w.gaskmedics.com Open in urlscan Pro
104.21.61.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://a.4apps.click/i/5f6f2a67?cid=$%7Bsubid%7D
Effective URL:
https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Submission: On January 23 via api (January 23rd 2024, 12:58:25 am UTC) from US — Scanned from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 104.21.61.48, located in and belongs to CLOUDFLARENET, US. The main domain is w.gaskmedics.com.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.

This is the only time w.gaskmedics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.181.42 172.67.181.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	104.21.61.48 104.21.61.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 11	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
22	3

1 172.67.181.42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.4apps.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.21.61.48 (None, )

ASN13335 (CLOUDFLARENET, US)

w.gaskmedics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 87.250.250.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	gaskmedics.com w.gaskmedics.com	159 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	71 KB
1	4apps.click a.4apps.click — Cisco Umbrella Rank: 926566	1002 B
22	4

	Domain	Requested by
13	w.gaskmedics.com	a.4apps.click w.gaskmedics.com
9	mc.yandex.com	2 redirects w.gaskmedics.com mc.yandex.ru
2	mc.yandex.ru	1 redirects w.gaskmedics.com
1	a.4apps.click
22	4

This site contains no links.

Subject Issuer	Validity	Valid
gaskmedics.com GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Frame ID: 0393C53C9A7C2579F7FE017C693FE0AD
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exclusive 5G mobile offer

Page URL History Show full URLs

http://a.4apps.click/i/5f6f2a67?cid=$%7Bsubid%7D Page URL
https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268 Page URL

Detected technologies

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

233 kB
Transfer

483 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://a.4apps.click/i/5f6f2a67?cid=$%7Bsubid%7D Page URL
https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10256.LrKgD_VpFV7Mqwp4r_g8tAaN-uRjv6XVS0YF2L3IDbRoi-SNTjk1vJD2e_JS2iLG.sB449HuATUkukEvUiYRvzF8SqPI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10256.44KXwjQ3uBVlB8be19-y5oQEREyI8LqgJNk3v8aUzSxuRdnM2PYOcYmUyF13CmoGshb7F_JAZaYLKt-2B1c-xHjPSGx20Um-KuVl9mXhrMevDQqxsRj6TJlNUm7cAcUqpvOl6LmMjMsuR4ATDCH_FtPGbCzEW7ec_hm8NBF88jd9RDOxyd6T32Kv421e7ikGoYlqcbz_lEFtiHXYHayDFCYnebjMBZgAOUxYDkV3EeY%2C.PhymdmjCONRfketgZprIqnZi8gw%2C

Request Chain 16

https://mc.yandex.com/watch/82571071?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145821%3Aet%3A1705971501%3Ac%3A1%3Arn%3A438010212%3Arqn%3A1%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C171%2C1380%2C1%2C1%2C0%2C%2C634%2C0%2C%2C%2C%2C2202%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Afp%3A2201%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971502%3At%3AExclusive%205G%20mobile%20offer&t=gdpr(14)mc(g-1-p-1-up-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/82571071/1?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145821%3Aet%3A1705971501%3Ac%3A1%3Arn%3A438010212%3Arqn%3A1%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C171%2C1380%2C1%2C1%2C0%2C%2C634%2C0%2C%2C%2C%2C2202%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Afp%3A2201%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971502%3At%3AExclusive%205G%20mobile%20offer&t=gdpr%2814%29mc%28g-1-p-1-up-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 5f6f2a67
a.4apps.click/i/ 593 B
1002 B 704ms
605ms Document
text/html 172.67.181.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a.4apps.click/i/5f6f2a67?cid=$%7Bsubid%7D
Protocol: HTTP/1.1
Server: 172.67.181.42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 849c16602db52f7c-LAX
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jan 2024 00:58:17 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Von0sZFyFZjqi83FKShP9cISsEKofA97XfXcZIs9KqL1Xazcm4Rjr3IjkqP9cnf%2BfVFRgBhIHrXMD9FH5ou4GBWmW1rKMgvayPWSn3SJifOix9bsBO9KBWUstrcmSKY"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request / Show response
w.gaskmedics.com/gr/mb/ 5 KB
2 KB 1566ms
1380ms Document
text/html 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Requested by: Host: a.4apps.click
URL: http://a.4apps.click/i/5f6f2a67?cid=$%7Bsubid%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf5ddbe15707b2daeb134290e86b87121125c9e6fd8f660c99eedd14d3be1d12

