urlscan.io logo urlscan.io
SecurityTrails logo

leto.rambler-co.ru Open in urlscan Pro
91.192.148.115  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tools.dsp.rambler.ru/
Effective URL: https://leto.rambler-co.ru/creative/
Submission Tags: sub l4ing ram bler ru mbl Search All
Submission: On February 13 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 91.192.148.115, located in Russian Federation and belongs to BEGUN-AS, RU. The main domain is leto.rambler-co.ru.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on March 24th 2022. Valid for: a year.
This is the only time leto.rambler-co.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.192.149.27 42481 (BEGUN-AS)
7 91.192.148.115 42481 (BEGUN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 91.192.148.11 42481 (BEGUN-AS)
3 5.101.71.73 201589 (EDGEAMLLC)
5 81.19.89.17 24638 (RAMBLER-T...)
1 91.192.149.86 42481 (BEGUN-AS)
1 95.213.158.107 49505 (SELECTEL)
24 8
1    91.192.149.27 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.dsp.rambler.ru
tools.dsp.rambler.ru
7    91.192.148.115 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: leto.rambler-co.ru
leto.rambler-co.ru
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    91.192.148.11 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.dsp.rambler.ru
api.dsp.rambler.ru
3    5.101.71.73 (Armenia)

ASN201589 (EDGEAMLLC, AM)
cdn.carrotquest.io
cdn.carrotquest.app
5    81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
st.top100.ru
kraken.rambler.ru
1    91.192.149.86 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
slack.ad-tech.ru
1    95.213.158.107 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
api.carrotquest.app
Apex Domain
Subdomains		 Transfer
8 rambler.ru
tools.dsp.rambler.ru
api.dsp.rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 23355
7 KB
7 rambler-co.ru
leto.rambler-co.ru
350 KB
3 carrotquest.app
api.carrotquest.app — Cisco Umbrella Rank: 228638
cdn.carrotquest.app — Cisco Umbrella Rank: 269363
21 KB
2 top100.ru
st.top100.ru — Cisco Umbrella Rank: 27875
37 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 93
20 KB
1 ad-tech.ru
slack.ad-tech.ru
263 B
1 carrotquest.io
cdn.carrotquest.io — Cisco Umbrella Rank: 437067
154 KB
0 carrottrack.app Failed
api.carrottrack.app Failed
24 8
Domain Requested by
7 leto.rambler-co.ru leto.rambler-co.ru
4 api.dsp.rambler.ru leto.rambler-co.ru
3 kraken.rambler.ru st.top100.ru
2 cdn.carrotquest.app
2 st.top100.ru leto.rambler-co.ru
st.top100.ru
2 www.google-analytics.com leto.rambler-co.ru
www.google-analytics.com
1 api.carrotquest.app cdn.carrotquest.io
1 slack.ad-tech.ru st.top100.ru
1 cdn.carrotquest.io leto.rambler-co.ru
1 tools.dsp.rambler.ru 1 redirects
0 api.carrottrack.app Failed cdn.carrotquest.io
24 11

This site contains links to these domains. Also see Links.

Domain
reklama.rambler.ru
Subject Issuer Validity Valid
leto.rambler-co.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-24 -
2023-04-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.dsp.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-15 -
2023-04-16		 a year crt.sh
*.carrotquest.io
Sectigo RSA Domain Validation Secure Server CA		 2022-09-19 -
2023-10-06		 a year crt.sh
*.top100.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-03 -
2023-02-14		 a year crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-05-16 -
2023-05-06		 a year crt.sh
slack.ad-tech.ru
R3		 2023-01-18 -
2023-04-18		 3 months crt.sh
*.carrotquest.app
Sectigo RSA Domain Validation Secure Server CA		 2022-09-19 -
2023-10-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://leto.rambler-co.ru/creative/
Frame ID: 0D6A204B50BD15F281A352A7147BDA90
Requests: 24 HTTP requests in this frame

