perm.domru.ru Open in urlscan Pro
188.186.157.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://perm.domru.ru/quiz_landing
Submission: On March 05 via api (March 5th 2021, 8:17:01 am UTC) from RU

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 20 domains to perform 116 HTTP transactions. The main IP is 188.186.157.51, located in Russian Federation and belongs to ERTELECOM-DC-AS, RU. The main domain is perm.domru.ru.
TLS certificate: Issued by RU-CENTER High Assurance Services CA 2 on February 4th 2021. Valid for: a year.

This is the only time perm.domru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	188.186.157.51 188.186.157.51	31483 (ERTELECOM...) (ERTELECOM-DC-AS)
8	92.118.67.1 92.118.67.1	49031 (CALLTOUCH-AS) (CALLTOUCH-AS)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	88.212.240.204 88.212.240.204	7979 (SERVERS-COM) (SERVERS-COM)
1 3	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 9	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
5	2a03:2880:f00... 2a03:2880:f006:21:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	92.223.124.254 92.223.124.254	199524 (GCORE) (GCORE)
6	87.240.190.72 87.240.190.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	2.16.186.161 2.16.186.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	138.201.8.167 138.201.8.167	24940 (HETZNER-AS) (HETZNER-AS)
5	188.186.156.88 188.186.156.88	31483 (ERTELECOM...) (ERTELECOM-DC-AS)
6	2a03:2880:f10... 2a03:2880:f106:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
2 5	80.64.106.151 80.64.106.151	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.138.133 199.232.138.133	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	23.111.96.36 23.111.96.36	7979 (SERVERS-COM) (SERVERS-COM)
1 1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	213.87.44.207 213.87.44.207	13174 (MTSNET Mo...) (MTSNET Moscow)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	35.244.223.69 35.244.223.69	15169 (GOOGLE) (GOOGLE)
116	30

27 188.186.157.51 (Russian Federation)

ASN31483 (ERTELECOM-DC-AS, RU)
PTR: 188x186x157x51.static.cc.ertelecom.ru

perm.domru.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 92.118.67.1 (Russian Federation)

ASN49031 (CALLTOUCH-AS, RU)

mod.calltouch.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.240.204 (Russian Federation)

ASN7979 (SERVERS-COM, US)

tags.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

4360952.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.124.254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.carrotquest.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.240.190.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv72-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.161 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-161.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.8.167 (Landshut, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz-fr22.rutarget.ru

cdn.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 188.186.156.88 (Russian Federation)

ASN31483 (ERTELECOM-DC-AS, RU)
PTR: 188x186x156x88.static.cc.ertelecom.ru

p.domru.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.47 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 80.64.106.151 (Russian Federation) 2 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)

tag.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.138.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sf19-scmcdn-va.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.96.36 (Russian Federation)

ASN7979 (SERVERS-COM, US)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.207 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-207-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.223.69 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com

wf.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	domru.ru perm.domru.ru p.domru.ru	443 KB
10	mail.ru 1 redirects top-fwz1.mail.ru ad.mail.ru	18 KB
9	doubleclick.net 3 redirects stats.g.doubleclick.net 4360952.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
8	rutarget.ru 2 redirects cdn.rutarget.ru tag.rutarget.ru google-sync.rutarget.ru	8 KB
8	yandex.ru 1 redirects mc.yandex.ru an.yandex.ru	68 KB
8	calltouch.ru mod.calltouch.ru	30 KB
7	google-analytics.com www.google-analytics.com	19 KB
6	facebook.com www.facebook.com	779 B
6	vk.com vk.com	46 KB
6	google.de 1 redirects www.google.de adservice.google.de	2 KB
6	google.com 1 redirects www.google.com adservice.google.com	2 KB
5	facebook.net connect.facebook.net	241 KB
5	adriver.ru 1 redirects tags.adriver.ru ad.adriver.ru content.adriver.ru	20 KB
2	weborama.fr 1 redirects wf.frontend.weborama.fr	577 B
2	googleadservices.com www.googleadservices.com	17 KB
2	googletagmanager.com www.googletagmanager.com	120 KB
1	mts.ru tech.rtb.mts.ru	653 B
1	ibytedtos.com sf19-scmcdn-va.ibytedtos.com	9 KB
1	tiktok.com analytics.tiktok.com	20 KB
1	carrotquest.io cdn.carrotquest.io	128 KB
116	20

	Domain	Requested by
27	perm.domru.ru	perm.domru.ru
9	top-fwz1.mail.ru	1 redirects perm.domru.ru top-fwz1.mail.ru
8	mod.calltouch.ru	perm.domru.ru mod.calltouch.ru
7	mc.yandex.ru	1 redirects perm.domru.ru
7	www.google-analytics.com	perm.domru.ru
6	www.facebook.com	perm.domru.ru connect.facebook.net
6	vk.com	perm.domru.ru
5	tag.rutarget.ru	2 redirects cdn.rutarget.ru tag.rutarget.ru
5	p.domru.ru	perm.domru.ru
5	connect.facebook.net	perm.domru.ru connect.facebook.net
5	www.google.de	perm.domru.ru www.googleadservices.com
5	www.google.com	1 redirects perm.domru.ru
4	stats.g.doubleclick.net	perm.domru.ru
3	4360952.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
2	wf.frontend.weborama.fr	1 redirects tag.rutarget.ru
2	content.adriver.ru	ad.adriver.ru content.adriver.ru
2	www.googleadservices.com	4360952.fls.doubleclick.net www.googleadservices.com
2	ad.adriver.ru	1 redirects perm.domru.ru
2	cdn.rutarget.ru	perm.domru.ru
2	www.googletagmanager.com	perm.domru.ru www.googletagmanager.com
1	ad.mail.ru	tag.rutarget.ru
1	tech.rtb.mts.ru	tag.rutarget.ru
1	an.yandex.ru	tag.rutarget.ru
1	google-sync.rutarget.ru	tag.rutarget.ru
1	cm.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	adservice.google.de	1 redirects
1	sf19-scmcdn-va.ibytedtos.com	analytics.tiktok.com
1	adservice.google.com	4360952.fls.doubleclick.net
1	analytics.tiktok.com	perm.domru.ru
1	cdn.carrotquest.io	perm.domru.ru
1	tags.adriver.ru	perm.domru.ru
116	32

This site contains no links.

Subject Issuer	Validity	Valid
*.domru.ru RU-CENTER High Assurance Services CA 2	`2021-02-04` - `2022-03-02`	a year	crt.sh
calltouch.ru R3	`2021-01-25` - `2021-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
cdn.carrotquest.io R3	`2021-01-09` - `2021-04-09`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2020-05-07` - `2021-06-09`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.ibytedtos.com RapidSSL RSA CA 2018	`2020-05-12` - `2022-05-12`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2020-12-17` - `2021-06-17`	6 months	crt.sh
*.rtb.mts.ru Thawte RSA CA 2018	`2020-12-21` - `2022-01-19`	a year	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2019-02-20` - `2021-04-21`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://perm.domru.ru/quiz_landing
Frame ID: 0FE7BE64B6BB4DB07CD3684ECF060985
Requests: 99 HTTP requests in this frame

Frame: https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
Frame ID: 3F991C66EC0AE603A75486BAE7F5A61A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.rutarget.ru/static/sharecookie/index.html
Frame ID: 47B6926F154D23C1A7E497F73BE2AF65
Requests: 2 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true
Frame ID: 5780A1A468D07A22FC1AFB21BB228B1A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
Frame ID: 53685B9812743A6CF9F36CB51EFCAA01
Requests: 1 HTTP requests in this frame

Frame: https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
Frame ID: 26847F498E82E7AAFBA308EEEF6E353D
Requests: 3 HTTP requests in this frame

Frame: https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&836637&0&0&201&194.99.105.99&counter&1
Frame ID: 50D7A00B49B77BC2C4C1DE4BF6336215
Requests: 2 HTTP requests in this frame

Frame: https://www.google.de/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO&ipr=y
Frame ID: 121613ECEE276B411CD0E4156DE5816A
Requests: 1 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Frame ID: 395BD9BEA0E6F21C34D2E57CF44A24DC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

116
Requests

99 %
HTTPS

41 %
IPv6

20
Domains

32
Subdomains

30
IPs

4
Countries

1190 kB
Transfer

3801 kB
Size

36
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://4360952.fls.doubleclick.net/activityi;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing HTTP 302
https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Request Chain 51

https://top-fwz1.mail.ru/counter?id=2633401&gtmcb=1593097694 HTTP 302
https://top-fwz1.mail.ru/counter2?id=2633401&gtmcb=1593097694

Request Chain 74

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown HTTP 302
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown&tuid=-5729146111

Request Chain 75

https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60 HTTP 302
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true

Request Chain 76

https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html HTTP 302
https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true

Request Chain 78

https://mc.yandex.ru/watch/30080914?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A51417929%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614932201678%3Awv%3A2%3Ads%3A59%2C197%2C345%2C8%2C0%2C0%2C%2C25%2C0%2C%2C%2C%2C965%3Adsn%3A58%2C197%2C345%2C7%2C0%2C0%2C%2C20%2C0%2C%2C%2C%2C966%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8 HTTP 302
https://mc.yandex.ru/watch/30080914/1?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A51417929%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614932201678%3Awv%3A2%3Ads%3A59%2C197%2C345%2C8%2C0%2C0%2C%2C25%2C0%2C%2C%2C%2C965%3Adsn%3A58%2C197%2C345%2C7%2C0%2C0%2C%2C20%2C0%2C%2C%2C%2C966%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Request Chain 86

https://adservice.google.de/ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing HTTP 302
https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Request Chain 99

