prom-water.ru Open in urlscan Pro
31.31.198.213  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://amo.sh/K/JEO9DB/JE9069 Page URL
2. https://prom-water.ru/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	JE9069 Show response amo.sh/K/JEO9DB/	587 B 873 B	483ms 73ms	Document text/html	23.105.230.37 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://amo.sh/K/JEO9DB/JE9069 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.105.230.37 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx / Resource Hash d0c9cc87862329722d33c3efa7d5b7a439e17d5001d943da20e35a815492aff0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=utf-8 Date Wed, 08 Nov 2023 11:08:56 GMT Server nginx Strict-Transport-Security max-age=31536000 Transfer-Encoding chunked X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	redirect.js Show response amo.sh/js/	11 KB 12 KB	59ms 58ms	Script application/javascript	23.105.230.37 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://amo.sh/js/redirect.js Requested by Host: amo.sh URL: https://amo.sh/K/JEO9DB/JE9069 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.105.230.37 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx / Resource Hash 5f1b50a4d46ff88113fd9ae5bd9784739c7f256afc712f507e4d13d7b6b01a20 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://amo.sh/K/JEO9DB/JE9069 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 11:08:56 GMT Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Last-Modified Mon, 26 Jun 2023 12:14:14 GMT Server nginx ETag "64998116-2d99" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 11673 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	pixel_indentifier.js Show response gso.amocrm.ru/pixel/js/	2 KB 1 KB	271ms 52ms	Script application/x-javascript	95.143.181.42 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://gso.amocrm.ru/pixel/js/pixel_indentifier.js Requested by Host: amo.sh URL: https://amo.sh/K/JEO9DB/JE9069 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.143.181.42 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 27bf08ae6d02e0a4d96c6ee29bd3b01455ac0971dbc00e589b818de93555e201 Request headers accept-language de-DE,de;q=0.9 Referer https://amo.sh/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 11:08:56 GMT Content-Encoding gzip Last-Modified Fri, 03 Nov 2023 13:26:55 GMT Server nginx ETag W/"6544f51f-66b" Transfer-Encoding chunked Content-Type application/x-javascript Cache-Control max-age=259200 Connection keep-alive Expires Sat, 11 Nov 2023 11:08:56 GMT
GET H/1.1	200 OK	person.html Show response gso.amocrm.ru/pixel/html/ Frame 44CA	159 B 466 B	51ms 51ms	Document text/html	95.143.181.42 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://gso.amocrm.ru/pixel/html/person.html?params=%7B%22origin%22%3A%22https%3A%2F%2Famo.sh%22%2C%22visitor_id%22%3A%22%22%2C%22id%22%3A%22%22%2C%22hash%22%3A%22%22%2C%22token%22%3A%228673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2%22%7D Requested by Host: gso.amocrm.ru URL: https://gso.amocrm.ru/pixel/js/pixel_indentifier.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.143.181.42 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 7712d75f190854987c82cc71ca0d67500e29077eb76631ef55d2b7b082c511c6 Request headers Referer https://amo.sh/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=259200 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 08 Nov 2023 11:08:56 GMT ETag W/"6544f51f-9f" Expires Sat, 11 Nov 2023 11:08:56 GMT Last-Modified Fri, 03 Nov 2023 13:26:55 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	person.js Show response gso.amocrm.ru/pixel/js/ Frame 44CA	36 KB 15 KB	103ms 102ms	Script application/x-javascript	95.143.181.42 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://gso.amocrm.ru/pixel/js/person.js Requested by Host: gso.amocrm.ru URL: https://gso.amocrm.ru/pixel/html/person.html?params=%7B%22origin%22%3A%22https%3A%2F%2Famo.sh%22%2C%22visitor_id%22%3A%22%22%2C%22id%22%3A%22%22%2C%22hash%22%3A%22%22%2C%22token%22%3A%228673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2%22%7D Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.143.181.42 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 488a5ebeaafa2f57a64e1fa13185afeb2252c718de043c8af43c8710e301350f Request headers accept-language de-DE,de;q=0.9 Referer https://gso.amocrm.ru/pixel/html/person.html?params=%7B%22origin%22%3A%22https%3A%2F%2Famo.sh%22%2C%22visitor_id%22%3A%22%22%2C%22id%22%3A%22%22%2C%22hash%22%3A%22%22%2C%22token%22%3A%228673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2%22%7D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 11:08:56 GMT Content-Encoding gzip Last-Modified Fri, 03 Nov 2023 13:26:55 GMT Server nginx ETag W/"6544f51f-8e46" Transfer-Encoding chunked Content-Type application/x-javascript Cache-Control max-age=259200 Connection keep-alive Expires Sat, 11 Nov 2023 11:08:56 GMT
