urlscan.io logo urlscan.io
SecurityTrails logo

prolongation.itcomgk.ru Open in urlscan Pro
213.109.72.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prolongation.itcomgk.ru/step/contacts?ref=uc_itcom
Effective URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Submission Tags: falconsandbox
Submission: On August 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 21 HTTP transactions. The main IP is 213.109.72.89, located in Russian Federation and belongs to ITK-AS, RU. The main domain is prolongation.itcomgk.ru.
TLS certificate: Issued by R3 on August 3rd 2021. Valid for: 3 months.
This is the only time prolongation.itcomgk.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    213.109.72.89 (Russian Federation)

ASN206396 (ITK-AS, RU)
prolongation.itcomgk.ru
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 prolongation.itcomgk.ru 1 redirects prolongation.itcomgk.ru
5 mc.yandex.com 2 redirects prolongation.itcomgk.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 mc.yandex.ru 1 redirects prolongation.itcomgk.ru
1 www.google.de prolongation.itcomgk.ru
1 www.google.com prolongation.itcomgk.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com prolongation.itcomgk.ru
0 epebfcehmdedogndhlcacafjaacknbcm Failed prolongation.itcomgk.ru
0 iifchhfnnmpdbibifmljnfjhpififfog Failed prolongation.itcomgk.ru
21 10

This site contains links to these domains. Also see Links.

Domain
uc-itcom.ru
www.cryptopro.ru
Subject Issuer Validity Valid
prolongation.itcomgk.ru
R3		 2021-08-03 -
2021-11-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Frame ID: 7304F2A29387B752E95D5BB12418EA66
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://prolongation.itcomgk.ru/step/contacts?ref=uc_itcom HTTP 302
    https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

21
Requests

90 %
HTTPS

86 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

629 kB
Transfer

874 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prolongation.itcomgk.ru/step/contacts?ref=uc_itcom HTTP 302
    https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9366.xAgkuxPMUi7v8BMPWNokKuPbCRvNw_D3aP9Q16I8Hmzi7XVXY0XxcslAclEIGufi.Kgp1GOOgvuSEi7OfxmOrFckl-dU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9366.poNeYcdef7-5nQ1Z51wNnf7ETpnQkUIWmOGaDBZpP71VULi0cnh9icqOsYG7yL56SLeaV8QK48dza2rPMHopag%2C%2C.gaqmPCoLYB7CwQq3nx5rgBii-_Q%2C
Request Chain 19
  • https://mc.yandex.com/watch/65446294?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1607552485647%3Ahid%3A178202424%3Az%3A120%3Ai%3A20210815090708%3Aet%3A1629011228%3Ac%3A1%3Arn%3A127731941%3Au%3A1629011228178560272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629011226779%3Ads%3A0%2C0%2C284%2C1%2C566%2C566%2C1%2C660%2C0%2C%2C%2C%2C1515%3Adsn%3A0%2C0%2C284%2C0%2C566%2C566%2C1%2C662%2C0%2C%2C%2C%2C1515%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629011229%3At%3A%D0%92%D1%8B%D0%BF%D1%83%D1%81%D0%BA%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B8 HTTP 302
  • https://mc.yandex.com/watch/65446294/1?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1607552485647%3Ahid%3A178202424%3Az%3A120%3Ai%3A20210815090708%3Aet%3A1629011228%3Ac%3A1%3Arn%3A127731941%3Au%3A1629011228178560272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629011226779%3Ads%3A0%2C0%2C284%2C1%2C566%2C566%2C1%2C660%2C0%2C%2C%2C%2C1515%3Adsn%3A0%2C0%2C284%2C0%2C566%2C566%2C1%2C662%2C0%2C%2C%2C%2C1515%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629011229%3At%3A%D0%92%D1%8B%D0%BF%D1%83%D1%81%D0%BA%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B8

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set owner-confirm
prolongation.itcomgk.ru/step/
Redirect Chain
  • https://prolongation.itcomgk.ru/step/contacts?ref=uc_itcom
  • https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.4.8
Resource Hash
2a8171fdf066d8687bcdfe89ec70203435231f7d17f03749260164d54168c307

