promotiontlgrm.ru Open in urlscan Pro
185.204.0.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://promotiontlgrm.ru/
Effective URL:
https://promotiontlgrm.ru/rxrpffy
Submission: On May 14 via api (May 14th 2024, 9:54:25 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 185.204.0.171, located in Moscow, Russian Federation and belongs to FIRSTBYTE-AS, GB. The main domain is promotiontlgrm.ru.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.

This is the only time promotiontlgrm.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	185.204.0.171 185.204.0.171	204997 (FIRSTBYTE-AS) (FIRSTBYTE-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
24	4

15 185.204.0.171 (Moscow, Russian Federation) 1 redirects

ASN204997 (FIRSTBYTE-AS, GB)
PTR: taplanding.com

promotiontlgrm.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
taplanding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	taplanding.com taplanding.com	674 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9603	4 KB
3	gstatic.com fonts.gstatic.com	40 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4550	74 KB
2	promotiontlgrm.ru 1 redirects promotiontlgrm.ru	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
24	6

	Domain	Requested by
13	taplanding.com	promotiontlgrm.ru
7	mc.yandex.com	3 redirects promotiontlgrm.ru mc.yandex.ru
3	fonts.gstatic.com	fonts.googleapis.com
3	mc.yandex.ru	1 redirects promotiontlgrm.ru
2	promotiontlgrm.ru	1 redirects
1	fonts.googleapis.com	promotiontlgrm.ru
24	6

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
taplanding.com R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://promotiontlgrm.ru/rxrpffy
Frame ID: 8AAEC95E78CC425EE1F94023F454D1B4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

rxrpffy - Tap Landing

Page URL History Show full URLs

https://promotiontlgrm.ru/ HTTP 302
https://promotiontlgrm.ru/rxrpffy Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

92 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

795 kB
Transfer

2194 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/AtomniyProdviG
Title: Задать вопрос

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://promotiontlgrm.ru/ HTTP 302
https://promotiontlgrm.ru/rxrpffy Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.tz3a3vS1hbormVNricwZRQbV4l79r6MrlcTdgzunmC5ZZECQU8Qkl5EHRWP2-AzT.IH2pFH-kQT5Buq7SARDMfiHfjOY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10369.rEhKs0th5drgbJH_5mHcEwAzQ1KFDc2FuRPKMsQkT7tF24ruejyQjte8x1iQ2DLFa8mo5OLDDCHWCFKEugLKWtJ4c8Qq4_lisEL7ZX7kQJT5qab0bk60SApbImNcczkXAw-rCr0llAYwL5ivSR3FDRFpPK5UXaLldedcdTn96sk9dj_CIMjnkiawDHKZChY9zrgkoTCIIeByYombgiP8iTWD7iTKee_0uV9KdpPXmCc%2C.3ZTGqaKCKs0Dn5D08BW-yqn2PoE%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.meO3d4k3wnicovBduGYkKeBnCdMpydWihxDqGEb0KwbR3dMA7nkoQXEjeWfP-N2HhXkuhId0lo_BuPykd01OYsIpZ9j0HvxUVBUtuFVbSdBEz2m_F0ysTedbbB0QMZ4p_oTnwrADXyoDfDEP7GhzL0AKCNl0zRVi9Kukz0yikJwy_n6EeKXKkpECO8Y5JALXNxWFLO5LJkKdixPixdqw2Q%2C%2C.xcNdh1Yoh29P8EPUDk6zFX5ecmM%2C

Request Chain 19

https://mc.yandex.com/watch/97263983?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A873806799676%3Ahid%3A671172937%3Az%3A120%3Ai%3A20240514235421%3Aet%3A1715723661%3Ac%3A1%3Arn%3A171879558%3Arqn%3A1%3Au%3A1715723661125187920%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1244%3Awv%3A2%3Ads%3A0%2C0%2C171%2C1%2C591%2C591%2C1%2C655%2C0%2C%2C%2C%2C1421%3Aco%3A0%3Acpf%3A1%3Ans%3A1715723659906%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715723662%3At%3Arxrpffy%20-%20Tap%20Landing&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/97263983/1?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A873806799676%3Ahid%3A671172937%3Az%3A120%3Ai%3A20240514235421%3Aet%3A1715723661%3Ac%3A1%3Arn%3A171879558%3Arqn%3A1%3Au%3A1715723661125187920%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1244%3Awv%3A2%3Ads%3A0%2C0%2C171%2C1%2C591%2C591%2C1%2C655%2C0%2C%2C%2C%2C1421%3Aco%3A0%3Acpf%3A1%3Ans%3A1715723659906%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715723662%3At%3Arxrpffy%20-%20Tap%20Landing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request rxrpffy Show response
promotiontlgrm.ru/
Redirect Chain