Frame: https://cdn.carrotquest.app/img/ru/collapsed-chat/default/icon-collapsed-chat.png
Frame ID: 63589086EBF16F53EDCA1585B3FE9208
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Предпросмотр креативовimg

Page URL History Show full URLs

  1. http://tools.dsp.rambler.ru/ HTTP 302
    https://leto.rambler-co.ru/creative/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

24
Requests

96 %
HTTPS

13 %
IPv6

8
Domains

11
Subdomains

8
IPs

3
Countries

588 kB
Transfer

1944 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tools.dsp.rambler.ru/ HTTP 302
    https://leto.rambler-co.ru/creative/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leto.rambler-co.ru/creative/
Redirect Chain
  • http://tools.dsp.rambler.ru/
  • https://leto.rambler-co.ru/creative/
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
7102720020cc16194aaa66aa9aa7126aa39cf24513320153ad0c820aa15e511f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
text/html
date
Mon, 13 Feb 2023 13:19:35 GMT
etag
W/"62deadca-190d"
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
x-passed
2bal2

Redirect headers

Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Mon, 13 Feb 2023 13:19:34 GMT
Location
https://leto.rambler-co.ru/creative/
Server
nginx
Strict-Transport-Security
max-age=0
X-Passed
1bal2
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
style-e237d897895d535ca45f.css
leto.rambler-co.ru/creative/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
9c071cc314c2a9f76d4c73a8d4454172b76c44d28d455dc869a237260a372c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/creative/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
etag
W/"62deadca-b1a6"
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
text/css
x-passed
2bal2
app-e237d897895d535ca45f.js
leto.rambler-co.ru/creative/ 		1023 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/app-e237d897895d535ca45f.js
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
de7645d5ed70f88da67a92a3bfe6ec7af5952282fbe2ee09da7070a512eeb62e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/creative/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
etag
W/"62deadca-ffaad"
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
application/javascript
x-passed
2bal2
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 Feb 2023 12:13:14 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3981
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 13 Feb 2023 14:13:14 GMT
auth
api.dsp.rambler.ru/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.dsp.rambler.ru/v1/auth
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.11 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.dsp.rambler.ru
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://leto.rambler-co.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Key,Accept,Origin,Referer,User-Agent,Keep-Alive,X-Api-Token,Content-Type,Cache-Control,Authorization,Accept-Charset,X-Access-Token,Accept-Encoding,Accept-Language,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://leto.rambler-co.ru
Cache-Control
must-revalidate, no-cache, no-store, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 13:19:36 GMT
P3P
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Server
nginx
Strict-Transport-Security
max-age=0
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Passed
2bal1
X-Xss-Protection
0
expires
-1
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
api.min.js
cdn.carrotquest.io/ 		567 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.carrotquest.io/api.min.js
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.71.73 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
8ee92087529f45201b7d62b6598c17ff1810e4347a396a2c796be56112069e56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-id
m9p-up-gc19
date
Mon, 13 Feb 2023 13:19:36 GMT
content-encoding
gzip
last-modified
Fri, 27 Jan 2023 10:38:06 GMT
server
nginx
etag
W/"63d3a98e-8da18"
x-cached-since
2023-02-12T10:40:59+00:00
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800, must-revalidate
cache
HIT
expires
Mon, 13 Feb 2023 13:49:36 GMT
top100.js
st.top100.ru/top100/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
90754a2ff856b3a9c5ed450065523fb1cd2f60d1b10c517dab5f3f66dfcd60f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
content-encoding
gzip
last-modified
Wed, 08 Feb 2023 14:29:34 GMT
server
nginx/1.19.4
x-amz-request-id
tx0000000000002b57b2ac5-0063ea381f-f87fab-default
etag
W/"6c26fdf5ff0049c6c1ca92f1aa77c18b"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
cache-control
max-age=3600
expires
Mon, 13 Feb 2023 14:19:35 GMT
auth
api.dsp.rambler.ru/v1/ 		843 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dsp.rambler.ru/v1/auth
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/app-e237d897895d535ca45f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.11 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.dsp.rambler.ru
Software
nginx /
Resource Hash
df4efc7563bda8c16e362ff15e67cd5d21e3bffe34909e216fac0c85c9adcd88
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://leto.rambler-co.ru/
accept-language
de-DE,de;q=0.9
Authorization
Bearer emlwdG9vbDppSzRTam9sNXBqeENzT3Y=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 13 Feb 2023 13:19:36 GMT
Strict-Transport-Security
max-age=0
x-content-type-options
nosniff
Transfer-Encoding
chunked
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Connection
keep-alive
x-xss-protection
0
pragma
no-cache
Server
nginx
x-frame-options
DENY
access-control-allow-methods
GET,POST,OPTIONS,PUT,PATCH,DELETE,HEAD
Content-Type
application/json
access-control-allow-origin
https://leto.rambler-co.ru
Cache-Control
must-revalidate, no-cache, no-store, private
access-control-allow-credentials
true
X-Passed
2bal1
access-control-allow-headers
DNT,X-Key,Accept,Origin,Referer,User-Agent,Keep-Alive,X-Api-Token,Content-Type,Cache-Control,Authorization,Accept-Charset,X-Access-Token,Accept-Encoding,Accept-Language,X-Requested-With,If-Modified-Since
expires
-1
api
leto.rambler-co.ru/leto/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/leto/api
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/app-e237d897895d535ca45f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
2d9616afd23f48d562865c6e63d8ca747b7e02b7bc6b536f8ac50ec2267f7f37