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=7OhBYLuACJW0gAeL6KzoCg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO&ipr=y

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=QnVtYlVvMUJJWGxr&google_ula=2046794&google_cm= HTTP 302
https://google-sync.rutarget.ru/sync?google_gid=CAESENgY8ch7erBfgd6-2uT-u7o&google_cver=1&google_ula=2046794,2

Request Chain 110

https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0 HTTP 302
https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0&bounce=1&random=2019679881

116 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request quiz_landing Show response
perm.domru.ru/ 129 KB
26 KB 601ms
345ms Document
text/html 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx / Next.js
Resource Hash: 3a67a345cf2639efdd80db7ed165e416c49d4f490de7dc1e415851ff8204bdf4

Request headers

:method: GET
:authority: perm.domru.ru
:scheme: https
:path: /quiz_landing
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 05 Mar 2021 08:16:42 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-backend-server: b2c-domru-deploy-7f55cb9cdc-t4cqt
x-project: b2c-domru
set-cookie: session-cookie=166963beef56a054636963c26940ac72719f688ff1c67df880ceb0678c8b57b28ba9033bb62361ddb6a9c6625aab9bb0; Max-Age=86400; Path=/
x-info-1: s1
x-info-2: n/a
content-encoding: gzip

GET
H2 200 6cf2a1f22c5d1c92c952.css
perm.domru.ru/_next/static/css/ 5 KB
2 KB 102ms
97ms Stylesheet
text/css 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/css/6cf2a1f22c5d1c92c952.css
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 27c41e224895b1e856c136e8ee051e1c8451b669500e512f024c4336314699ae

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:10:29 GMT

GET
H2 200 _app.js Show response
perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/ 102 KB
30 KB 112ms
107ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 5b4467bf8be502fd03d23b68b601edc75b559b2e8fd7fddb8b7e4617fb8a9b2f

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:10:29 GMT

GET
H2 200 quiz_landing.js Show response
perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/ 33 KB
11 KB 208ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/quiz_landing.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 5147d7da7959b37f8ca9f3a0e6c3d00f52fc62c5f1cbdab3fc50ca11be85c665

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:16:42 GMT

GET
H2 200 webpack-bfc14420f4556abd78c4.js Show response
perm.domru.ru/_next/static/runtime/ 5 KB
3 KB 124ms
119ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/runtime/webpack-bfc14420f4556abd78c4.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 540072b4105b70e4a5a3d2a13259b40f35da2e9e6b71ca142e6c046ef273d028

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 framework.10d288861140c55ee8f8.js Show response
perm.domru.ru/_next/static/chunks/ 127 KB
47 KB 179ms
174ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/framework.10d288861140c55ee8f8.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 927e1af72dca8a5f1e1508462de66dc1a8a4f9b1b4bcccdb267621e0eb716252

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:05:18 GMT

GET
H2 200 cd7e61d4f1b187794ae8c972754a4364763c778a.31d781f6013e65290a1c.js Show response
perm.domru.ru/_next/static/chunks/ 39 KB
16 KB 199ms
193ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/cd7e61d4f1b187794ae8c972754a4364763c778a.31d781f6013e65290a1c.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 31ba89bda5e9683877830832157453cb6789fc644341ace3fc99baf632c64ad2

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:04:26 GMT

GET
H2 200 945b2d42111eb3fcefa13ed680768b4ee32f237b.b5c2dd3c8aea95ec893f.js Show response
perm.domru.ru/_next/static/chunks/ 31 KB
12 KB 204ms
199ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/945b2d42111eb3fcefa13ed680768b4ee32f237b.b5c2dd3c8aea95ec893f.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: eca2b4cc06ea4cc13709073eeea9c03408b1ba96d0d5290a697e6c93968bc387

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 60bad362f22a852acf7512d4de3785f78725ad0b.9a05e2a00cd0c36a3c37.js Show response
perm.domru.ru/_next/static/chunks/ 20 KB
8 KB 205ms
200ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/60bad362f22a852acf7512d4de3785f78725ad0b.9a05e2a00cd0c36a3c37.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: b81c16f515278f881b847a480a3ae5c3be3b7523e7f9131ae4beea008cd5f5b5

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:10:29 GMT

GET
H2 200 30918b7e10e9a04710ba4a0fa68638a718c47803.4278064ae10e916b2dfe.js Show response
perm.domru.ru/_next/static/chunks/ 102 KB
36 KB 205ms
200ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/30918b7e10e9a04710ba4a0fa68638a718c47803.4278064ae10e916b2dfe.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 0f592204eb417218097f764a9d984fcadc0608cf6b4d01d5d48b0fd95803459e

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 07:58:12 GMT

GET
H2 200 4cd8acd242e786f2ac8e66c49c0ddf73422db327.ac7703d50d67140ca9bf.js Show response
perm.domru.ru/_next/static/chunks/ 8 KB
4 KB 205ms
201ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/4cd8acd242e786f2ac8e66c49c0ddf73422db327.ac7703d50d67140ca9bf.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 72a1e3a9df96c85ce79acb939ce45e4e0ac2b339024db0762ddff41ac51ec1e3

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 094ae34f14d0c70fadd57bd713f97ba4ffebed01.d3327e4c88df4f4e4f5e.js Show response
perm.domru.ru/_next/static/chunks/ 7 KB
3 KB 206ms
201ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/094ae34f14d0c70fadd57bd713f97ba4ffebed01.d3327e4c88df4f4e4f5e.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: e2b85e56232189166bb697e5f7137d9a9c1a6f72fbcd19bbb6e66cde70a2b313

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 main-9f5bb0ab25f2d9f3b82d.js Show response
perm.domru.ru/_next/static/runtime/ 92 KB
38 KB 206ms
201ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/runtime/main-9f5bb0ab25f2d9f3b82d.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 30f72041bd6c16899960793442090f8bfc5b949ced23dd3975a4769f143e8aa7

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 805457746c315520e46f556e871df508cc41a56b.5b11363894da768c4dbe.js Show response
perm.domru.ru/_next/static/chunks/ 212 KB
72 KB 206ms
201ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/805457746c315520e46f556e871df508cc41a56b.5b11363894da768c4dbe.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: f67cab022fd715ab20536f34b8d4e63f008bb8501925e6dd1ef526ae7ed5f005

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 07:59:17 GMT

GET
H2 200 4c3a268b6d829d67c9b47d50ae027f03cbe0b2d6.84e03fd7749cc00ed96e.js Show response
perm.domru.ru/_next/static/chunks/ 10 KB
3 KB 206ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/4c3a268b6d829d67c9b47d50ae027f03cbe0b2d6.84e03fd7749cc00ed96e.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 6295651d2e0cffd999d1f2f865b6ee50a594b0dd6c9f900cc84d47d541cf786f

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:02:22 GMT

GET
H2 200 6177e12deefd5c552050702f74764be8828e5b3d.137eed8040ea08cbd234.js Show response
perm.domru.ru/_next/static/chunks/ 84 KB
27 KB 206ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/6177e12deefd5c552050702f74764be8828e5b3d.137eed8040ea08cbd234.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: af27dba940a709226cd10f70b3ac826a919b32b78335065968f9f7da4d43b1e4

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:10:29 GMT

GET
H2 200 83fddd291950d0aa23c7559d6f9bae667b92bbb2.d3d66b52d670686b7012.js Show response
perm.domru.ru/_next/static/chunks/ 8 KB
3 KB 206ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/83fddd291950d0aa23c7559d6f9bae667b92bbb2.d3d66b52d670686b7012.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 467f938e932decc2caa2e52c79a4f24a7a226ecd3432b92a8395c98ce2aaec1a

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:03:22 GMT

GET
H2 200 d808c08a058585f9958db52a702740ea1c928293.7f91ec295873111acdf3.js Show response
perm.domru.ru/_next/static/chunks/ 19 KB
7 KB 206ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/d808c08a058585f9958db52a702740ea1c928293.7f91ec295873111acdf3.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: a25dd75204332626e40ff60e4a36f0e95cd7fa03d90e3a40deed65f9721344a4

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:07:54 GMT

GET
H2 200 8c3eeb3cf49cd9addcc2a1f3146535c20c44cc94.26eb077005ddc6f34bf3.js Show response
perm.domru.ru/_next/static/chunks/ 66 KB
27 KB 205ms
202ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/chunks/8c3eeb3cf49cd9addcc2a1f3146535c20c44cc94.26eb077005ddc6f34bf3.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 315a6b230e8ab6b5f3dc1d35c70a0e3021655ae30966dc7db496a7f8e177ec61

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:11:47 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe57719ca286ad12c7610046be227119af8ce9d8a93defa77392ecf5a21da4b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 _buildManifest.js Show response
perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/ 9 KB
4 KB 193ms
192ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/_buildManifest.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 5cc0092d2b97ff2f087576ba48edda6430a8d761d1e6ed8db6371fef84809a6c

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 _ssgManifest.js Show response
perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/ 76 B
260 B 193ms
192ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/_ssgManifest.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
server: nginx
x-info-2: n/a
content-type: application/javascript
expires: Fri, 19 Mar 2021 08:10:28 GMT
cache-control: max-age=1209600, s-maxage=900
accept-ranges: bytes
content-length: 76
x-info-1: s1