https://promotiontlgrm.ru/
https://promotiontlgrm.ru/rxrpffy

18 KB
5 KB

172ms
171ms

Document
text/html

185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 402c56d76ca4da1be8deb3fd1b6f89b189b9ab5da61827d73509245141680b62

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 4433
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 21:54:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 14 May 2024 21:54:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://promotiontlgrm.ru/rxrpffy
pragma: no-cache
server: nginx

GET
H2 200 bootstrap.min.css
taplanding.com/themes/altum/assets/css/ 216 KB
32 KB 199ms
158ms Stylesheet
text/css 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/css/bootstrap.min.css?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 94e9ffa4a36db6513b07a056e7f9939a90f5dd927a4c5ca6fbd8bb253874861a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Jan 2024 01:28:16 GMT
server: nginx
etag: W/"659df2b0-36074"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
taplanding.com/themes/altum/assets/css/ 23 KB
6 KB 114ms
74ms Stylesheet
text/css 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/css/custom.css?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: f83c12f52496c4e2fed6a7b082582442d29b138016e0f7bbd9f8b1a659c555a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 22:03:12 GMT
server: nginx
etag: W/"65cbe720-5d40"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 link-custom.css
taplanding.com/themes/altum/assets/css/ 4 KB
1 KB 189ms
149ms Stylesheet
text/css 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/css/link-custom.css?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 931d59984aaf84a949a16e7ea80054eeda1a26885c26b9803b3bc21b2acb706f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Feb 2024 03:09:36 GMT
server: nginx
etag: W/"65bc5cf0-11e6"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 animate.min.css
taplanding.com/themes/altum/assets/css/ 70 KB
5 KB 116ms
77ms Stylesheet
text/css 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/css/animate.min.css?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 21:46:06 GMT
server: nginx
etag: W/"5fc80b1e-11847"
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 165ms
56ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 May 2024 21:32:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 May 2024 21:54:20 GMT

GET
H2 200 344d028d02d379e492d57da64c5ab104.jpg
taplanding.com/uploads/avatars/ 46 KB
46 KB 272ms
232ms Image
image/jpeg 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taplanding.com/uploads/avatars/344d028d02d379e492d57da64c5ab104.jpg
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: be719be645491d68afda5a926d4f2de6ead649800075ae195b0f5df14ca50580

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
last-modified: Mon, 13 May 2024 07:46:24 GMT
server: nginx
etag: "6641c550-b8ab"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 47275
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 85 KB
30 KB 271ms
232ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/jquery.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 19:54:10 GMT
server: nginx
etag: W/"6500c1e2-155ed"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 popper.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 21 KB
7 KB 77ms
76ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/popper.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: b4ef79d3c83a6b1166c2b95c6aee7c66d5aae727d1d70ba7a52478ea13f81baf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 19:04:38 GMT
server: nginx
etag: W/"657ca346-52c9"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 61 KB
15 KB 81ms
80ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/bootstrap.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Thu, 30 Nov 2023 00:33:26 GMT
server: nginx
etag: W/"6567d856-f43a"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.js Show response
taplanding.com/themes/altum/assets/js/ 35 KB
9 KB 86ms
85ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/custom.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 407d03f6602ffb7d8fab46c8d5cf126bb536a36d81a0fec81c2b3a07a96a6946