Request headers

Host
prolongation.itcomgk.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=39aish5gqfo07rkkp4abil90to
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.18.0
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.4.8
Set-Cookie
PHPSESSID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
Cache-Control
max-age=0, must-revalidate, private
Date
Sun, 15 Aug 2021 07:07:07 GMT
Expires
Sun, 15 Aug 2021 07:07:07 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx/1.18.0
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.4.8
Set-Cookie
PHPSESSID=39aish5gqfo07rkkp4abil90to; path=/; HttpOnly
Cache-Control
max-age=0, must-revalidate, private
Date
Sun, 15 Aug 2021 07:07:07 GMT
Location
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Expires
Sun, 15 Aug 2021 07:07:07 GMT
sass.47d8823b.css
prolongation.itcomgk.ru/build/ 		81 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6e1ac3698f055cd72f8fede3a21458e86e5055cd2a20ed8a2b56eeaffabb0856

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Connection
keep-alive
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:07 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-1458c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83340
logo.4e717259.svg
prolongation.itcomgk.ru/build/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prolongation.itcomgk.ru/build/images/logo.4e717259.svg
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
42b96ae6b890c9dc7a5ddca00e96f1d4007e6d357562e615e69eb3db807240c6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Connection
keep-alive
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:07 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-14d0"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5328
app.14168613.js
prolongation.itcomgk.ru/build/ 		211 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/app.14168613.js
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fe2e97dcf9e58dd69eadec7b7507248a07720694f3af17cf928498b6facedc95

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Connection
keep-alive
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:07 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-34c38"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
216120
js
www.googletagmanager.com/gtag/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-129706695-2
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40094aef09956f0a73f57d634402f72efefc95e3b64ff320e09e19c647c3b428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 07:07:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40910
x-xss-protection
0
last-modified
Sun, 15 Aug 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 15 Aug 2021 07:07:07 GMT
Roboto-Bold.6cd35edf.woff2
prolongation.itcomgk.ru/build/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/fonts/Roboto-Bold.6cd35edf.woff2
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://prolongation.itcomgk.ru
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Connection
keep-alive
Origin
https://prolongation.itcomgk.ru
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:08 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-101b4"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65972
Roboto-Light.d537674e.woff2
prolongation.itcomgk.ru/build/fonts/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/fonts/Roboto-Light.d537674e.woff2
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://prolongation.itcomgk.ru
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Connection
keep-alive
Origin
https://prolongation.itcomgk.ru
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:08 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-ffe8"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65512
Roboto-Regular.a2580627.woff2
prolongation.itcomgk.ru/build/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/fonts/Roboto-Regular.a2580627.woff2
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://prolongation.itcomgk.ru
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
Connection
keep-alive
Origin
https://prolongation.itcomgk.ru
Referer
https://prolongation.itcomgk.ru/build/sass.47d8823b.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:08 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-1017c"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65916
nmcades_plugin_api.js
iifchhfnnmpdbibifmljnfjhpififfog/ 		0
0
nmcades_plugin_api.js
epebfcehmdedogndhlcacafjaacknbcm/ 		0
0
tag.js
mc.yandex.ru/metrika/ 		225 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 07:07:08 GMT
content-encoding
br
last-modified
Thu, 12 Aug 2021 09:51:50 GMT
etag
"611112b5-11dd4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73172
expires
Sun, 15 Aug 2021 08:07:08 GMT
available
prolongation.itcomgk.ru/action/offers/ 		2 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/action/offers/available
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/build/app.14168613.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 / PHP/7.4.8
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Accept
*/*
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:08 GMT
Cache-Control
no-cache, private
Server
nginx/1.18.0
Connection
keep-alive
X-Powered-By
PHP/7.4.8
Transfer-Encoding
chunked
Content-Type
application/json
9.c06c4d07.js
prolongation.itcomgk.ru/build/ 		669 B
920 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prolongation.itcomgk.ru/build/9.c06c4d07.js
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/build/app.14168613.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.109.72.89 , Russian Federation, ASN206396 (ITK-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c09bf8ba38326c9dcd5f0d87ce255101dc58881a371176d39a699a755906cdec