GET
H2 200 calltouch.js Show response
perm.domru.ru/static/js/ 2 KB
1 KB 193ms
192ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/js/calltouch.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 624c290f2ad2a833b5bdc16b5cbbdc5d8df6792c63b011a5296ba2601eee629c

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:38 GMT

GET
H2 200 roboto-light.woff2
perm.domru.ru/static/fonts/ 28 KB
28 KB 221ms
220ms Font
application/octet-stream 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/fonts/roboto-light.woff2
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/css/6cf2a1f22c5d1c92c952.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 27e6a9fb11a2974f7b35d83d63dadaad8509c492fa854c1904cf833b35365c50

Request headers

Origin: https://perm.domru.ru
Referer: https://perm.domru.ru/_next/static/css/6cf2a1f22c5d1c92c952.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:06:39 GMT

GET
H2 200 roboto-regular.woff2
perm.domru.ru/static/fonts/ 28 KB
29 KB 224ms
222ms Font
application/octet-stream 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/fonts/roboto-regular.woff2
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/css/6cf2a1f22c5d1c92c952.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 5990ef61a6686e3f8e5dbe4b559e0c5fbe13861aa7d9ac2a8b54ddef605e04c7

Request headers

Origin: https://perm.domru.ru
Referer: https://perm.domru.ru/_next/static/css/6cf2a1f22c5d1c92c952.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:02:22 GMT

GET
H/1.1 200
OK init.js Show response
mod.calltouch.ru/ 60 KB
20 KB 338ms
157ms Script
application/javascript 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/init.js?id=15d929cc
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/static/js/calltouch.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c4f0b266eea164ac945182de47345daed87e9e1962a58d9f2c739bb5dcd6f5a9

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Pragma: no-cache
Last-Modified: Friday, 05-Mar-2021 08:16:42 GMT
Server: nginx
ETag: W/"60391033-ee42"
Vary: Accept-Encoding
X-ct-fe: ct-mod-front01a
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

GET
H2 200 googleTagManager.js Show response
perm.domru.ru/static/js/ 457 B
516 B 98ms
97ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/js/googleTagManager.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/runtime/main-9f5bb0ab25f2d9f3b82d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 7041dffeb592ebf887d4c1403fb043f7905e0111b4be4e96173186bd29d8f38f

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:02:25 GMT

GET
H2 200 googleAnalytics.js Show response
perm.domru.ru/static/js/ 3 KB
1 KB 98ms
98ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/js/googleAnalytics.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/runtime/main-9f5bb0ab25f2d9f3b82d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 7c0e2fd19f02f34b95544b6096d629d9cc1300de3b4b0fba5bb6a8034aa3965c

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:02:49 GMT

GET
H2 200 objectFitImages.js Show response
perm.domru.ru/static/js/ 520 B
529 B 99ms
98ms Script
application/javascript 188.186.157.51
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://perm.domru.ru/static/js/objectFitImages.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/runtime/main-9f5bb0ab25f2d9f3b82d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.186.157.51 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x157x51.static.cc.ertelecom.ru
Software: nginx /
Resource Hash: 807af99f58b9db538d3f922cca15cff1eb07e52a7d18c842cb0d55c5eeefa86d

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: gzip
server: nginx
x-info-2: n/a
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, s-maxage=900
x-info-1: s1
expires: Fri, 19 Mar 2021 08:15:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 464 KB
81 KB 87ms
66ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M43KXLC

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/static/js/googleTagManager.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73d6bfcf880084ffafebcfb37169c35ccde78fa8bf7ce14033a81b7ddb753aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82362
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Mar 2021 08:16:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/static/js/googleAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3035
date: Fri, 05 Mar 2021 07:26:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 05 Mar 2021 09:26:07 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=650619291&t=pageview&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBACEABBAAAAC~&jid=132916620&gjid=1139073477&cid=116815213.1614932203&tid=UA-42895529-11&_gid=1833846844.1614932203&_r=1&_slc=1&cd1=116815213.1614932203&cd2=userId&z=1415095550

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 38ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-42895529-11&cid=116815213.1614932203&jid=132916620&gjid=1139073477&_gid=1833846844.1614932203&_u=6GBACEAABAAAAC~&z=1365723178

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 08:16:42 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
290 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-11&cid=116815213.1614932203&jid=132916620&_u=6GBACEAABAAAAC~&z=201380925

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 38ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-11&cid=116815213.1614932203&jid=132916620&_u=6GBACEAABAAAAC~&z=201380925

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=650619291&t=event&ni=0&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=City%20Choice&ea=Show&_u=6GDACEABBAAAAC~&jid=1490749112&gjid=138506336&cid=116815213.1614932203&tid=UA-42895529-1&_gid=1833846844.1614932203&_r=1&gtm=2wg2o0M43KXLC&z=855693035

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 51ms
37ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-5402207

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M43KXLC

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

949f355c9c08c2e15499fc58650efddb00a99f75cea213bb0f3bd08bb59057bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39394
x-xss-protection: 0
last-modified: Fri, 05 Mar 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Mar 2021 08:16:43 GMT

GET
H2 200 DSPCounter.js Show response
tags.adriver.ru/ 3 KB
3 KB 478ms
91ms Script
application/x-javascript 88.212.240.204
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.adriver.ru/DSPCounter.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.240.204 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: defba5f6d19cc8452c4de79585e113606911bc60ae0e7cc3235291ba0c02ca5a

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Tue, 13 Oct 2020 10:07:00 GMT
server: nginx/1.14.2
etag: "5f857c44-b9d"
content-type: application/x-javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2973

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1925555893&gjid=594538782&_gid=1833846844.1614932203&_u=6GHAiEABBAAAAG~&z=1610146844

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 08:16:43 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
423 B 31ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-30390946-2&cid=116815213.1614932203&jid=1796573898&gjid=2071655811&_gid=1833846844.1614932203&_u=6GHAiEABBAAAAG~&z=130488879

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 08:16:43 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing Show response
4360952.fls.doubleclick.net/ Frame 3F99
Redirect Chain

https://4360952.fls.doubleclick.net/activityi;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing?
https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fp...

493 B
997 B

116ms
66ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M43KXLC

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

00ca484bbe0e6c5f7294724202e8b0f708013c1347df236734f4451a51081b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4360952.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://perm.domru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 05-Mar-2021 08:31:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK code.js Show response
top-fwz1.mail.ru/js/ 21 KB
9 KB 440ms
84ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Last-Modified: Wed, 09 Dec 2020 16:09:03 GMT
Server: nginx
ETag: W/"5fd0f69f-5361"
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: max-age=3600, private
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60
Expires: Fri, 05 Mar 2021 09:16:43 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 210 KB
66 KB 399ms
43ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ee48c70479dd48e6046830d53bc5a03b172cb2139a5cb3872a2f763b49b197f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-1071a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67354
expires: Fri, 05 Mar 2021 09:16:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 38ms
12ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79513cd4b792142ea7152c26eb75d08498f716739988a89db4c135bffc8fa778

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24264
x-fb-rlafr: 0
pragma: public
x-fb-debug: F+yM/8RLLsTbqRYFYqrQwDeOB7/b+LV/zJEIsN9f75PDhj51WkTBhMAEWuLDk+804nWu2Ih6O3aTwhEWCzjTlw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 08:16:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.js Show response
cdn.carrotquest.io/ 512 KB
128 KB 421ms
66ms Script
application/javascript 92.223.124.254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.carrotquest.io/api.min.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.124.254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b2eea593a5cfcdbb333a7221633baefa4faae402a59c3b3d7747b915c1770069

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc36
date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 06:59:42 GMT
server: nginx
etag: W/"603f33de-8014b"
x-cached-since: 2021-03-03T07:17:08+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, must-revalidate
cache: HIT
x-vhost-ver: 3357821170861549424
expires: Fri, 05 Mar 2021 08:46:43 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
22 KB 465ms
112ms Script
application/x-javascript 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?167
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: br
x-frontend: front220206
last-modified: Fri, 18 Dec 2020 12:43:04 GMT
server: kittenx
etag: "5fdca3d8-57c5"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 22469
expires: Tue, 09 Mar 2021 08:16:43 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 59 KB
20 KB 561ms
208ms Script
application/javascript 2.16.186.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BQFHAFOAC2KB0QR0PDC0
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-161.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a6d70210d89d088bc387e7c92a22e51f105f02ef60e87748c3fbce95e3b1b15d

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-akamai-request-id: 7e3869b4.229a16
date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-81-138-78.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
upstream-caught: 1614932203479864
x-cache: TCP_MISS from a2-16-186-157.deploy.akamaitechnologies.com (AkamaiGHost/10.3.0.1-32633187) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-parent-response-time: 157,2.16.186.157
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=6, inner; dur=0
pragma: no-cache
server: nginx
x-tt-logid: 202103050816430101151531870DF8D57A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,104.81.138.78
expires: Fri, 05 Mar 2021 08:16:43 GMT

GET
H/1.1 200
OK tag.js Show response
cdn.rutarget.ru/static/tag/ 3 KB
2 KB 449ms
50ms Script
application/x-javascript 138.201.8.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/tag/tag.js
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.8.167 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-fr22.rutarget.ru
Software: nginx /
Resource Hash: 5e13675d8d4762fa96531de68e3012148f745a1795e747eea82d7b22fc018eba

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 14:25:10 GMT
Server: nginx
ETag: W/"6040edc6-c20"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: OPTIONS
Content-Type: application/x-javascript
Cache-Control: max-age=900
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Expires: Fri, 05 Mar 2021 08:31:43 GMT