Request headers

Accept
application/json
Referer
https://leto.rambler-co.ru/creative/new
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 13 Feb 2023 13:19:36 GMT
cache-control
no-cache, private
content-encoding
gzip
x-passed
2bal2
server
nginx
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
application/json
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d74b794e5ec1d69fe98764ab3803d7b26e66868e474e7d705c8baa6fe3a0de20

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		370 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
754064d12fdbecfa4e600147460b014a6c682f6ce2263314b2691aecfe1da6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b890fbbc614ca3ccdb0de2cb6b8fa8141331f83d07085fa37079ae89390a1504

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0a4921c5b521c15b210b7b8fb3801ca638443f24f9dc22581754ca95ada67e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/svg+xml
roboto-regular.woff2
leto.rambler-co.ru/creative/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/fonts/roboto-regular.woff2
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
094200f2d29103a679d7255326c73deb6cf303dbcdb5ed714ff4e5d034ed4836

Request headers

Referer
https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Origin
https://leto.rambler-co.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
etag
"62deadca-55d0"
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
font/woff2
x-passed
2bal2
accept-ranges
bytes
content-length
21968
roboto-light.woff2
leto.rambler-co.ru/creative/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/fonts/roboto-light.woff2
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
fa3b1901e181c693f21a2f1f6679968cdf3a1e75153f1ac3305bc4ec48bdf12d

Request headers

Referer
https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Origin
https://leto.rambler-co.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
etag
"62deadca-5594"
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
font/woff2
x-passed
2bal2
accept-ranges
bytes
content-length
21908
lato-regular.woff2
leto.rambler-co.ru/creative/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leto.rambler-co.ru/creative/fonts/lato-regular.woff2
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.115 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
leto.rambler-co.ru
Software
nginx /
Resource Hash
5d57dccead3b59ea8bb973bd058a1e97e9bce02a09cc05d787af5c93f7c0216c