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 849c16655d666a29-LAX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 23 Jan 2024 00:58:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgWkyi0lt9EMGd9de3s%2BbDzi%2BHWAjr2yrY8F56oJwe%2Bky02s8VUQrfXK7wV2A9U1%2B2rxCc8NH%2BblvGBzIbH6RKipvOlRhFzeIDtmOIYgl2uEA%2FwEgDp2QmicHDTdBQRw6BW4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
w.gaskmedics.com/gr/mb/css/ 4 KB
2 KB 583ms
581ms Stylesheet
text/css 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/gr/mb/css/style.css?v-2.4
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58223742b7bc97fba1116198487d367464a18335818f41c8760cb0b0038b4dd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651c7532-10be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiscmWmEW0VvjtFIwIH%2FyZNkEYC9GY9gxD1hhYvV0Rp8aFaMSe8ZlH%2BNgU5Ii2GXBeU7w5kfsX7W%2FrOdsEzebojs0Bab7SZFWjrR5tuk9wyZDGVbi%2BXouj7fdel92u7bqVYD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 849c166e0b906a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 00:58:19 GMT

GET
H2 200 cosmote.png
w.gaskmedics.com/gr/mb/images/ 13 KB
13 KB 569ms
568ms Image
image/png 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/gr/mb/images/cosmote.png
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e04b185f7e4eadc875fbcbef62099adfa53da379ce0204a4451cb75ae2a3e6a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651c7536-335a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BjNLu4Yc5XLjpi51sybmyogfRARy1LUFJWuGDHaUcfKazaLNBDcY%2BIGlqVWmqgyswWU4aGvzmxqLxU39E7b2l0wyqXVL%2FVMgPVe5bBzYKqrkWuh774GECU4Y%2B9wNAmWrGpt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 849c166e0b916a29-LAX
alt-svc: h3=":443"; ma=86400
content-length: 13146
expires: Wed, 22 Jan 2025 00:58:19 GMT

GET
H2 200 vodafone.png
w.gaskmedics.com/gr/mb/images/ 8 KB
8 KB 415ms
415ms Image
image/png 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/gr/mb/images/vodafone.png
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bedbb3c9f2366d55c617167b9bf01cdbaf3a59d8f005ebc3a37fdaa31250a2ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651c7539-1e81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATKFv0YtNQorRj6OAJcSQBsu9RoRWdGBhMnCp2zw%2FBYw2Aki1CbvsetAP%2Bh2XmDppe2iee88wWqGHUL46vEu11XG8frnauCCPbk6NhxspOmETda1aR6hy2Dg107ZAhnrhnFm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 849c166e0b936a29-LAX
alt-svc: h3=":443"; ma=86400
content-length: 7809
expires: Wed, 22 Jan 2025 00:58:19 GMT

GET
H2 200 nova.svg
w.gaskmedics.com/gr/mb/images/ 2 KB
1 KB 1054ms
1052ms Image
image/svg+xml 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/gr/mb/images/nova.svg
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed7858c8d852a69d4b8f1fa29060e2a0735b993a30e11a9b83b111f40a2db11

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651c7538-731"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT1P9aYqrUxbLCF%2F%2F6WedFoS2fuqNVfRggzAdvINz0rytQ4neygPA%2FkBtpfGq%2F6kHCxgueFNhxMvEFO6hDbRuirrMSBYVzJXRldNXQWxADLW8wgHMjXNh9q5kcCh2SJ6zVGF"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 849c166e2bdc6a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 00:58:20 GMT

GET
H2 200 jquery.min.js Show response
w.gaskmedics.com/__js/ 88 KB
32 KB 97ms
95ms Script
application/javascript 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/__js/jquery.min.js
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 19:57:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35655
etag: W/"651c723e-15f5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SpgztmaqDDASWhPClhic2R4PS435ntTQNK0%2Bc3Gpyy3DbQBwU4AOxZ4kgIYD4RhatnDsp6cXZstwBq%2FEqPC5U2mHIjMZVuk7PDyg0m%2Bh6C0e1pbI1qD04b%2F7mGPvf3xF1G%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 849c166e2bde6a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 Jan 2025 15:04:04 GMT