GET
H/1.1 200
OK index.html Show response
cdn.rutarget.ru/static/sharecookie/ Frame 47B6 1 KB
1001 B 439ms
46ms Document
text/html 138.201.8.167
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rutarget.ru/static/sharecookie/index.html
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.8.167 Landshut, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: hz-fr22.rutarget.ru
Software: nginx /
Resource Hash: 7352ede0c8c9c0c12b89952f01c051c77cf384e8ecce8ee8960de7de72a2314f

Request headers

Host: cdn.rutarget.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://perm.domru.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://perm.domru.ru/

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 04 Mar 2021 13:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6040e45e-439"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Encoding: gzip

GET
H2 200 openapi.js Show response
vk.com/js/api/ 100 KB
22 KB 502ms
151ms Script
application/x-javascript 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv72-190-240-87.vk.com
Software: kittenx /
Resource Hash: 06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: br
x-frontend: front220206
last-modified: Fri, 18 Dec 2020 12:43:04 GMT
server: kittenx
etag: "5fdca3d8-57c5"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 22469
expires: Tue, 09 Mar 2021 08:16:43 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 9ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=650619291&t=event&ni=0&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=quiz&ea=view%20quiz&el=%20&_u=6GHACEABBAAAAC~&jid=&gjid=&cid=116815213.1614932203&tid=UA-42895529-1&_gid=1833846844.1614932203&gtm=2wg2o0M43KXLC&z=395061776

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 06:51:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5090
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 10ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=650619291&t=event&ni=0&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=quiz&ea=error&el=%20&_u=6GHACEABBAAAAC~&jid=&gjid=&cid=116815213.1614932203&tid=UA-42895529-1&_gid=1833846844.1614932203&gtm=2wg2o0M43KXLC&z=1119770611

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 04:40:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12999
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=2633401&gtmcb=1593097694
https://top-fwz1.mail.ru/counter2?id=2633401&gtmcb=1593097694

43 B
1 KB

86ms
85ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=2633401&gtmcb=1593097694

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

Redirect headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Location: https://top-fwz1.mail.ru/counter2?id=2633401&gtmcb=1593097694
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 10ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=650619291&t=pageview&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GHAiEABBAAAAC~&jid=1925555893&gjid=594538782&cid=116815213.1614932203&tid=UA-42895529-1&_gid=1833846844.1614932203&gtm=2wg2o0M43KXLC&cd5=&cd7=116815213.1614932203&z=1081555819

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 22:13:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36192
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stat.gif
p.domru.ru/ 42 B
313 B 434ms
118ms Image
image/gif 188.186.156.88
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.domru.ru/stat.gif?v=1&_v=j88&a=650619291&t=pageview&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GHAiEABBAAAAC~&jid=1925555893&gjid=594538782&cid=116815213.1614932203&tid=UA-42895529-1&_gid=1833846844.1614932203&gtm=2wg2o0M43KXLC&cd5=&cd7=116815213.1614932203&z=1081555819&ploc=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x156x88.static.cc.ertelecom.ru
Software: nginx/1.12.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Wed, 29 May 2019 06:20:08 GMT
server: nginx/1.12.2
etag: "5cee2498-2a"
content-type: image/gif
cache-control: no-cache, no-cache
accept-ranges: bytes
content-length: 42
expires: Fri, 05 Mar 2021 08:16:42 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 10ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=650619291&t=pageview&_s=1&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GHAiEABBAAAAG~&jid=1796573898&gjid=2071655811&cid=116815213.1614932203&tid=UA-30390946-2&_gid=1833846844.1614932203&cd1=unregistered&gtm=2wg2o0M43KXLC&z=880345787

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 16:07:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58134
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
445 B 81ms
81ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-66453-XU1

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.106343

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.106343
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1490749112&gjid=138506336&_gid=1833846844.1614932203&_u=6GDACEABBAAAAC~&z=1237858866

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 05 Mar 2021 08:16:43 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
398 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-30390946-2&cid=116815213.1614932203&jid=1796573898&_u=6GHAiEABBAAAAG~&z=1399711327

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 46ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-30390946-2&cid=116815213.1614932203&jid=1796573898&_u=6GHAiEABBAAAAG~&z=1399711327

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1925555893&_u=6GHAiEABBAAAAG~&z=1370761050

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 45ms
31ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1925555893&_u=6GHAiEABBAAAAG~&z=1370761050

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d_client_new.js Show response
mod.calltouch.ru/ 11 KB
4 KB 335ms
334ms Script
text/javascript 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/d_client_new.js?param;client_id116815213.1614932203;ref;urlhttps%3A%2F%2Fperm.domru.ru%2Fquiz_landing;cook&mod_id=15d929cc&script_session_id=1780175d635.14b&ctObject=ct&uniq_req_id=1614932221752
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=15d929cc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 343abf54df47db0aa22c4933b04a1e94da34490c9ff8bd5096cacdcf9292a35b

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ct-be: ct-mod-web02
Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Pragma: no-cache
Last-Modified: Friday, 05-Mar-2021 08:16:43 GMT
Server: nginx
Vary: Accept-Encoding
X-ct-fe: ct-mod-front01a
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1490749112&_u=6GDACEABBAAAAC~&z=1193900301

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
65 B 24ms
24ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-42895529-1&cid=116815213.1614932203&jid=1490749112&_u=6GDACEABBAAAAC~&z=1193900301

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm
p.domru.ru/ 0
348 B 120ms
119ms Image
application/octet-stream 188.186.156.88
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.domru.ru/gtm?eventName=UAevent&evts=1614932202966&t1id=98&t1st=success&t1et=87&t2id=543&t2st=success&t2et=1
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x156x88.static.cc.ertelecom.ru
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
server: nginx/1.12.2
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 gtm
p.domru.ru/ 0
348 B 120ms
119ms Image
application/octet-stream 188.186.156.88
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.domru.ru/gtm?eventName=UAevent&evts=1614932202974&t1id=98&t1st=success&t1et=94&t2id=543&t2st=success&t2et=1
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x156x88.static.cc.ertelecom.ru
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
server: nginx/1.12.2
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 370576573296605 Show response
connect.facebook.net/signals/config/ 252 KB
73 KB 98ms
98ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/370576573296605?v=2.9.35&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c91345eb92b22ea33c6be036fea7eb488465c3d32f43aa929a5d47ca90654791

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: hbVEmqbIa72naNLT1nLXKQGFxNoFSnrOgxdjntbUcUJL7vhkRogoSA1E5FaxnwnABjKEISQb3tyCX2k3a9Vv3Q==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 08:16:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm
p.domru.ru/ 0
348 B 120ms
119ms Image
application/octet-stream 188.186.156.88
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.domru.ru/gtm?eventName=UAevent&evts=1614932202957&t1id=98&t1st=success&t1et=157&t2id=543&t2st=success&t2et=0
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x156x88.static.cc.ertelecom.ru
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
server: nginx/1.12.2
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 224119345517074 Show response
connect.facebook.net/signals/config/ 252 KB
72 KB 116ms
116ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/224119345517074?v=2.9.35&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a29ca493e809fc3de29f864104fb099e797d136643f8831563c5d9fdb09165d3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: VIg5k1dpZUw74KcXseHaYEiok/marhxLJlKFo7KYrhWGEDc9BAnSTrbwqU7dEcDtzmtDbTFYnqiaM+GBVEXPWA==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 08:16:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 error
connect.facebook.net//log/ 0
0 35ms
35ms Image
text/html 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.35&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9349)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A9985)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8768)%0A%20%20%20%20at%20Function.ma%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8541)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A3661)%0A%20%20%20%20at%20qa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10435)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10471%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29520%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65139)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A66675)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29483)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A29891)%0A%20%20%20%20at%20d.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A28261)%0A%20%20%20%20at%20a.plugin%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A62%3A68)%0A%20%20%20%20at%20b.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A48272)%0A%20%20%20%20at%20Function.a.registerPlugin%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A11286)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F370576573296605%3Fv%3D2.9.35%26r%3Dcanary%3A32%3A5&ue=0&rs=canary&rqm=FGET
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 38ms
13ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=370576573296605&ev=PageView&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&rl=&if=false&ts=1614932203410&sw=1600&sh=1200&v=2.9.35&r=canary&ec=0&o=30&ttf=1714.8850001394749&tts=1418.7299981713295&ttse=1708.3549983799458&fbp=fb.1.1614932203394.2143042115&it=1614932203103&coo=false&rqm=GET

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 08:16:43 GMT

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 85ms
85ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2806944;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932203469%3A1%3A236d1c37d440ef5cac3ed083b08ab561;opts=dl;_=0.771366552111092

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 150ms
85ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=2870148;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932203471%3A2%3A236d1c37d440ef5cac3ed083b08ab561;opts=sec%2Cdl;_=0.6033011267758353

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

POST
H/1.1 200
OK counter
top-fwz1.mail.ru/ 43 B
1 KB 140ms
87ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3171693;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;pid=USER_ID;title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932203472%3A3%3A236d1c37d440ef5cac3ed083b08ab561;opts=sec%2Cdl;_=0.717264760560627

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

GET
H/1.1

200
OK

erle.cgi Show response
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown&tuid=-5729146111

2 KB
2 KB

124ms
124ms

Script
application/x-javascript

195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown&tuid=-5729146111
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 3ca1018ef306aaea96f31116cd82d04526760406ac285e6d5a4056cc6a53919f

Request headers

Referer: https://perm.domru.ru/quiz_landing
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 08:16:43 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 08:16:43 GMT
Location: /cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown&tuid=-5729146111
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

Cookie set tag Show response
tag.rutarget.ru/ Frame 5780
Redirect Chain

https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE...
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE...

