:34 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
Last-Modified
Fri, 25-Sep-2020 07:19:34 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://lkfl2.nalog.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/23729197/1?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200925091932%3Aet%3A1601018374%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A567363616880%3Arqn%3A1%3Arn%3A802017470%3Ahid%3A1024220191%3Ads%3A12%2C238%2C61%2C1%2C0%2C0%2C0%2C1251%2C0%2C1938%2C1938%2C%2C1566%3Afp%3A1578%3Agdpr%3A14%3Av%3A1956%3Arqnl%3A1%3Ast%3A1601018374%3Au%3A16010183744178766%3At%3A%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B0%20%E2%80%94%20%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BB%D0%B8%D1%86%D0%B0
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 25-Sep-2020 07:19:34 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 25 Sep 2020 07:19:34 GMT
Last-Modified
Mon, 06 Jul 2020 15:32:05 GMT
Server
nginx/1.14.2
ETag
"5f0343f5-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 25 Sep 2020 08:19:34 GMT
46403490
mc.yandex.ru/watch/
186 B
736 B
XHR
General
Full URL
https://mc.yandex.ru/watch/46403490?wmode=7&page-url=https%3A%2F%2Flkfl2.nalog.ru%2Flkfl%2Flogin&charset=utf-8&browser-info=ti%3A10%3Ans%3A1601018372215%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200925091932%3Aet%3A1601018374%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A253475380851%3Arqn%3A1%3Arn%3A71311690%3Ahid%3A1024220191%3Ads%3A12%2C238%2C61%2C1%2C0%2C0%2C0%2C1251%2C0%2C1938%2C1938%2C%2C1566%3Afp%3A1578%3Awn%3A62769%3Ahl%3A2%3Agdpr%3A14%3Av%3A1956%3Arqnl%3A1%3Ast%3A1601018374%3Au%3A16010183744178766%3App%3A3629563401%3At%3A%D0%9B%D0%B8%D1%87%D0%BD%D1%8B%D0%B9%20%D0%BA%D0%B0%D0%B1%D0%B8%D0%BD%D0%B5%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA%D0%B0%20%E2%80%94%20%D1%84%D0%B8%D0%B7%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B3%D0%BE%20%D0%BB%D0%B8%D1%86%D0%B0
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f440aff71eadcab13d5d432cc47dabd718d6783714c817149914ce5ad2fb4dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lkfl2.nalog.ru/lkfl/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 25 Sep 2020 07:19:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 25-Sep-2020 07:19:34 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://lkfl2.nalog.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Fri, 25-Sep-2020 07:19:34 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| onloadReCaptcha function| onErrorLoadReCaptcha object| webpackJsonplkfl2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| Ya function| setImmediate function| clearImmediate object| regeneratorRuntime string| yaCounterId string| additionalYaCounterId function| _ number| cadesplugin_load_timeout object| __localeData__ object| yaCounter23729197 object| yaCounter46403490

3 Cookies

Domain/Path Name / Value
.nalog.ru/ Name: _ym_uid
Value: 16010183744178766
.nalog.ru/ Name: _ym_d
Value: 1601018374
lkfl2.nalog.ru/lkfl Name: f5avrbbbbbbbbbbbbbbbb
Value: NMBNELMPPEBIPNHEOGBAEHDCGIOEFPPGICDPDINKEKIACBNKKDINIEHCJAKDBGLHLLIFGEBFMDNDAFLEKAKANODEFBBABICBOJBJPNPEIACCHHLLGJEDCCPHGEMKDNOG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

lkfl2.nalog.ru
mc.yandex.ru
www.google.com
www.gstatic.com
213.24.64.175
2a00:1450:4001:801::2003
2a00:1450:4001:824::2004
2a02:6b8::1:119
1bd7a738b98aa8813926dfc609ee956f86f2dbdc6e3c77b0e1a345fa2fb8a93e
22056e72a4054659b73a828489f0c45eb1a085495129efa1f45ea187c8f31ac4
22207e7475aced70e479a8b687de962694f446ec44358ec4c99faae1b6c8a752
33cfcdf66824735d15cd3fa257b88ec3a197c23cfca485cf3f8ac717c933879c
38f76592f50d2847f935a012a7bb9d763ce9f118db3316c41948de47c0cb5343
3af1d30ea88360cfb0085f92a0244f6e2978ddb3ac2da7db8c864fac1e39fecb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d4a2dddd3920f097386f6a9489b8a113733b1a7eb7e9468566ab975bb0c5d5
6d7421f0c14f533633764e3afa0c6c035766023981b51afaeec558e1ab18b519
71d6e7f0df86943ebf2ed1d10afea346a927357d34e637dd6ebafe293cb33dcf
7268c86379b1d34e8b115d6fcbea8e6e5751b16f56c8c667852eba4cdb67ec03
787a97afb42a6818a0228c75a479d12ed60c8950fc783ea973b9a2275f926129
8f0ebe8958bc6c00ef46cc807a1b054a0a77ef2331260c30fbe99f866d4d6ff4
909768d72f9245ae2e49894ca335005208f00f11d76dd93a83b51c1c396f37e4
a5ce973e4c0f6f06565e0deaf81ffae0129d7197bd983248bb0634027f8ad6e4
c50453d50d2b62f63caed64c8c15f4e428ae5a5685f410a394cff103d3c81c2d
dc178df97f0e3a50a6a0b6fdf9440679078a92313c426ec552d83eb9a9d2db83
ea0c30ade96f3b80f9cc50ae0b9c5cc3acc2abaa439f64264a6f3a6b54bf1f4b
f440aff71eadcab13d5d432cc47dabd718d6783714c817149914ce5ad2fb4dd4