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2024 19:35:54 GMT
server: nginx
etag: W/"65c9219a-8a5f"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 56 KB
16 KB 89ms
88ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/fontawesome.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 14:27:00 GMT
server: nginx
etag: W/"64c91634-de1f"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-solid.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 807 KB
271 KB 110ms
109ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/fontawesome-solid.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 14:27:00 GMT
server: nginx
etag: W/"64c91634-c9b9e"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fontawesome-brands.min.js Show response
taplanding.com/themes/altum/assets/js/libraries/ 465 KB
203 KB 179ms
179ms Script
application/javascript 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/themes/altum/assets/js/libraries/fontawesome-brands.min.js?v=4500
Requested by: Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:21 GMT
content-encoding: gzip
last-modified: Wed, 16 Aug 2023 12:02:58 GMT
server: nginx
etag: W/"64dcbaf2-7448c"
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
73 KB 379ms
180ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 14 May 2024 12:07:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "664353eb-11f0d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 73485
expires: Tue, 14 May 2024 22:54:21 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 121ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://promotiontlgrm.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 11 May 2024 12:31:52 GMT
x-content-type-options: nosniff
age: 292949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 May 2025 12:31:52 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 11 KB
11 KB 164ms
81ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://promotiontlgrm.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:10:14 GMT
x-content-type-options: nosniff
age: 27847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11116
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:10:14 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 10 KB
10 KB 134ms
51ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B5OaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://promotiontlgrm.ru
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 06:19:07 GMT
x-content-type-options: nosniff
age: 56114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10180
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:49:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 06:19:07 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10369.tz3a3vS1hbormVNricwZRQbV4l79r6MrlcTdgzunmC5ZZECQU8Qkl5EHRWP2-AzT.IH2pFH-kQT5Buq7SARDMfiHfjOY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10369.rEhKs0th5drgbJH_5mHcEwAzQ1KFDc2FuRPKMsQkT7tF24ruejyQjte8x1iQ2DLFa8mo5OLDDCHWCFKEugLKWtJ4c8Qq4_lisEL7ZX7kQJT5qab0bk60SApbImNcczkXAw-rCr0llA...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.meO3d4k3wnicovBduGYkKeBnCdMpydWihxDqGEb0KwbR3dMA7nkoQXEjeWfP-N2HhXkuhId0lo_BuPykd01OYsIpZ9j0HvxUVBUtuFVbSdBEz...

43 B
613 B

388ms
377ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.meO3d4k3wnicovBduGYkKeBnCdMpydWihxDqGEb0KwbR3dMA7nkoQXEjeWfP-N2HhXkuhId0lo_BuPykd01OYsIpZ9j0HvxUVBUtuFVbSdBEz2m_F0ysTedbbB0QMZ4p_oTnwrADXyoDfDEP7GhzL0AKCNl0zRVi9Kukz0yikJwy_n6EeKXKkpECO8Y5JALXNxWFLO5LJkKdixPixdqw2Q%2C%2C.xcNdh1Yoh29P8EPUDk6zFX5ecmM%2C

Requested by

Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://promotiontlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 14 May 2024 21:54:21 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10369.meO3d4k3wnicovBduGYkKeBnCdMpydWihxDqGEb0KwbR3dMA7nkoQXEjeWfP-N2HhXkuhId0lo_BuPykd01OYsIpZ9j0HvxUVBUtuFVbSdBEz2m_F0ysTedbbB0QMZ4p_oTnwrADXyoDfDEP7GhzL0AKCNl0zRVi9Kukz0yikJwy_n6EeKXKkpECO8Y5JALXNxWFLO5LJkKdixPixdqw2Q%2C%2C.xcNdh1Yoh29P8EPUDk6zFX5ecmM%2C
date: Tue, 14 May 2024 21:54:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
576 B 89ms
88ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: promotiontlgrm.ru
URL: https://promotiontlgrm.ru/rxrpffy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:21 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 May 2024 12:07:07 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "664353eb-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 14 May 2024 22:54:21 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/97263983/
Redirect Chain

https://mc.yandex.com/watch/97263983?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%...
https://mc.yandex.com/watch/97263983/1?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2...