324 B
812 B

215ms
214ms

Document
text/html

80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true
Requested by: Host: cdn.rutarget.ru
URL: https://cdn.rutarget.ru/static/tag/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
Software: nginx /
Resource Hash: 230cd190018fbb6627b556b2e5f6addf2010c0846294a96c1342e384dc5f4080

Request headers

Host: tag.rutarget.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://perm.domru.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: check_for_permission=true
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://perm.domru.ru/

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 08:16:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: check_for_permission=; Path=/; Domain=.rutarget.ru; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=None; Secure userId=BumbUo1BIXlk; Path=/; Domain=.rutarget.ru; Expires=Wed, 01 Sep 2021 08:16:44 GMT; SameSite=None; Secure
Timing-Allow-Origin: *
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Length: 0
Connection: keep-alive
Location: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: check_for_permission=true; Path=/; Domain=.rutarget.ru; Expires=Fri, 05 Mar 2021 08:17:43 GMT; SameSite=None; Secure
Timing-Allow-Origin: *

GET
H/1.1

200
OK

tag
tag.rutarget.ru/ Frame 47B6
Redirect Chain

https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html
https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true

35 B
548 B

211ms
210ms

Image
image/gif

80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true
Requested by: Host: cdn.rutarget.ru
URL: https://cdn.rutarget.ru/static/sharecookie/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://cdn.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:44 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

Location: https://tag.rutarget.ru/tag?event=otherPage&check=true&nosync=true&__r=1705306472090&__location=https%3A%2F%2Fcdn.rutarget.ru%2Fstatic%2Fsharecookie%2Findex.html&check-cookie=true
Date: Fri, 05 Mar 2021 08:16:43 GMT
Server: nginx
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 rtrg
vk.com/ 49 B
445 B 76ms
75ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-476802-7aa70&metatag_url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&metatag_title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.106343

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.106343
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2

200

1 Show response
mc.yandex.ru/watch/30080914/
Redirect Chain

https://mc.yandex.ru/watch/30080914?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.ru/watch/30080914/1?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Aut...

221 B
302 B

51ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/30080914/1?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A51417929%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614932201678%3Awv%3A2%3Ads%3A59%2C197%2C345%2C8%2C0%2C0%2C%2C25%2C0%2C%2C%2C%2C965%3Adsn%3A58%2C197%2C345%2C7%2C0%2C0%2C%2C20%2C0%2C%2C%2C%2C966%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

66b3ecfb5189c3ffded1cfe5174e8cd84824efb1e620b9fbf3da66391ff2378c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 05-Mar-2021 08:16:43 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://perm.domru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 221
x-xss-protection: 1; mode=block
expires: Fri, 05-Mar-2021 08:16:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 05-Mar-2021 08:16:43 GMT
location: /watch/30080914/1?wmode=7&page-url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afp%3A733%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A51417929%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614932201678%3Awv%3A2%3Ads%3A59%2C197%2C345%2C8%2C0%2C0%2C%2C25%2C0%2C%2C%2C%2C965%3Adsn%3A58%2C197%2C345%2C7%2C0%2C0%2C%2C20%2C0%2C%2C%2C%2C966%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8
strict-transport-security: max-age=31536000
access-control-allow-origin: https://perm.domru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 05-Mar-2021 08:16:43 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 45ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 05 Mar 2021 09:16:43 GMT

GET
H2 200 rtrg
vk.com/ 49 B
363 B 77ms
76ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-165812-hSFvz&metatag_url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&metatag_title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.106343

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.106343
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 rtrg
vk.com/ 49 B
363 B 78ms
77ms Image
image/gif 87.240.190.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-543278-QD4v&metatag_url=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&metatag_title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv72-190-240-87.vk.com

Software

kittenx / KPHP/7.4.106343

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-frontend: front220206
server: kittenx
x-powered-by: KPHP/7.4.106343
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 3039688516159792 Show response
connect.facebook.net/signals/config/ 252 KB
72 KB 120ms
119ms Script
application/x-javascript 2a03:2880:f006:21:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3039688516159792?v=2.9.35&r=canary

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e9e44b5c47d9c2f6e6b3c8bd98baed5b8167de3f42a69c3a3188730f3fb7789

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: nUCqZMssdDa1+3YZik99VsPw8bQNZjxHXrv1p/drUcG5OtAWv09rjqeC81Zm25r+y05Z/0uR2N24fC54ayjTfQ==
x-fb-trip-id: 1425083115
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 05 Mar 2021 08:16:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 13ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=224119345517074&ev=PageView&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&rl=&if=false&ts=1614932203618&sw=1600&sh=1200&v=2.9.35&r=canary&ec=0&o=30&ttf=1939.4499994814396&tts=1418.7299981713295&ttse=1734.0399995446205&fbp=fb.1.1614932203394.2143042115&it=1614932203103&coo=false&rqm=GET

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 08:16:43 GMT

GET
H2 200 dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing Show response
adservice.google.com/ddm/fls/i/ Frame 5368 492 B
613 B 40ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Requested by

Host: 4360952.fls.doubleclick.net
URL: https://4360952.fls.doubleclick.net/activityi;dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3af1e9cd285b02b835a3b984b0a9d77e0c5381ef2f27c1de57cca26c2e162235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4360952.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://4360952.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track-log.js Show response
sf19-scmcdn-va.ibytedtos.com/goofy/track-log-international/ad/business/v4.1.16/ 25 KB
9 KB 142ms
46ms Script
application/javascript 199.232.138.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sf19-scmcdn-va.ibytedtos.com/goofy/track-log-international/ad/business/v4.1.16/track-log.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BQFHAFOAC2KB0QR0PDC0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.138.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 650e87c5624b182aa7c42735adbcd93b284041f33ef2a59a0bae1153479312a2

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
fastly-restarts: 1
x-tt-trace-tag: id=19;cdn-cache=hit;type=static
content-md5: uvAVuqnNmOjThr4Oq+OO9A==
age: 396670
x-cache: HIT, HIT
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=0, cdn-cache;desc=hit, edge;dur=0
content-length: 8980
via: 1.1 varnish, 1.1 varnish
x-tos-request-id: 9ca39a3bdb6c5418-abc21c4
x-tos-response-time: Sun, 28 Feb 2021 18:05:32 GMT
last-modified: Wed, 27 Jan 2021 06:43:08 GMT
server: nginx
x-timer: S1614932204.742686,VS0,VE0
x-served-by: cache-dca17724-DCA, cache-hhn11573-HHN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 013ca82ec9f5fcd89ddbb27b9996efab10036c20c4bd07608ab465ecf90ec21872be28f99089299c324998ef9ead06f4fec1ab107a44eb7f4b72c7bc8da0947aca01f8215ec90f9a24a18ce02803500e1a
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 71601

GET
H3-Q050

200

dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing Show response
4360952.fls.doubleclick.net/ddm/fls/r/ Frame 2684
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domr...
https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fp...

947 B
829 B

56ms
55ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

f80f91ec9e1e00a6506c3a43d07d7b66b99489e2fa159bf9e305443f394694a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4360952.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:43 GMT
expires: Fri, 05 Mar 2021 08:16:43 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 536
x-xss-protection: 0
set-cookie: IDE=AHWqTUmCpW1X10t6-ETuNG_O9yJCeGVSZzI4QcZGcVNUBxCZIO0RX-qVoWHOMJUu_Cg; expires=Wed, 30-Mar-2022 08:16:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 30080914 Show response
mc.yandex.ru/watch/ 43 B
73 B 48ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/30080914?page-url=goal%3A%2F%2Fperm.domru.ru%2Fquiz_error_&page-ref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A1%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A460641897%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614932201678%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 05-Mar-2021 08:16:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://perm.domru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Mar-2021 08:16:43 GMT

GET
H2 200 30080914 Show response
mc.yandex.ru/watch/ 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/30080914?page-url=goal%3A%2F%2Fperm.domru.ru%2Fquiz_error_&page-ref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A1%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A941866019%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614932201678%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 05-Mar-2021 08:16:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://perm.domru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Mar-2021 08:16:43 GMT

GET
H2 200 30080914 Show response
mc.yandex.ru/watch/ 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/30080914?page-url=goal%3A%2F%2Fperm.domru.ru%2Fquiz_error_&page-ref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A1d7r6afuymvj624d%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A1%3Als%3A528059348730%3Ahid%3A866137839%3Az%3A60%3Ai%3A20210305091643%3Aet%3A1614932204%3Ac%3A1%3Arn%3A744901408%3Au%3A1614932204336656073%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1614932201678%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1614932204%3At%3A%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 05-Mar-2021 08:16:43 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://perm.domru.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 05-Mar-2021 08:16:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 13ms
12ms Image
image/gif 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3039688516159792&ev=PageView&dl=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&rl=&if=false&ts=1614932203760&sw=1600&sh=1200&v=2.9.35&r=canary&ec=0&o=30&ttf=2081.064999103546&tts=1418.7299981713295&ttse=1941.355001181364&fbp=fb.1.1614932203394.2143042115&it=1614932203103&coo=false&rqm=GET