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
prolongation.itcomgk.ru
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Connection
keep-alive
Referer
https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 15 Aug 2021 07:07:08 GMT
Last-Modified
Fri, 13 Aug 2021 06:36:59 GMT
Server
nginx/1.18.0
ETag
"6116130b-29d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
669
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-129706695-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
5434
date
Sun, 15 Aug 2021 05:36:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 15 Aug 2021 07:36:34 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1590801969&t=pageview&_s=1&dl=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&ul=en-us&de=UTF-8&dt=%D0%92%D1%8B%D0%BF%D1%83%D1%81%D0%BA%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1252880329&gjid=1721498085&cid=984200616.1629011228&tid=UA-129706695-2&_gid=2091169053.1629011228&_r=1&gtm=2ou8b0&z=117850622
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Aug 2021 07:07:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://prolongation.itcomgk.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-129706695-2&cid=984200616.1629011228&jid=1252880329&gjid=1721498085&_gid=2091169053.1629011228&_u=YEBAAUAAAAAAAC~&z=1560877538
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 15 Aug 2021 07:07:08 GMT
content-type
text/plain
access-control-allow-origin
https://prolongation.itcomgk.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-129706695-2&cid=984200616.1629011228&jid=1252880329&_u=YEBAAUAAAAAAAC~&z=104561531
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Aug 2021 07:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-129706695-2&cid=984200616.1629011228&jid=1252880329&_u=YEBAAUAAAAAAAC~&z=104561531
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Aug 2021 07:07:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9366.xAgkuxPMUi7v8BMPWNokKuPbCRvNw_D3aP9Q16I8Hmzi7XVXY0XxcslAclEIGufi.Kgp1GOOgvuSEi7OfxmOrFckl-dU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9366.poNeYcdef7-5nQ1Z51wNnf7ETpnQkUIWmOGaDBZpP71VULi0cnh9icqOsYG7yL56SLeaV8QK48dza2rPMHopag%2C%2C.gaqmPCoLYB7CwQq3nx5rgBii-_Q%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9366.poNeYcdef7-5nQ1Z51wNnf7ETpnQkUIWmOGaDBZpP71VULi0cnh9icqOsYG7yL56SLeaV8QK48dza2rPMHopag%2C%2C.gaqmPCoLYB7CwQq3nx5rgBii-_Q%2C
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 07:07:08 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9366.poNeYcdef7-5nQ1Z51wNnf7ETpnQkUIWmOGaDBZpP71VULi0cnh9icqOsYG7yL56SLeaV8QK48dza2rPMHopag%2C%2C.gaqmPCoLYB7CwQq3nx5rgBii-_Q%2C
date
Sun, 15 Aug 2021 07:07:08 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: prolongation.itcomgk.ru
URL: https://prolongation.itcomgk.ru/step/owner-confirm?ref=uc_itcom
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 15 Aug 2021 07:07:08 GMT
last-modified
Thu, 12 Aug 2021 09:51:50 GMT
etag
"611112b5-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 15 Aug 2021 08:07:08 GMT
1
mc.yandex.com/watch/65446294/
Redirect Chain
  • https://mc.yandex.com/watch/65446294?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6q...
  • https://mc.yandex.com/watch/65446294/1?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p...
335 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/65446294/1?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1607552485647%3Ahid%3A178202424%3Az%3A120%3Ai%3A20210815090708%3Aet%3A1629011228%3Ac%3A1%3Arn%3A127731941%3Au%3A1629011228178560272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629011226779%3Ads%3A0%2C0%2C284%2C1%2C566%2C566%2C1%2C660%2C0%2C%2C%2C%2C1515%3Adsn%3A0%2C0%2C284%2C0%2C566%2C566%2C1%2C662%2C0%2C%2C%2C%2C1515%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629011229%3At%3A%D0%92%D1%8B%D0%BF%D1%83%D1%81%D0%BA%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e708d86684cadd6b82cc6297070eb8f8c9670e3745de2251818ee7a814092f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prolongation.itcomgk.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Aug 2021 07:07:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 15-Aug-2021 07:07:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://prolongation.itcomgk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
335
x-xss-protection
1; mode=block
expires
Sun, 15-Aug-2021 07:07:08 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Aug 2021 07:07:08 GMT
last-modified
Sun, 15-Aug-2021 07:07:08 GMT
location
/watch/65446294/1?wmode=7&page-url=https%3A%2F%2Fprolongation.itcomgk.ru%2Fstep%2Fowner-confirm%3Fref%3Duc_itcom&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A1217%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A1607552485647%3Ahid%3A178202424%3Az%3A120%3Ai%3A20210815090708%3Aet%3A1629011228%3Ac%3A1%3Arn%3A127731941%3Au%3A1629011228178560272%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629011226779%3Ads%3A0%2C0%2C284%2C1%2C566%2C566%2C1%2C660%2C0%2C%2C%2C%2C1515%3Adsn%3A0%2C0%2C284%2C0%2C566%2C566%2C1%2C662%2C0%2C%2C%2C%2C1515%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629011229%3At%3A%D0%92%D1%8B%D0%BF%D1%83%D1%81%D0%BA%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9%20%D0%BF%D0%BE%D0%B4%D0%BF%D0%B8%D1%81%D0%B8
strict-transport-security
max-age=31536000
access-control-allow-origin
https://prolongation.itcomgk.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 15-Aug-2021 07:07:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
iifchhfnnmpdbibifmljnfjhpififfog
URL
chrome-extension://iifchhfnnmpdbibifmljnfjhpififfog/nmcades_plugin_api.js
Domain
epebfcehmdedogndhlcacafjaacknbcm
URL
chrome-extension://epebfcehmdedogndhlcacafjaacknbcm/nmcades_plugin_api.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| urls object| steps object| user object| webpackJsonp object| regeneratorRuntime object| cadesplugin function| ym function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter65446294