Request headers

Referer
https://leto.rambler-co.ru/creative/style-e237d897895d535ca45f.css
Origin
https://leto.rambler-co.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:35 GMT
last-modified
Mon, 25 Jul 2022 14:50:50 GMT
server
nginx
etag
"62deadca-cfa8"
content-security-policy-report-only
default-src 'self'; script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net; style-src 'report-sample' 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net; object-src 'self'; connect-src 'self' wss: https://api.dsp.rambler.ru https://kraken.rambler.ru https://api.carrotquest.app https://api.carrottrack.app https://realtime-services-chat-1.carrotquest.app https://www.google-analytics.com https://www.facebook.com; font-src 'self' data: https://fonts.gstatic.com https://cdn.carrotquest.app; img-src 'self' data: https://kraken.rambler.ru https://api.dsp.rambler.ru https://cdn.carrotquest.app https://files.carrotquest.io https://www.facebook.com https://web.facebook.com https://www.google-analytics.com; worker-src 'self'; frame-src https://www.facebook.com https://web.facebook.com https://adtech.media.eagleplatform.com; media-src https://files.carrotquest.app; report-uri https://slack.ad-tech.ru/_csp
content-type
font/woff2
x-passed
2bal2
accept-ranges
bytes
content-length
53160
collect
www.google-analytics.com/j/ 		3 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1026974269&t=pageview&_s=1&dl=https%3A%2F%2Fleto.rambler-co.ru%2Fcreative%2Fnew&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1051182189&gjid=1003281776&cid=447307834.1676294376&tid=UA-8038853-36&_gid=964052752.1676294376&_r=1&_slc=1&z=1908020072
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leto.rambler-co.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Feb 2023 13:19:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leto.rambler-co.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
userip
kraken.rambler.ru/ 		12 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
361013f14048242b449118364082c02135e5430ba7f3dba02d81d3dfee184367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://leto.rambler-co.ru
date
Mon, 13 Feb 2023 13:19:36 GMT
content-type
application/octet-stream, text/plain
server
nginx/1.19.4
x-srv
1kraken-prod0003.ad.rambler.tech
content-length
12
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
_csp
slack.ad-tech.ru/ 		0
263 B 		Other
General
Check archive.org
Download Go to
Full URL
https://slack.ad-tech.ru/_csp
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.86 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://leto.rambler-co.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/csp-report

Response headers

Date
Mon, 13 Feb 2023 13:19:36 GMT
Strict-Transport-Security
max-age=0
X-Passed
1bal2
Server
nginx
Connection
keep-alive
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
usability.js
st.top100.ru/top100/3.13.8/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/3.13.8/usability.js
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
05731bf462ccb356ee8113606a1960be12dae10bd1c7001da61e6f0f92fded62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Feb 2023 14:29:34 GMT
server
nginx/1.19.4
x-amz-request-id
tx0000000000002b57a3a3e-0063ea3700-f87fab-default
etag
W/"99710dbdb5ab5abc8052ba277efd0249"
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type
Normal
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jsconnect
api.carrotquest.app/v1/ 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.carrotquest.app/v1/jsconnect
Requested by
Host: cdn.carrotquest.io
URL: https://cdn.carrotquest.io/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.213.158.107 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e25275b8acf35974c038db2595a121e3e42729e2257ba4219b0a93398042284d

Request headers

Referer
https://leto.rambler-co.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary4PaqnU0TBWgURR9i