Requested by

Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 05 Mar 2021 08:16:43 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2684 40 KB
16 KB 144ms
54ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 4360952.fls.doubleclick.net
URL: https://4360952.fls.doubleclick.net/ddm/fls/r/dc_pre=CIzPx6LbmO8CFUaB1Qod96YKYw;src=4360952;type=invmedia;cat=fakuziup;ord=519491299045;gtm=2wg2o0;auiddc=1958343278.1614932203;~oref=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c490a90e70edad9a18b327427e3d2d4e315d7824d0fecac3787fb4723c00305d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4360952.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15433
x-xss-protection: 0
server: cafe
etag: 8077337756528662035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:16:43 GMT

GET
H/1.1 200
OK set_external_data.php Show response
mod.calltouch.ru/ 1 B
643 B 317ms
127ms XHR
text/html 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php?modId=15d929cc&siteId=21258&sessionId=936128940&ya_client_id=1614932204336656073&fbp=fb.1.1614932203394.2143042115
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 08:16:44 GMT
X-ct-fe: ct-mod-front01a
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

GET
H/1.1 200
OK 5.c1f54be2dfafa8e9d6b8.js Show response
mod.calltouch.ru/ 2 KB
2 KB 93ms
93ms Script
application/javascript 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/5.c1f54be2dfafa8e9d6b8.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=15d929cc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c5d02fa2602b809509e17b1adcd5bbe4996a3beca58df330b63aa933161af398

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Pragma: no-cache
Last-Modified: Friday, 05-Mar-2021 08:16:43 GMT
Server: nginx
ETag: W/"60391033-7fe"
Vary: Accept-Encoding
X-ct-fe: ct-mod-front01a
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

GET
H/1.1 200
OK 0.c1f54be2dfafa8e9d6b8.js Show response
mod.calltouch.ru/ 2 KB
2 KB 96ms
96ms Script
application/javascript 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/0.c1f54be2dfafa8e9d6b8.js
Requested by: Host: mod.calltouch.ru
URL: https://mod.calltouch.ru/init.js?id=15d929cc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0a6fad0f99b359dd309954b48056f0d53a5a991358d5e52025f7c615334a29c1

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:43 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Connection: keep-alive
Pragma: no-cache
Last-Modified: Friday, 05-Mar-2021 08:16:43 GMT
Server: nginx
ETag: W/"60391033-6f1"
Vary: Accept-Encoding
X-ct-fe: ct-mod-front01a
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

POST
H2 200 /
www.facebook.com/tr/ 0
83 B 13ms
12ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryoBCXB3U3ATpYDPAp

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 05 Mar 2021 08:16:43 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/954791961/ Frame 2684 2 KB
2 KB 126ms
65ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/954791961/?random=1614932203965&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

aa73192fdbfc732fb4eb32be3e870b8f3154bc51501b34f2f2b802b524179a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4360952.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l6.html Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame 50D7 1 KB
1 KB 289ms
90ms Document
text/html 23.111.96.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&836637&0&0&201&194.99.105.99&counter&1
Requested by: Host: ad.adriver.ru
URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=219238&bt=62&custom=206%3DDSPCounter&ph=0&rnd=836637&tail256=unknown
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 67b8e90024bcaf4ed6429f758d39f07cb80ac09215d6ed0d2ebf83f1b2ba030f

Request headers

:method: GET
:authority: content.adriver.ru
:scheme: https
:path: /banners/0002186/0002186173/0/l6.html?0&4&6&0&836637&0&0&201&194.99.105.99&counter&1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://perm.domru.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: cid=A25wEE_DJpreFsxXEyhOuAw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://perm.domru.ru/

Response headers

server: nginx
date: Fri, 05 Mar 2021 08:16:44 GMT
content-type: text/html
content-length: 1407
last-modified: Tue, 03 Mar 2020 14:04:04 GMT
etag: "5e5e63d4-57f"
accept-ranges: bytes

POST
H2 200 /
www.facebook.com/tr/ 0
54 B 13ms
13ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary0zYpV47bADqjaEKa

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 05 Mar 2021 08:16:44 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050

200

/ Show response
www.google.de/pagead/1p-conversion/954791961/ Frame 1216
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_...
https://www.google.com/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
https://www.google.de/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...

63 B
196 B

19ms
19ms

Document
text/html

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/954791961/?random=1614932203965&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.de
:scheme: https
:path: /pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO&ipr=y
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4360952.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 05 Mar 2021 08:16:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.de/pagead/1p-conversion/954791961/?random=1234196910&cv=9&fst=1614932203965&num=1&label=U4kHCJSTsnEQmfCjxwM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4360952.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIzPx6LbmO8CFUaB1Qod96YKYw%3Bsrc%3D4360952%3Btype%3Dinvmedia%3Bcat%3Dfakuziup%3Bord%3D519491299045%3Bgtm%3D2wg2o0%3Bauiddc%3D1958343278.1614932203%3B~oref%3Dhttps%253A%252F%252Fperm.domru.ru%252Fquiz_landing&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=7OhBYLuACJW0gAeL6KzoCg&cid=CAQSKQCNIrLMQZXrwxzVOk-DbAIVk8T2lXaMS2HbvMgaS1PCO3OnqnFPlzKM&random=3642733792&resp=GooglemKTybQhCsO&ipr=y
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK set_attrs.php Show response
mod.calltouch.ru/ 1 B
643 B 103ms
103ms XHR
text/html 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_attrs.php
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 08:16:44 GMT
X-ct-fe: ct-mod-front01a
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

OPTIONS
H/1.1 204
No Content set_attrs.php
mod.calltouch.ru/ Frame 0
0 101ms
101ms Preflight
text/plain 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_attrs.php
Protocol: HTTP/1.1
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://perm.domru.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 08:16:44 GMT
Connection: keep-alive
Last-Modified: Friday, 05-Mar-2021 08:16:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Pragma: no-cache
Expires: -1
X-ct-fe: ct-mod-front01a
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Max-Age: 0
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK Cookie set tag Show response
tag.rutarget.ru/ Frame 395B 839 B
2 KB 193ms
192ms Document
text/html 80.64.106.151
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.151 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
Software: nginx /
Resource Hash: dc937608f012cc3897c74b1feb0d137ec84c230d0f7abd2938c01e351fe1bcc6

Request headers

Host: tag.rutarget.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: userId=BumbUo1BIXlk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&__r=26787756328384037000&__location=https%3A%2F%2Fperm.domru.ru%2Fquiz_landing&__referrer=&__title=%D0%9F%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D0%BC%20%D0%B2%D1%8B%D0%B1%D1%80%D0%B0%D1%82%D1%8C%20%D1%82%D0%B0%D1%80%D0%B8%D1%84%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%BE%D1%82%20%D0%94%D0%BE%D0%BC.ru%20%D0%B2%20%D0%9F%D0%B5%D1%80%D0%BC%D0%B8&__keywords=&_usertz=60&check-cookie=true

Response headers

Server: nginx
Date: Fri, 05 Mar 2021 08:16:44 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=BumbUo1BIXlk; Path=/; Domain=.rutarget.ru; Expires=Wed, 01 Sep 2021 08:16:44 GMT; SameSite=None; Secure sync_c822c1b63853ed273b89687ac505f9fa=BumbUo1BIXlk|1614932204399; Path=/; Domain=.rutarget.ru; Expires=Fri, 19 Mar 2021 08:16:44 GMT; SameSite=None; Secure sync_ec8bf516fafa51927e71233e18e82503=BumbUo1BIXlk|1614932204399; Path=/; Domain=.rutarget.ru; Expires=Fri, 19 Mar 2021 08:16:44 GMT; SameSite=None; Secure sync_d7a14e30636d52e10b35d10c02578019=BumbUo1BIXlk|1614932204399; Path=/; Domain=.rutarget.ru; Expires=Fri, 19 Mar 2021 08:16:44 GMT; SameSite=None; Secure sync_71c015090a068e09460994346a52bdbb=BumbUo1BIXlk|1614932204399; Path=/; Domain=.rutarget.ru; Expires=Fri, 19 Mar 2021 08:16:44 GMT; SameSite=None; Secure sync_f1027a6379476776c39f6421266f790d=BumbUo1BIXlk|1614932204399; Path=/; Domain=.rutarget.ru; Expires=Fri, 19 Mar 2021 08:16:44 GMT; SameSite=None; Secure
Timing-Allow-Origin: *
Content-Encoding: gzip

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 13ms
12ms Other
text/plain 2a03:2880:f106:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryPrBiLErAyTGMVSQy

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 05 Mar 2021 08:16:44 GMT
content-type: text/plain
access-control-allow-origin: https://perm.domru.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 gtm
p.domru.ru/ 0
266 B 119ms
119ms Image
application/octet-stream 188.186.156.88
ERTELECOM-DC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.domru.ru/gtm?eventName=gtm.js&evts=1614932203012&t1id=420&t1st=success&t1et=59&t2id=450&t2st=success&t2et=100&t3id=456&t3st=success&t3et=1&t4id=75&t4st=success&t4et=620&t5id=144&t5st=success&t5et=72&t6id=146&t6st=success&t6et=65&t7id=322&t7st=success&t7et=1267&t8id=62&t8st=success&t8et=0&t9id=91&t9st=success&t9et=1&t10id=216&t10st=success&t10et=0&t11id=442&t11st=success&t11et=1&t12id=443&t12st=success&t12et=0&t13id=444&t13st=success&t13et=0&t14id=547&t14st=success&t14et=1&t15id=774&t15st=success&t15et=0&t16id=775&t16st=success&t16et=1&t17id=776&t17st=success&t17et=0&t18id=777&t18st=success&t18et=1&t19id=805&t19st=success&t19et=1&t20id=810&t20st=success&t20et=1&t21id=819&t21st=success&t21et=0&t22id=825&t22st=success&t22et=0
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/quiz_landing
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS: 188x186x156x88.static.cc.ertelecom.ru
Software: nginx/1.12.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:44 GMT
server: nginx/1.12.2
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 a6.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ Frame 50D7 12 KB
12 KB 93ms
93ms Script
application/x-javascript 23.111.96.36
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/a6.js?rnd=445396
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&836637&0&0&201&194.99.105.99&counter&1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.36 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c5d76590094b0892a1b08ebe528adb536a4f5d20c713383a2ed0dba558222c40