6 Cookies

Domain/Path Name / Value
.itcomgk.ru/ Name: _ym_isad
Value: 2
.itcomgk.ru/ Name: _ym_d
Value: 1629011228
.itcomgk.ru/ Name: _gid
Value: GA1.2.2091169053.1629011228
.itcomgk.ru/ Name: _ym_uid
Value: 1629011228178560272
.itcomgk.ru/ Name: _gat_gtag_UA_129706695_2
Value: 1
.itcomgk.ru/ Name: _ga
Value: GA1.2.984200616.1629011228

2 Console Messages

Source Level URL
Text
console-api log URL: https://prolongation.itcomgk.ru/build/app.14168613.js(Line 25)
Message:
[object Module]
console-api error URL: https://prolongation.itcomgk.ru/build/app.14168613.js(Line 25)
Message:
В этом браузере невозможен перевыпуск: Плагин КриптоПро не установлен или выключен.<br> <a href="https://www.cryptopro.ru/products/cades/plugin/get_2_0" target="_blank">Установить КриптоПро ЭЦП Browser plug-in</a><br> <a href="https://uc-itcom.ru/files/CSPSetup.exe" target="_blank">Установить криптопровайдер КриптоПро CSP 4.0</a>

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

epebfcehmdedogndhlcacafjaacknbcm
iifchhfnnmpdbibifmljnfjhpififfog
mc.yandex.com
mc.yandex.ru
prolongation.itcomgk.ru
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
epebfcehmdedogndhlcacafjaacknbcm
iifchhfnnmpdbibifmljnfjhpififfog
213.109.72.89
2a00:1450:4001:808::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:400c:c08::9a
2a02:6b8::1:119
2a8171fdf066d8687bcdfe89ec70203435231f7d17f03749260164d54168c307
40094aef09956f0a73f57d634402f72efefc95e3b64ff320e09e19c647c3b428
42b96ae6b890c9dc7a5ddca00e96f1d4007e6d357562e615e69eb3db807240c6
4d7dd6e02d849e181e51db84d9d230d369b8ce7412dbcee9d7d1d19ad8a16741
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6e1ac3698f055cd72f8fede3a21458e86e5055cd2a20ed8a2b56eeaffabb0856
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
b7647a0d506e3254bb9329e259cf95630bdc9795052c8ff8badaa428c5e9d7cb
c09bf8ba38326c9dcd5f0d87ce255101dc58881a371176d39a699a755906cdec
dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e708d86684cadd6b82cc6297070eb8f8c9670e3745de2251818ee7a814092f01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe2e97dcf9e58dd69eadec7b7507248a07720694f3af17cf928498b6facedc95