447 B
539 B

118ms
90ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/97263983/1?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A873806799676%3Ahid%3A671172937%3Az%3A120%3Ai%3A20240514235421%3Aet%3A1715723661%3Ac%3A1%3Arn%3A171879558%3Arqn%3A1%3Au%3A1715723661125187920%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1244%3Awv%3A2%3Ads%3A0%2C0%2C171%2C1%2C591%2C591%2C1%2C655%2C0%2C%2C%2C%2C1421%3Aco%3A0%3Acpf%3A1%3Ans%3A1715723659906%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715723662%3At%3Arxrpffy%20-%20Tap%20Landing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5ed76736e0f2248fa94b69ad267e69d84ea2f7622ed72de4fc53c24fe755eff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://promotiontlgrm.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 May 2024 21:54:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 14-May-2024 21:54:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://promotiontlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Tue, 14-May-2024 21:54:22 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 May 2024 21:54:22 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14-May-2024 21:54:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/97263983/1?wmode=7&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22124%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22124%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A124.0.6367.201%0Achl%0A%22Chromium%22%3Bv%3D%22124.0.6367.201%22%2C%22Google%20Chrome%22%3Bv%3D%22124.0.6367.201%22%2C%22Not-A.Brand%22%3Bv%3D%2299.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1331%3Acn%3A1%3Adp%3A0%3Als%3A873806799676%3Ahid%3A671172937%3Az%3A120%3Ai%3A20240514235421%3Aet%3A1715723661%3Ac%3A1%3Arn%3A171879558%3Arqn%3A1%3Au%3A1715723661125187920%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1244%3Awv%3A2%3Ads%3A0%2C0%2C171%2C1%2C591%2C591%2C1%2C655%2C0%2C%2C%2C%2C1421%3Aco%3A0%3Acpf%3A1%3Ans%3A1715723659906%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1715723662%3At%3Arxrpffy%20-%20Tap%20Landing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://promotiontlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 14-May-2024 21:54:22 GMT

GET
H2 200 7065ea913e6f54410277e5b49e417dbb.png
taplanding.com/uploads/main/ 32 KB
32 KB 95ms
75ms Other
image/png 185.204.0.171
FIRSTBYTE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taplanding.com/uploads/main/7065ea913e6f54410277e5b49e417dbb.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.204.0.171 Moscow, Russian Federation, ASN204997 (FIRSTBYTE-AS, GB),
Reverse DNS: taplanding.com
Software: nginx /
Resource Hash: 625bdde596fc27e17fd98bf6981beb229b5b82cd9317e20537555152f0a01869

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 21:54:22 GMT
last-modified: Fri, 01 Jul 2022 17:32:27 GMT
server: nginx
etag: "62bf2fab-80d1"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 32977
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 97263983
mc.yandex.com/webvisor/ 43 B
0 261ms
259ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/97263983?wv-part=1&wv-type=7&wmode=0&wv-hit=671172937&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&rn=569674731&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1715723665%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240514235424%3Au%3A1715723661125187920%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715723665&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 May 2024 21:54:24 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14-May-2024 21:54:24 GMT
content-type: image/gif
access-control-allow-origin: https://promotiontlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 14-May-2024 21:54:24 GMT