Request headers

Referer: https://content.adriver.ru/banners/0002186/0002186173/0/l6.html?0&4&6&0&836637&0&0&201&194.99.105.99&counter&1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Mar 2021 08:16:44 GMT
last-modified: Fri, 13 Nov 2020 10:40:56 GMT
server: nginx
etag: "5fae62b8-3028"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12328
expires: Fri, 05 Mar 2021 09:16:44 GMT

GET
H/1.1

200
OK

sync
google-sync.rutarget.ru/ Frame 395B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=QnVtYlVvMUJJWGxr&google_ula=2046794&google_cm=
https://google-sync.rutarget.ru/sync?google_gid=CAESENgY8ch7erBfgd6-2uT-u7o&google_cver=1&google_ula=2046794,2

35 B
398 B

364ms
191ms

Image
image/gif

80.64.106.147
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google-sync.rutarget.ru/sync?google_gid=CAESENgY8ch7erBfgd6-2uT-u7o&google_cver=1&google_ula=2046794,2
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.147 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr2.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:45 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://google-sync.rutarget.ru/sync?google_gid=CAESENgY8ch7erBfgd6-2uT-u7o&google_cver=1&google_ula=2046794,2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 BumbUo1BIXlk
an.yandex.ru/setud/rutarget/ Frame 395B 43 B
392 B 171ms
73ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/rutarget/BumbUo1BIXlk?sign=1504694584

Requested by

Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:44 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 08:16:44 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 05 Mar 2021 08:16:44 GMT

GET
H/1.1 204
No Content sg
tech.rtb.mts.ru/ Frame 395B 0
653 B 266ms
85ms Image
text/html 213.87.44.207
MTSNET Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tech.rtb.mts.ru/sg?segmento_id=BumbUo1BIXlk
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.87.44.207 Moscow, Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS: infrastructure-207-44.mts.ru
Software: nginx/1.13.12 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.13.12
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 395B 43 B
323 B 174ms
59ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=34&id=BumbUo1BIXlk
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 05 Mar 2021 08:16:44 GMT
Last-Modified: Fri, 05 Mar 2021 08:16:44 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 05 Mar 2021 14:16:44 GMT

GET
H2

200

/
wf.frontend.weborama.fr/streampixel/ Frame 395B
Redirect Chain

https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0
https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0&bounce=1&random=2019679881

67 B
142 B

58ms
57ms

Image
image/gif

35.244.223.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0&bounce=1&random=2019679881
Requested by: Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_f1027a6379476776c39f6421266f790d%2Csync_c822c1b63853ed273b89687ac505f9fa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.223.244.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer: https://tag.rutarget.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:44 GMT
via: 1.1 google
last-modified: Fri, 05 Mar 2021 08:16:44 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 67
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 05 Mar 2021 08:16:44 GMT
via: 1.1 google
last-modified: Fri, 05 Mar 2021 08:16:44 GMT
server: nginx/1.12.0
location: https://wf.frontend.weborama.fr/streampixel/?wamid=2520&Wvar=%7B%22segmento_id%22%3A%22BumbUo1BIXlk%22%7D&d.r=0&bounce=1&random=2019679881
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 86ms
86ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2806944;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1614932201678/////0/0/59/59/256/83/256/601/609/604/629/965/965/3401/3401/;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932205080%3A4%3A236d1c37d440ef5cac3ed083b08ab561;opts=dl;_=0.6058996784066717;e=RT/load;et=1614932205079

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:45 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 84ms
84ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=2870148;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1614932201678/////0/0/59/59/256/83/256/601/609/604/629/965/965/3401/3401/;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932205081%3A5%3A236d1c37d440ef5cac3ed083b08ab561;opts=sec%2Cdl;_=0.7708081712452854;e=RT/load;et=1614932205079

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:45 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

POST
H/1.1 200
OK tracker
top-fwz1.mail.ru/ 43 B
1 KB 77ms
76ms Other
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3171693;u=https%3A//perm.domru.ru/quiz_landing;st=1614932202307;pid=USER_ID;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=8a9f26593878a992;ver=60.3.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1614932201678/////0/0/59/59/256/83/256/601/609/604/629/965/965/3401/3401/;ni=9.7//4g/0/0/;lvid=1614932203464%3A1614932205082%3A6%3A236d1c37d440ef5cac3ed083b08ab561;opts=sec%2Cdl;_=0.7974949564797729;e=RT/load;et=1614932205079

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 05 Mar 2021 08:16:45 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Access-Control-Allow-Headers: *
AMP-Access-Control-Allow-Source-Origin: https://perm.domru.ru
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://perm.domru.ru
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-Control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Accept-CH-Lifetime: 86400
Accept-CH: DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin: https://perm.domru.ru
Keep-Alive: timeout=60

GET
H/1.1 200
OK set_external_data.php Show response
mod.calltouch.ru/ 1 B
643 B 290ms
108ms XHR
text/html 92.118.67.1
CALLTOUCH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mod.calltouch.ru/set_external_data.php?modId=15d929cc&siteId=21258&sessionId=936128940&ya_client_id=1614932210162735768
Requested by: Host: perm.domru.ru
URL: https://perm.domru.ru/_next/static/8vL0Q5mDdXiXC3ye0Zlts/pages/_app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 92.118.67.1 , Russian Federation, ASN49031 (CALLTOUCH-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://perm.domru.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 05 Mar 2021 08:16:50 GMT
X-ct-fe: ct-mod-front01a
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Expires: -1

GET set_external_data.php
mod.calltouch.ru/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mod.calltouch.ru
URL: https://mod.calltouch.ru/set_external_data.php?modId=15d929cc&siteId=21258&sessionId=936128940&ya_client_id=1614932217309036114

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rutarget.ru/	1970-01-19 16:55:41	Name: sync_ec8bf516fafa51927e71233e18e82503 Value: BumbUo1BIXlk\|1614932204399
.rutarget.ru/	1970-01-19 16:55:41	Name: sync_c822c1b63853ed273b89687ac505f9fa Value: BumbUo1BIXlk\|1614932204399
.rutarget.ru/	1970-01-19 20:54:44	Name: userId Value: BumbUo1BIXlk
.adriver.ru/	1970-01-20 10:06:44	Name: cid Value: A25wEE_DJpreFsxXEyhOuAw
.doubleclick.net/	1970-01-20 01:57:08	Name: IDE Value: AHWqTUmCpW1X10t6-ETuNG_O9yJCeGVSZzI4QcZGcVNUBxCZIO0RX-qVoWHOMJUu_Cg
.domru.ru/	1970-01-20 00:35:03	Name: tmr_reqNum Value: 6
perm.domru.ru/	1969-12-31 23:59:59	Name: cted Value: modId%3D15d929cc%3Bclient_id%3D116815213.1614932203%3Bya_client_id%3D1614932204336656073%3Bfbp%3Dfb.1.1614932203394.2143042115
.perm.domru.ru/	1970-01-19 16:35:34	Name: call_s Value: %3C!%3E%7B%2215d929cc%22%3A%5B1614934003%2C936128940%2C%7B%2263100%22%3A%22233221%22%7D%5D%2C%22d%22%3A3%7D%3C!%3E
perm.domru.ru/	1969-12-31 23:59:59	Name: _ct_site_id Value: 21258
.domru.ru/	1970-01-19 16:36:44	Name: _ym_isad Value: 2
.domru.ru/	1970-01-25 20:05:16	Name: p_uid Value: vLqcWGBB6OtScRURFDINAg==
.domru.ru/	1970-01-20 01:21:08	Name: _ym_uid Value: 1614932204336656073
.domru.ru/	1970-01-20 00:35:03	Name: tmr_lvid Value: 236d1c37d440ef5cac3ed083b08ab561
.domru.ru/	1970-01-20 01:21:08	Name: _ym_d Value: 1614932204
.rutarget.ru/	1970-01-19 16:55:41	Name: sync_d7a14e30636d52e10b35d10c02578019 Value: BumbUo1BIXlk\|1614932204399
.domru.ru/	1970-01-19 18:45:08	Name: _fbp Value: fb.1.1614932203394.2143042115
perm.domru.ru/	1970-01-19 16:35:32	Name: numberOfVisitedPages Value: 0
.perm.domru.ru/	1970-01-19 16:35:32	Name: _dc_gtm_UA-30390946-2 Value: 1
.adriver.ru/	1969-12-31 23:59:59	Name: sd Value: 1
.domru.ru/	1970-01-19 16:36:58	Name: _gid Value: GA1.2.1833846844.1614932203
.domru.ru/	1970-01-19 18:45:08	Name: _gcl_au Value: 1.1.1958343278.1614932203
.adriver.ru/	1970-01-19 16:35:32	Name: rs Value: 1
.perm.domru.ru/	1970-01-19 16:35:32	Name: _gat_UA-42895529-1 Value: 1
.rutarget.ru/	1970-01-19 16:55:41	Name: sync_f1027a6379476776c39f6421266f790d Value: BumbUo1BIXlk\|1614932204399
.rutarget.ru/	1970-01-19 16:55:41	Name: sync_71c015090a068e09460994346a52bdbb Value: BumbUo1BIXlk\|1614932204399
perm.domru.ru/	1970-01-20 01:20:34	Name: _ct Value: 700000001193848610
.perm.domru.ru/	1970-01-20 10:06:44	Name: _ga Value: GA1.3.116815213.1614932203
perm.domru.ru/	1970-01-19 16:36:58	Name: session-cookie Value: 1669636660b25efe636963c26940ac72816e58e139fa633b50a9edb575c8b9218029ce3f17a24ef699ae0e2ae9a2fa90
.domru.ru/	1970-01-19 16:35:32	Name: _gat_domru_ru Value: 1
perm.domru.ru/	1969-12-31 23:59:59	Name: _ct_ids Value: 15d929cc%3A21258%3A936128940
.perm.domru.ru/	1970-01-19 16:36:58	Name: _gid Value: GA1.3.1833846844.1614932203
.domru.ru/	1970-01-20 00:35:03	Name: tmr_lvidTS Value: 1614932203464
.domru.ru/	1970-01-20 10:06:44	Name: _ga Value: GA1.2.116815213.1614932203
perm.domru.ru/	1969-12-31 23:59:59	Name: _ct_session_id Value: 936128940
.domru.ru/	1970-01-19 16:35:32	Name: _dc_gtm_UA-42895529-1 Value: 1
perm.domru.ru/	1969-12-31 23:59:59	Name: _ga_cid Value: 116815213.1614932203