Response headers

date
Mon, 13 Feb 2023 13:19:34 GMT
content-encoding
gzip
server
nginx
allow
OPTIONS, POST, GET
vary
Origin
content-type
application/json
access-control-allow-origin
https://leto.rambler-co.ru
access-control-allow-credentials
true
/
kraken.rambler.ru/cnt/ 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&v=3.13.8&pid=4444817&tid=t1.4444817.1398354625.1676294376134&rid=1676294376.134-2024239278&fid=pA8AAENKs1d0ZwpqAeOumgA%3D&fip=pA8AAENKs1cYeahWAaQuuQA%3D&eid=221843764222956&aduid=79cd3be6-3785-424b-83b1-2a9f5b9d7b20&aduidsc=rambler-co.ru&stid=1052181748_1676294376136&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=%D0%9F%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Fleto.rambler-co.ru%2Fcreative%2Fnew&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1583703465
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:36 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
server
nginx/1.19.4
x-srv
1kraken-prod0002.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
595
sizes
api.dsp.rambler.ru/v1/creative/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.dsp.rambler.ru/v1/creative/sizes?perPage=9999
Requested by
Host: leto.rambler-co.ru
URL: https://leto.rambler-co.ru/creative/app-e237d897895d535ca45f.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.11 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.dsp.rambler.ru
Software
nginx /
Resource Hash
2708e5473c7e2f811d9a91082c9aa926d64d911843464a3634215956cb4f7c39
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://leto.rambler-co.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
X-Api-Token
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2NzYyOTQzNzYsImV4cCI6MTY3NjM4MDc3NiwiZGF0YSI6eyJ1c2VybmFtZSI6InppcHRvb2wifX0.hJYJhxXaJP_NAmiXPcqCVdEaFLn8TJckDiIUlPsYugAbrqN8ACjrUPYlFwQEaEVbALTZe2MdAj5TsusUkU8yUUhcqdhALZO-AH_UqzDc0nLsCSZXU626HBe1HJQR1AI87zRhjghyQO7dWOd8JLo5BIjfb2v8OoXDzhJwTW48kEQCXVn_NO6C0BN0oGd3-pHcv_6rp2Tcf0umNCJ0EhrhPISvRdlki5shlJWFZzDThEdsX3P5lykkqrDGHJE8S-h-dYdpwjokA9R6RgaAZ7QxzLjTMnnKc4um-NFiGKDYDVkoJp58GrLxOulhD7ZL4DTdjej6amJ_Qxxzz37MXgPcxs4KQFSGg2lO6Yo0Cwi07XAnHDdvum3OnorpNfkdJbVXVr7AIYZau2aptRM9aPyNxABMkVzOvUUs24qgteZFi3CsnHeOXTUQfWAmC09QqdzCoo1ajIE_YfSGYC06aP0Ij2D8YqlLQLJosZIKtFb4hu99mNRv0lPPEddgdkhsSjVlCjGXVgoaevgVjJA-8Z5voiiPQeWhms56a4i9axO8QfedNVX3Vkn1p1JzIEZcrI_tTfbIfI0JnNq4bjnBc1I9yawrs4iWu1bCu_4sBfn6AhhfpEdmIdUFATsJ8WHIEXWR112LbqpPOICufpA_Ksgnh1fZi3uBt_vPCSpj9QKHcoY