POST
H2 200 97263983
mc.yandex.com/webvisor/ 43 B
0 87ms
86ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/97263983?wv-part=1&wv-type=7&wmode=0&wv-hit=671172937&page-url=https%3A%2F%2Fpromotiontlgrm.ru%2Frxrpffy&rn=131726562&browser-info=we%3A1%3Aet%3A1715723665%3Aw%3A1600x1200%3Av%3A1331%3Az%3A120%3Ai%3A20240514235425%3Au%3A1715723661125187920%3Avf%3Adgbrch0rrwskrrnckuobefkyj%3Ast%3A1715723665&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://promotiontlgrm.ru/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 May 2024 21:54:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14-May-2024 21:54:25 GMT
content-type: image/gif
access-control-allow-origin: https://promotiontlgrm.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 14-May-2024 21:54:25 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
promotiontlgrm.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9138lhcmr9ohp424pa5a3mo9qt
promotiontlgrm.ru/	1970-01-20 20:36:50	Name: s_statistics_5927 Value: 0
.yandex.ru/	1970-01-21 05:20:59	Name: yashr Value: 9838744571715723661
mc.yandex.ru/	1970-01-21 05:20:59	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.promotiontlgrm.ru/	1970-01-21 05:20:59	Name: _ym_uid Value: 1715723661125187920
.promotiontlgrm.ru/	1970-01-21 05:20:59	Name: _ym_d Value: 1715723661
.yandex.com/	1970-01-21 06:11:23	Name: i Value: F2eqXMfJYLIueYY2rZACt7x9M5NEBjB/d7mOH/5mB83HfAFIhUY+tWvkxzNvx5ayfMeDgLgCzwFF9BCVFPg++/htYy0=
.yandex.com/	1970-01-21 05:20:59	Name: yandexuid Value: 6779721941715723661
.yandex.com/	1970-01-21 05:20:59	Name: yashr Value: 9859865231715723661
mc.yandex.com/	1970-01-21 05:20:59	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI0IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjQiKgI/MDoHIldpbjMyIg==
.mc.yandex.com/	1970-01-20 20:35:24	Name: sync_cookie_csrf Value: 1885472187fake
.promotiontlgrm.ru/	1970-01-20 20:36:35	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 20:35:24	Name: sync_cookie_csrf Value: 3242911797fake
.mc.yandex.com/	1970-01-20 20:36:50	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 06:11:23	Name: yandexuid Value: 6779721941715723661
.yandex.ru/	1970-01-21 06:11:23	Name: yuidss Value: 6779721941715723661
.yandex.ru/	1970-01-21 06:11:23	Name: i Value: F2eqXMfJYLIueYY2rZACt7x9M5NEBjB/d7mOH/5mB83HfAFIhUY+tWvkxzNvx5ayfMeDgLgCzwFF9BCVFPg++/htYy0=
.yandex.ru/	1970-01-21 06:11:23	Name: yp Value: 1715810061.yu.2916670511715723661
.yandex.ru/	1970-01-21 05:20:59	Name: ymex Value: 1718315661.oyu.2916670511715723661
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 444477991715723662
.yandex.com/	1970-01-21 05:20:59	Name: yuidss Value: 6779721941715723661
.yandex.com/	1970-01-21 05:20:59	Name: ymex Value: 1747259662.yrts.1715723662
.yandex.com/	1970-01-21 05:20:59	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 05:20:59	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI0IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI0IhoFIng4NiIiECIxMjQuMC42MzY3LjIwMSIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJcIkNocm9taXVtIjt2PSIxMjQuMC42MzY3LjIwMSIsIkdvb2dsZSBDaHJvbWUiO3Y9IjEyNC4wLjYzNjcuMjAxIiwiTm90LUEuQnJhbmQiO3Y9Ijk5LjAuMC4wIiI=
.promotiontlgrm.ru/	1970-01-20 20:35:25	Name: _ym_visorc Value: w

72 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://promotiontlgrm.ru/rxrpffy Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
promotiontlgrm.ru
taplanding.com
185.204.0.171
2a00:1450:4001:80f::2003
2a00:1450:4001:81c::200a
2a02:6b8::1:119
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6
37c813e5c95a107d3992c300f1b03a488e70570166eb45687fedab8d1f3b6c7b
402c56d76ca4da1be8deb3fd1b6f89b189b9ab5da61827d73509245141680b62
407d03f6602ffb7d8fab46c8d5cf126bb536a36d81a0fec81c2b3a07a96a6946
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ed76736e0f2248fa94b69ad267e69d84ea2f7622ed72de4fc53c24fe755eff3
625bdde596fc27e17fd98bf6981beb229b5b82cd9317e20537555152f0a01869
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
8c1dea3ffbb8a0974366fc2c7748d4db4f7ff15e0d6d1dc9f18e7d52a366414b
931d59984aaf84a949a16e7ea80054eeda1a26885c26b9803b3bc21b2acb706f
94e9ffa4a36db6513b07a056e7f9939a90f5dd927a4c5ca6fbd8bb253874861a
9d86a276aee130232fa0ef2134c750628acac1072a31e35eb7d65624652f549d
a53e31edb30f99af3ca1057b04b78ffd82306614059042531adea8ee830a25e3
aaa2326f42507022619917a2abe599d6312c3294846cc66f008baf084dc39ed4
b4ef79d3c83a6b1166c2b95c6aee7c66d5aae727d1d70ba7a52478ea13f81baf
be719be645491d68afda5a926d4f2de6ead649800075ae195b0f5df14ca50580
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f83c12f52496c4e2fed6a7b082582442d29b138016e0f7bbd9f8b1a659c555a0
f9442a526f76a4fad3bc9c7b8e7e7a9041f507649c9c8ca653f8ab4ce0d3dc02
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

promotiontlgrm.ru Open in urlscan Pro 185.204.0.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

92 %HTTPS

75 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

795 kBTransfer

2194 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

25 Cookies

72 Console Messages

Indicators

promotiontlgrm.ru Open in urlscan Pro
185.204.0.171 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

92 %
HTTPS

75 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

795 kB
Transfer

2194 kB
Size

25
Cookies

24 HTTP transactions
0 data transactions