GET
H2 200 jquery.inputmask.bundle.min.js Show response
w.gaskmedics.com/__js/ 71 KB
24 KB 190ms
189ms Script
application/javascript 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/__js/jquery.inputmask.bundle.min.js
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96f09c6d0b128d5c052268f1af3954b987d403949052e162a2e462ff66ad3607

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Oct 2023 19:57:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35653
etag: W/"651c723d-11b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjP3Ze3sQ24hzJ47lxj8VufbwoGOO8Pn1Rf%2BUfMYnsUU8Bbt7lb3vA%2BHYS5wwc3UzqbQYGM02Y%2FDDWUeP5WA9ijT96wj%2FKvMsxAEJeg58BuAQ7y9cFK9z8H5L1UKwAzfG%2BJz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 849c166e2be16a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Tue, 21 Jan 2025 15:04:06 GMT

GET
H2 200 handler-v6.js Show response
w.gaskmedics.com/__js/ 13 KB
4 KB 420ms
419ms Script
application/javascript 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/__js/handler-v6.js?v=2007
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6f72547997a69797eb26787fc8b5c8f6c99fbe58cb1b3116ce300fd1d26102

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 20:26:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6553d803-35cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iMRzcjzXeEoxgre1XPd8OCbU7TvmUr40DFPgfuGL2FBOK24fwjXYX%2BXRpXV1KPApXVOYO%2F2ITmyKgYFRstZwdEYVC2tyBE%2FpLZb4EqPtPOp%2Bh9SgXiBFDiUlNWZ7BpNy70v"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 849c166e2be36a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 00:58:19 GMT

GET
H2 200 main.js Show response
w.gaskmedics.com/gr/mb/js/ 5 KB
2 KB 588ms
588ms Script
application/javascript 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w.gaskmedics.com/gr/mb/js/main.js?v=4
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/?p1=5f6f2a67&p2=W80U9esfefWRpYnVz3eyQ=&q=13235&hash=9facb551febff268
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bb2251baaef2f4a7dc98712e15f6c9455657de00f37ad24c0a70424fe523e8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:19 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"651c753a-12f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m7Lg9Tn6uNjUw6fRKMcFGWinT%2FIxvwSd%2F36vcFlKl8bNrkj6pUqC6oFQjc2p%2BfYwY8%2Fmm8JEX1GuvDO57DntQhqa9m2xJv1tTGUoGi7JJ9DMzkwXx7riE6Rz2sUpVsvgxux"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 849c166e2be76a29-LAX
alt-svc: h3=":443"; ma=86400
expires: Wed, 22 Jan 2025 00:58:19 GMT

GET
H3 200 app.jpg
w.gaskmedics.com/gr/mb/images/ 70 KB
70 KB 2220ms
2219ms Image
image/jpeg 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/gr/mb/images/app.jpg
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/gr/mb/css/style.css?v-2.4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7396b743c518ac82f80e53c94f0d15a48286853715ab742be9fd6455476ec4dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://w.gaskmedics.com/gr/mb/css/style.css?v-2.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Oct 2023 20:10:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "651c7534-11678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7sB81CY2xtqXWvjDkmoY3gsJrERIHf7lAQwbBXROZSW1Sv64%2FNEF%2FpsGLWoh87Y1w3T1VyWWaLbTUkQrhuhRAJG7A%2Fb3h1Y0skGLDdgdjm7CUBYKSbcIx12g21xwgyncHDS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 849c1671bd072ef3-LAX
alt-svc: h3=":443"; ma=86400
content-length: 71288
expires: Wed, 22 Jan 2025 00:58:21 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 204 KB
71 KB 1180ms
482ms Script
application/javascript 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:13:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65ae77f0-11838"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71736
expires: Tue, 23 Jan 2024 01:58:20 GMT