Response headers

Date
Mon, 13 Feb 2023 13:19:36 GMT
Strict-Transport-Security
max-age=0
x-content-type-options
nosniff
Transfer-Encoding
chunked
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Connection
keep-alive
x-xss-protection
0
pragma
no-cache
Server
nginx
x-frame-options
DENY
access-control-allow-methods
GET,POST,OPTIONS,PUT,PATCH,DELETE,HEAD
Content-Type
application/json
access-control-allow-origin
https://leto.rambler-co.ru
Cache-Control
must-revalidate, no-cache, no-store, private
access-control-allow-credentials
true
X-Passed
2bal1
access-control-allow-headers
DNT,X-Key,Accept,Origin,Referer,User-Agent,Keep-Alive,X-Api-Token,Content-Type,Cache-Control,Authorization,Accept-Charset,X-Access-Token,Accept-Encoding,Accept-Language,X-Requested-With,If-Modified-Since
expires
-1
sizes
api.dsp.rambler.ru/v1/creative/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.dsp.rambler.ru/v1/creative/sizes?perPage=9999
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.148.11 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
zvezda.dsp.rambler.ru
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-token
Access-Control-Request-Method
GET
Origin
https://leto.rambler-co.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Key,Accept,Origin,Referer,User-Agent,Keep-Alive,X-Api-Token,Content-Type,Cache-Control,Authorization,Accept-Charset,X-Access-Token,Accept-Encoding,Accept-Language,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods
GET,POST,OPTIONS,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://leto.rambler-co.ru
Cache-Control
must-revalidate, no-cache, no-store, private
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Feb 2023 13:19:36 GMT
P3P
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Server
nginx
Strict-Transport-Security
max-age=0
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Passed
2bal1
X-Xss-Protection
0
expires
-1
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma
no-cache
/
kraken.rambler.ru/cnt/v2/ 		595 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=4444817&session_id=1052181748_1676294376136&session_number=1&session_event_number=1&version=3.13.8&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.4444817.1398354625.1676294376134&adtech_uid=79cd3be6-3785-424b-83b1-2a9f5b9d7b20&adtech_uid_scope=rambler-co.ru&fingerprint=pA8AAENKs1d0ZwpqAeOumgA%3D&fingerprint_ip=pA8AAENKs1cYeahWAaQuuQA%3D&url=https%3A%2F%2Fleto.rambler-co.ru%2Fcreative%2Fnew&request_id=1676294376.134-2024239278&event_id=221843764222956&meta=%7B%22title%22%3A%22%D0%9F%D1%80%D0%B5%D0%B4%D0%BF%D1%80%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%20%D0%BA%D1%80%D0%B5%D0%B0%D1%82%D0%B8%D0%B2%D0%BE%D0%B2%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=1099424520
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leto.rambler-co.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 13:19:36 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
server
nginx/1.19.4
x-srv
1kraken-prod0002.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
595
icon-collapsed-chat.png
cdn.carrotquest.app/img/ru/collapsed-chat/default/ Frame 6358 		1020 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.carrotquest.app/img/ru/collapsed-chat/default/icon-collapsed-chat.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.71.73 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
999879d479af516ceed6e522eb26ad9eb6158277da66412df51f263c3abf762d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-id
m9p-up-gc19
date
Mon, 13 Feb 2023 13:19:37 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 08:08:10 GMT
server
nginx
etag
W/"63d234ea-3fc"
x-cached-since
2023-01-27T10:40:03+00:00
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, must-revalidate
cache
HIT
expires
Mon, 13 Feb 2023 13:49:37 GMT
pat-6.png
cdn.carrotquest.app/img/themes/default/patterns/ Frame 6358 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.carrotquest.app/img/themes/default/patterns/pat-6.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.101.71.73 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
359749bf7b35743d711d747ff8a2e4e17c270aab78a2c27dc2bca9a223b5dd91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-id
m9p-up-gc19
date
Mon, 13 Feb 2023 13:19:37 GMT
content-encoding
gzip
last-modified
Thu, 26 Jan 2023 08:08:10 GMT
server
nginx
etag
W/"63d234ea-44b0"
x-cached-since
2023-01-27T10:40:04+00:00
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1800, must-revalidate
cache
HIT
expires
Mon, 13 Feb 2023 13:49:37 GMT
events
api.carrottrack.app/users/$self_user/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.carrottrack.app
URL
https://api.carrottrack.app/users/$self_user/events

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange string| GoogleAnalyticsObject function| ga object| carrotquest number| PROJECT_ID object| _top100q function| webpackHotUpdate object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| Velocity object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Kraken function| top100 object| top100Counter object| _top100 object| carrrot object| dashly object| carrotquestasyncapi

15 Cookies

Domain/Path Name / Value
.rambler-co.ru/ Name: _ga
Value: GA1.2.447307834.1676294376
.rambler-co.ru/ Name: _gid
Value: GA1.2.964052752.1676294376
.rambler-co.ru/ Name: _gat
Value: 1
.rambler-co.ru/ Name: adtech_uid
Value: 79cd3be6-3785-424b-83b1-2a9f5b9d7b20%3Arambler-co.ru
.rambler-co.ru/ Name: top100_id
Value: t1.4444817.1398354625.1676294376134
.rambler-co.ru/ Name: last_visit
Value: 1676294376137%3A%3A1676294376137
.rambler-co.ru/ Name: carrotquest_session
Value: glk7beagyswwidcosh0u6a8nkg9atnhq
.rambler-co.ru/ Name: t3_sid_4444817
Value: s1.1052181748.1676294376136.1676294376423.1.2
leto.rambler-co.ru/ Name: PHPSESSID
Value: fc51798c9c253d960530f76de6b31101
.rambler.ru/ Name: ruid
Value: 1CIAAOg46mNpjfemAQLzvgB=
.rambler-co.ru/ Name: carrotquest_session_started
Value: 1
.rambler-co.ru/ Name: carrotquest_device_guid
Value: a1d827f4-502f-4a18-b3ad-2a660944ca5b
.rambler-co.ru/ Name: carrotquest_uid
Value: 1377295152950805910
.rambler-co.ru/ Name: carrotquest_auth_token
Value: user.1377295152950805910.5432-53a4826935577550931fbf75ed4.1023d69544c44f1d5ec89a055ab8f022b4c3d1e852b73975
.rambler-co.ru/ Name: carrotquest_realtime_services_transport
Value: wss