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4360952.fls.doubleclick.net
ad.adriver.ru
ad.mail.ru
adservice.google.com
adservice.google.de
an.yandex.ru
analytics.tiktok.com
cdn.carrotquest.io
cdn.rutarget.ru
cm.g.doubleclick.net
connect.facebook.net
content.adriver.ru
google-sync.rutarget.ru
googleads.g.doubleclick.net
mc.yandex.ru
mod.calltouch.ru
p.domru.ru
perm.domru.ru
sf19-scmcdn-va.ibytedtos.com
stats.g.doubleclick.net
tag.rutarget.ru
tags.adriver.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
vk.com
wf.frontend.weborama.fr
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
mod.calltouch.ru
138.201.8.167
142.250.185.130
142.250.185.162
142.250.185.70
188.186.156.88
188.186.157.51
195.209.108.47
199.232.138.133
2.16.186.161
213.87.44.207
217.69.133.145
23.111.96.36
2a00:1148:db00::17
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
35.244.223.69
80.64.106.147
80.64.106.151
87.240.190.72
88.212.240.204
92.118.67.1
92.223.124.254
00ca484bbe0e6c5f7294724202e8b0f708013c1347df236734f4451a51081b57
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06649e87db9dcc3aac096d3cd4926a6499971599de35952979aed8d4ebeb4a68
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0a6fad0f99b359dd309954b48056f0d53a5a991358d5e52025f7c615334a29c1
0e9e44b5c47d9c2f6e6b3c8bd98baed5b8167de3f42a69c3a3188730f3fb7789
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f592204eb417218097f764a9d984fcadc0608cf6b4d01d5d48b0fd95803459e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
230cd190018fbb6627b556b2e5f6addf2010c0846294a96c1342e384dc5f4080
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27c41e224895b1e856c136e8ee051e1c8451b669500e512f024c4336314699ae
27e6a9fb11a2974f7b35d83d63dadaad8509c492fa854c1904cf833b35365c50
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30f72041bd6c16899960793442090f8bfc5b949ced23dd3975a4769f143e8aa7
315a6b230e8ab6b5f3dc1d35c70a0e3021655ae30966dc7db496a7f8e177ec61
31ba89bda5e9683877830832157453cb6789fc644341ace3fc99baf632c64ad2
343abf54df47db0aa22c4933b04a1e94da34490c9ff8bd5096cacdcf9292a35b
3a67a345cf2639efdd80db7ed165e416c49d4f490de7dc1e415851ff8204bdf4
3af1e9cd285b02b835a3b984b0a9d77e0c5381ef2f27c1de57cca26c2e162235
3ca1018ef306aaea96f31116cd82d04526760406ac285e6d5a4056cc6a53919f
467f938e932decc2caa2e52c79a4f24a7a226ecd3432b92a8395c98ce2aaec1a
5147d7da7959b37f8ca9f3a0e6c3d00f52fc62c5f1cbdab3fc50ca11be85c665
540072b4105b70e4a5a3d2a13259b40f35da2e9e6b71ca142e6c046ef273d028
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
5990ef61a6686e3f8e5dbe4b559e0c5fbe13861aa7d9ac2a8b54ddef605e04c7
5b4467bf8be502fd03d23b68b601edc75b559b2e8fd7fddb8b7e4617fb8a9b2f
5cc0092d2b97ff2f087576ba48edda6430a8d761d1e6ed8db6371fef84809a6c
5e13675d8d4762fa96531de68e3012148f745a1795e747eea82d7b22fc018eba
624c290f2ad2a833b5bdc16b5cbbdc5d8df6792c63b011a5296ba2601eee629c
6295651d2e0cffd999d1f2f865b6ee50a594b0dd6c9f900cc84d47d541cf786f
650e87c5624b182aa7c42735adbcd93b284041f33ef2a59a0bae1153479312a2
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
66b3ecfb5189c3ffded1cfe5174e8cd84824efb1e620b9fbf3da66391ff2378c
67b8e90024bcaf4ed6429f758d39f07cb80ac09215d6ed0d2ebf83f1b2ba030f
7041dffeb592ebf887d4c1403fb043f7905e0111b4be4e96173186bd29d8f38f
72a1e3a9df96c85ce79acb939ce45e4e0ac2b339024db0762ddff41ac51ec1e3
7352ede0c8c9c0c12b89952f01c051c77cf384e8ecce8ee8960de7de72a2314f
73d6bfcf880084ffafebcfb37169c35ccde78fa8bf7ce14033a81b7ddb753aaf
79513cd4b792142ea7152c26eb75d08498f716739988a89db4c135bffc8fa778
7c0e2fd19f02f34b95544b6096d629d9cc1300de3b4b0fba5bb6a8034aa3965c
807af99f58b9db538d3f922cca15cff1eb07e52a7d18c842cb0d55c5eeefa86d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
927e1af72dca8a5f1e1508462de66dc1a8a4f9b1b4bcccdb267621e0eb716252
949f355c9c08c2e15499fc58650efddb00a99f75cea213bb0f3bd08bb59057bd
94cf658d2c7345f5472d9d4514ade118d9f9bed0d50a5fc4a02fb9dcd2c8d8c6
a25dd75204332626e40ff60e4a36f0e95cd7fa03d90e3a40deed65f9721344a4
a29ca493e809fc3de29f864104fb099e797d136643f8831563c5d9fdb09165d3
a6d70210d89d088bc387e7c92a22e51f105f02ef60e87748c3fbce95e3b1b15d
aa73192fdbfc732fb4eb32be3e870b8f3154bc51501b34f2f2b802b524179a27
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af27dba940a709226cd10f70b3ac826a919b32b78335065968f9f7da4d43b1e4
b2eea593a5cfcdbb333a7221633baefa4faae402a59c3b3d7747b915c1770069
b81c16f515278f881b847a480a3ae5c3be3b7523e7f9131ae4beea008cd5f5b5
c490a90e70edad9a18b327427e3d2d4e315d7824d0fecac3787fb4723c00305d
c4f0b266eea164ac945182de47345daed87e9e1962a58d9f2c739bb5dcd6f5a9
c5d02fa2602b809509e17b1adcd5bbe4996a3beca58df330b63aa933161af398
c5d76590094b0892a1b08ebe528adb536a4f5d20c713383a2ed0dba558222c40
c91345eb92b22ea33c6be036fea7eb488465c3d32f43aa929a5d47ca90654791
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc937608f012cc3897c74b1feb0d137ec84c230d0f7abd2938c01e351fe1bcc6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defba5f6d19cc8452c4de79585e113606911bc60ae0e7cc3235291ba0c02ca5a
e2b85e56232189166bb697e5f7137d9a9c1a6f72fbcd19bbb6e66cde70a2b313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca2b4cc06ea4cc13709073eeea9c03408b1ba96d0d5290a697e6c93968bc387
ee48c70479dd48e6046830d53bc5a03b172cb2139a5cb3872a2f763b49b197f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67cab022fd715ab20536f34b8d4e63f008bb8501925e6dd1ef526ae7ed5f005
f80f91ec9e1e00a6506c3a43d07d7b66b99489e2fa159bf9e305443f394694a1
fe57719ca286ad12c7610046be227119af8ce9d8a93defa77392ecf5a21da4b5

perm.domru.ru Open in urlscan Pro 188.186.157.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

116 Requests

99 %HTTPS

41 %IPv6

20 Domains

32 Subdomains

30 IPs

4 Countries

1190 kBTransfer

3801 kBSize

36 Cookies

0 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

perm.domru.ru Open in urlscan Pro
188.186.157.51 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

99 %
HTTPS

41 %
IPv6

20
Domains

32
Subdomains

30
IPs

4
Countries

1190 kB
Transfer

3801 kB
Size

36
Cookies

116 HTTP transactions
1 data transactions