GET
H3 200 ping.php
w.gaskmedics.com/ 0
433 B 1732ms
1732ms Image
text/html 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/ping.php?id=Q0MlEVelNjeW5WWwJ1VmVmZzVWOVBDOX1jMwZyN2EmMmZjZ10TMw9DO2IjZmJWZmFTN1I2YhZWO6ozZ=6128
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gU68C5gXxfy6nR2h2OvGvFnQc0UvrVsx3de7m908X5HDFQJPk%2FzbPWcrqDX9di3SMD4yVpOBTykqXuPy4PPfKHVAdNKwy3euiuNllOcF%2FNLHXhHAe7O4ykU7XbnhMLl02oN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 849c16728e0b2ef3-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 ping.php
w.gaskmedics.com/ 0
403 B 1534ms
1533ms Image
text/html 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/ping.php?id=Q0MlEVelNjeW5WWwJ1VmVmZzVWOVBDOX1jMwZyN2EmMmZjZ10TMw9DO2IjZmJWZmFTN1I2YhZWO6ozZ=1995
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlUnoauQGaBe%2Bn%2FWn7n7fXP%2BNQPUflMWc6OXGjjkIpKOaLOg2Uht83PmJjmp%2F%2FdrnNsp1WKODxle5ieQEo41o2NtNGl6%2B%2B9j2%2Ftstae%2BuPna1Paa9xbSFSuLvsCiEj5S4ocL"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 849c1673cfc82ef3-LAX
alt-svc: h3=":443"; ma=86400

GET
H3 200 ping.php
w.gaskmedics.com/ 0
401 B 1377ms
1376ms Image
text/html 104.21.61.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.gaskmedics.com/ping.php?id=Q0MlEVelNjeW5WWwJ1VmVmZzVWOVBDOX1jMwZyN2EmMmZjZ10TMw9DO2IjZmJWZmFTN1I2YhZWO6ozZ=6041
Requested by: Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.61.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydcihn5wHnnnBpNbPdB8hGlEm90CS7yq22qVEn37F%2BE6Bj0z1FMRWLguTBYEijahZ%2BdO9UhxOiXjUT%2FPefdVKMNqiNV4Sw1Qb6kAeG2Xrq8XYTW%2BooO6AfxWyXiLhX%2Bodpu0"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 849c1675093a2ef3-LAX
alt-svc: h3=":443"; ma=86400

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10256.LrKgD_VpFV7Mqwp4r_g8tAaN-uRjv6XVS0YF2L3IDbRoi-SNTjk1vJD2e_JS2iLG.sB449HuATUkukEvUiYRvzF8SqPI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10256.44KXwjQ3uBVlB8be19-y5oQEREyI8LqgJNk3v8aUzSxuRdnM2PYOcYmUyF13CmoGshb7F_JAZaYLKt-2B1c-xHjPSGx20Um-KuVl9mXhrMevDQqxsRj6TJlNUm7cAcUqpvOl6LmMjM...

43 B
671 B

278ms
278ms

Image
image/gif

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10256.44KXwjQ3uBVlB8be19-y5oQEREyI8LqgJNk3v8aUzSxuRdnM2PYOcYmUyF13CmoGshb7F_JAZaYLKt-2B1c-xHjPSGx20Um-KuVl9mXhrMevDQqxsRj6TJlNUm7cAcUqpvOl6LmMjMsuR4ATDCH_FtPGbCzEW7ec_hm8NBF88jd9RDOxyd6T32Kv421e7ikGoYlqcbz_lEFtiHXYHayDFCYnebjMBZgAOUxYDkV3EeY%2C.PhymdmjCONRfketgZprIqnZi8gw%2C

Requested by

Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10256.44KXwjQ3uBVlB8be19-y5oQEREyI8LqgJNk3v8aUzSxuRdnM2PYOcYmUyF13CmoGshb7F_JAZaYLKt-2B1c-xHjPSGx20Um-KuVl9mXhrMevDQqxsRj6TJlNUm7cAcUqpvOl6LmMjMsuR4ATDCH_FtPGbCzEW7ec_hm8NBF88jd9RDOxyd6T32Kv421e7ikGoYlqcbz_lEFtiHXYHayDFCYnebjMBZgAOUxYDkV3EeY%2C.PhymdmjCONRfketgZprIqnZi8gw%2C
date: Tue, 23 Jan 2024 00:58:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
525 B 280ms
279ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: w.gaskmedics.com
URL: https://w.gaskmedics.com/free-mobi-plan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 00:58:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Jan 2024 16:14:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65a94e6e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 23 Jan 2024 01:58:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/82571071/
Redirect Chain

https://mc.yandex.com/watch/82571071?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0...
https://mc.yandex.com/watch/82571071/1?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3...