1 Console Messages

Source Level URL
Text
security error URL: https://st.top100.ru/top100/top100.js
Message:
[Report Only] Refused to load the script 'https://st.top100.ru/top100/3.13.8/usability.js' because it violates the following Content Security Policy directive: "script-src 'report-sample' 'self' 'unsafe-inline' 'unsafe-eval' https://st.top100.ru/top100/top100.js https://cdn.carrotquest.io/api.min.js https://connect.facebook.net/ https://www.facebook.com https://www.google-analytics.com/analytics.js https://cdn.jsdelivr.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.carrotquest.app
api.carrottrack.app
api.dsp.rambler.ru
cdn.carrotquest.app
cdn.carrotquest.io
kraken.rambler.ru
leto.rambler-co.ru
slack.ad-tech.ru
st.top100.ru
tools.dsp.rambler.ru
www.google-analytics.com
api.carrottrack.app
2a00:1450:4001:82f::200e
5.101.71.73
81.19.89.17
91.192.148.11
91.192.148.115
91.192.149.27
91.192.149.86
95.213.158.107
05731bf462ccb356ee8113606a1960be12dae10bd1c7001da61e6f0f92fded62
094200f2d29103a679d7255326c73deb6cf303dbcdb5ed714ff4e5d034ed4836
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2708e5473c7e2f811d9a91082c9aa926d64d911843464a3634215956cb4f7c39
2d9616afd23f48d562865c6e63d8ca747b7e02b7bc6b536f8ac50ec2267f7f37
359749bf7b35743d711d747ff8a2e4e17c270aab78a2c27dc2bca9a223b5dd91
361013f14048242b449118364082c02135e5430ba7f3dba02d81d3dfee184367
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d57dccead3b59ea8bb973bd058a1e97e9bce02a09cc05d787af5c93f7c0216c
7102720020cc16194aaa66aa9aa7126aa39cf24513320153ad0c820aa15e511f
754064d12fdbecfa4e600147460b014a6c682f6ce2263314b2691aecfe1da6bb
8ee92087529f45201b7d62b6598c17ff1810e4347a396a2c796be56112069e56
90754a2ff856b3a9c5ed450065523fb1cd2f60d1b10c517dab5f3f66dfcd60f1
9955e76a0aa0414abf703f10e87d93722c71f3fa57c82eb7531c9473d9ef72fc
999879d479af516ceed6e522eb26ad9eb6158277da66412df51f263c3abf762d
9c071cc314c2a9f76d4c73a8d4454172b76c44d28d455dc869a237260a372c56
a0a4921c5b521c15b210b7b8fb3801ca638443f24f9dc22581754ca95ada67e2
b890fbbc614ca3ccdb0de2cb6b8fa8141331f83d07085fa37079ae89390a1504
d74b794e5ec1d69fe98764ab3803d7b26e66868e474e7d705c8baa6fe3a0de20
de7645d5ed70f88da67a92a3bfe6ec7af5952282fbe2ee09da7070a512eeb62e
df4efc7563bda8c16e362ff15e67cd5d21e3bffe34909e216fac0c85c9adcd88
e25275b8acf35974c038db2595a121e3e42729e2257ba4219b0a93398042284d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa3b1901e181c693f21a2f1f6679968cdf3a1e75153f1ac3305bc4ec48bdf12d