440 B
532 B

280ms
279ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/82571071/1?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145821%3Aet%3A1705971501%3Ac%3A1%3Arn%3A438010212%3Arqn%3A1%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C171%2C1380%2C1%2C1%2C0%2C%2C634%2C0%2C%2C%2C%2C2202%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Afp%3A2201%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971502%3At%3AExclusive%205G%20mobile%20offer&t=gdpr%2814%29mc%28g-1-p-1-up-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

e5e007b5a4f56aa01a41da32fb21d844338a4991694a4106792ea38e8724c10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 23-Jan-2024 00:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23-Jan-2024 00:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/82571071/1?wmode=7&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A0%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145821%3Aet%3A1705971501%3Ac%3A1%3Arn%3A438010212%3Arqn%3A1%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C171%2C1380%2C1%2C1%2C0%2C%2C634%2C0%2C%2C%2C%2C2202%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Afp%3A2201%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971502%3At%3AExclusive%205G%20mobile%20offer&t=gdpr%2814%29mc%28g-1-p-1-up-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:22 GMT

POST
H2 200 82571071
mc.yandex.com/watch/ 43 B
86 B 279ms
278ms Ping
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/82571071?page-url=goal%3A%2F%2Fw.gaskmedics.com%2FVISIT&page-ref=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&hittoken=1705971502_2b2631c10bd0a5a9b42ceba7471153d132d5d54db8637026386db37040b24632&browser-info=ar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145822%3Aet%3A1705971503%3Ac%3A1%3Arn%3A669665997%3Arqn%3A2%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C4559%2C4559%2C0%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971503%3At%3AExclusive%205G%20mobile%20offer&t=gdpr(14%2C14)mc(g-1-p-1-up-1)clc(0-0-0)rqnt(2)lt(7600)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23-Jan-2024 00:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:22 GMT

POST
H2 200 1
mc.yandex.com/watch/82571071/ 43 B
74 B 284ms
283ms Ping
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/82571071/1?page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&charset=utf-8&uah=chm%0A%3F0&hittoken=1705971502_2b2631c10bd0a5a9b42ceba7471153d132d5d54db8637026386db37040b24632&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1211%3Acn%3A1%3Adp%3A1%3Als%3A256248705901%3Ahid%3A563051337%3Az%3A-600%3Ai%3A20240122145822%3Aet%3A1705971503%3Ac%3A1%3Arn%3A179170917%3Arqn%3A3%3Au%3A1705971501929037511%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705971497590%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705971503&t=gdpr(14%2C14%2C14)mc(g-1-p-1-up-1)clc(0-0-0)rqnt(3)lt(7600)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ymu%22%3A%7B%22lp%22%3A%22%2Fgr%2Fmb%2F%22%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22battery%22%3A100%2C%22charging%22%3A1%2C%22video%22%3A%22Intel%20Inc.%2FIntel%20Iris%20OpenGL%20Engine%22%2C%22sensorG%22%3A-1%2C%22sensorA%22%3A-1%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36%22%2C%22UserID%22%3A%22W80U9esfefWRpYnVz3eyQ%3D%22%2C%22cid%22%3Anull%2C%22p1%22%3A%225f6f2a67%22%2C%22p2%22%3A%22W80U9esfefWRpYnVz3eyQ%3D%22%2C%22p3%22%3Anull%2C%22p4%22%3Anull%2C%22p5%22%3Anull%2C%22lang%22%3Anull%2C%22msisdn%22%3A%22%22%2C%22status%22%3A%22%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23-Jan-2024 00:58:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:22 GMT

POST
H2 200 82571071
mc.yandex.com/webvisor/ 43 B
0 312ms
311ms Fetch
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/82571071?wv-part=1&wv-type=7&wmode=0&wv-hit=563051337&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&rn=350125633&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1705971505%3Aw%3A1600x1200%3Av%3A1211%3Az%3A-600%3Ai%3A20240122145825%3Au%3A1705971501929037511%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1705971505&t=gdpr(14%2C14%2C14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23-Jan-2024 00:58:25 GMT
content-type: image/gif
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:25 GMT

POST
H2 200 82571071
mc.yandex.com/webvisor/ 43 B
0 282ms
281ms Fetch
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/82571071?wv-part=1&wv-type=7&wmode=0&wv-hit=563051337&page-url=https%3A%2F%2Fw.gaskmedics.com%2Ffree-mobi-plan%2F%23&rn=54099373&browser-info=we%3A1%3Aet%3A1705971505%3Aw%3A1600x1200%3Av%3A1211%3Az%3A-600%3Ai%3A20240122145825%3Au%3A1705971501929037511%3Avf%3A6mv6as6uk632mqt4m2ukn7iz%3Ast%3A1705971505&t=gdpr(14%2C14%2C14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 00:58:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23-Jan-2024 00:58:25 GMT
content-type: image/gif
access-control-allow-origin: https://w.gaskmedics.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 23-Jan-2024 00:58:25 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 03:28:51	Name: i Value: 8Tz7Vm1yZP6tL4uKhuavex1KvLYJm86BVOOuX7BsQ5QEoiSF1BVVhqTL+gE6DlSTxupxCiqXGHkMx/qHrBWTBl/FOD0=
.yandex.ru/	1970-01-21 03:28:51	Name: yandexuid Value: 2678827921705971500
.gaskmedics.com/	1970-01-21 02:38:27	Name: _ym_uid Value: 1705971501929037511
.gaskmedics.com/	1970-01-21 02:38:27	Name: _ym_d Value: 1705971501
.mc.yandex.com/	1970-01-20 17:52:52	Name: sync_cookie_csrf Value: 704211189fake
.gaskmedics.com/	1970-01-20 17:54:03	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:52:52	Name: sync_cookie_csrf Value: 4197859293fake
.yandex.com/	1970-01-21 03:28:51	Name: yandexuid Value: 2678827921705971500
.yandex.com/	1970-01-21 03:28:51	Name: yuidss Value: 2678827921705971500
.yandex.com/	1970-01-21 03:28:51	Name: i Value: 8Tz7Vm1yZP6tL4uKhuavex1KvLYJm86BVOOuX7BsQ5QEoiSF1BVVhqTL+gE6DlSTxupxCiqXGHkMx/qHrBWTBl/FOD0=
.yandex.com/	1970-01-21 03:28:51	Name: yp Value: 1706057901.yu.6847428091705971501
.yandex.com/	1970-01-21 02:38:27	Name: ymex Value: 1708563501.oyu.6847428091705971501
.mc.yandex.com/	1970-01-20 17:54:17	Name: sync_cookie_ok Value: synced

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.4apps.click
mc.yandex.com
mc.yandex.ru
w.gaskmedics.com
104.21.61.48
172.67.181.42
87.250.250.119
39a024ead02e1e7562777685bf017a583ca1e43b10ba860b1952609ba0e983f5
4e04b185f7e4eadc875fbcbef62099adfa53da379ce0204a4451cb75ae2a3e6a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58223742b7bc97fba1116198487d367464a18335818f41c8760cb0b0038b4dd4
7396b743c518ac82f80e53c94f0d15a48286853715ab742be9fd6455476ec4dd
7a6f72547997a69797eb26787fc8b5c8f6c99fbe58cb1b3116ce300fd1d26102
96f09c6d0b128d5c052268f1af3954b987d403949052e162a2e462ff66ad3607
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
bedbb3c9f2366d55c617167b9bf01cdbaf3a59d8f005ebc3a37fdaa31250a2ca
bf5ddbe15707b2daeb134290e86b87121125c9e6fd8f660c99eedd14d3be1d12
c7bb2251baaef2f4a7dc98712e15f6c9455657de00f37ad24c0a70424fe523e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e007b5a4f56aa01a41da32fb21d844338a4991694a4106792ea38e8724c10f
fed7858c8d852a69d4b8f1fa29060e2a0735b993a30e11a9b83b111f40a2db11

w.gaskmedics.com Open in urlscan Pro 104.21.61.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

86 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

233 kBTransfer

483 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

13 Cookies

Indicators

w.gaskmedics.com Open in urlscan Pro
104.21.61.48 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

233 kB
Transfer

483 kB
Size

13
Cookies

22 HTTP transactions
0 data transactions