GET H/1.1	200 OK	visitor Show response gso.amocrm.ru/humans/ Frame 44CA	54 B 518 B	62ms 62ms	XHR application/json	95.143.181.42 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://gso.amocrm.ru/humans/visitor Requested by Host: gso.amocrm.ru URL: https://gso.amocrm.ru/pixel/js/person.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.143.181.42 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash 1612deb9c5b262c5e73144bb02ae751d3791c72fdd48d2bad4b244fe6e37a099 Request headers accept-language de-DE,de;q=0.9 Referer https://gso.amocrm.ru/pixel/html/person.html?params=%7B%22origin%22%3A%22https%3A%2F%2Famo.sh%22%2C%22visitor_id%22%3A%22%22%2C%22id%22%3A%22%22%2C%22hash%22%3A%22%22%2C%22token%22%3A%228673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2%22%7D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Response headers Date Wed, 08 Nov 2023 11:08:57 GMT Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin * Cache-Control private, max-age=2330593737 Connection keep-alive Access-Control-Allow-Headers X-Requested-With
PUT H/1.1	200 OK	b08600df-cf4a-4c32-957b-3674bd346e63 Show response gso.amocrm.ru/humans/visitors/26acca88-bc64-4712-bc12-0b7feb73ee12/sessions/ Frame 44CA	245 B 491 B	63ms 63ms	XHR application/json	95.143.181.42 SELECTEL
General Check archive.org Show headers Download Go to Full URL https://gso.amocrm.ru/humans/visitors/26acca88-bc64-4712-bc12-0b7feb73ee12/sessions/b08600df-cf4a-4c32-957b-3674bd346e63 Requested by Host: gso.amocrm.ru URL: https://gso.amocrm.ru/pixel/js/person.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 95.143.181.42 Moscow, Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS Software nginx / Resource Hash f844af6e48ac04f6a1f5042974ba632280bae73177f4e5e648c278d61c9957c3 Request headers Referer https://gso.amocrm.ru/pixel/html/person.html?params=%7B%22origin%22%3A%22https%3A%2F%2Famo.sh%22%2C%22visitor_id%22%3A%22%22%2C%22id%22%3A%22%22%2C%22hash%22%3A%22%22%2C%22token%22%3A%228673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2%22%7D X-Auth-Token 8673f5e5b2a3ae731c600612b28eae29e158684e6c07aec96a8ad689b23b5fe2 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Wed, 08 Nov 2023 11:08:57 GMT Server nginx Connection keep-alive Access-Control-Allow-Headers X-Requested-With Transfer-Encoding chunked Content-Type application/json
POST H/1.1	202 Accepted	JE9069 amo.sh/api/human/K/	154 B 330 B	69ms 69ms	XHR application/hal+json	23.105.230.37 UNITEDNET
General Check archive.org Show headers Download Go to Full URL https://amo.sh/api/human/K/JE9069 Requested by Host: amo.sh URL: https://amo.sh/js/redirect.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 23.105.230.37 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx / Resource Hash Request headers Accept application/json, text/javascript Referer https://amo.sh/K/JEO9DB/JE9069 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 Content-Type application/json Response headers Date Wed, 08 Nov 2023 11:08:57 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/hal+json
GET H2	200	Primary Request / prom-water.ru/	132 KB 0	3066ms 2627ms	Document text/html	31.31.198.213
General Check archive.org Show headers Download Go to Full URL https://prom-water.ru/ Requested by Host: amo.sh URL: https://amo.sh/js/redirect.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.198.213 -, , ASN (), Reverse DNS Software nginx / PHP/7.4.33 Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; X-Xss-Protection 0 Request headers Referer https://amo.sh/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, no-cache, must-revalidate, max-age=0 content-encoding gzip content-type text/html; charset=utf-8 date Wed, 08 Nov 2023 11:09:00 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=31536000; vary Accept-Encoding x-cms-version 22 x-generated-by UMI.CMS x-powered-by PHP/7.4.33 x-xss-protection 0
GET		jquery.compiled.min.js prom-water.ru/styles/common/js/cms/	0 0
GET		guest.js prom-water.ru/styles/common/js/	0 0
GET		jquery.fancybox.min.css prom-water.ru/styles/common/js/node_modules/@fancyapps/fancybox/dist/	0 0
GET		style.css prom-water.ru/templates/PromWater/compiled/css/	0 0
GET		media_xxl.css prom-water.ru/templates/PromWater/compiled/css/	0 0
GET		element.js translate.google.com/translate_a/	0 0
GET		header_logo.jpg prom-water.ru/images/	0 0
GET		favicon.png prom-water.ru/templates/PromWater/images/	0 0
GET		logo256.png prom-water.ru/templates/PromWater/images/	0 0
GET		main.bundle.js prom-water.ru/templates/PromWater/compiled/js/	0 0
GET		js www.googletagmanager.com/gtag/	0 0
GET		script.v3.js app2.gnzs.ru/site-integration/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

prom-water.ru

URL

https://prom-water.ru/styles/common/js/cms/jquery.compiled.min.js?91974

Domain

prom-water.ru

URL

https://prom-water.ru/styles/common/js/guest.js?91974

Domain

prom-water.ru

URL

https://prom-water.ru/styles/common/js/node_modules/@fancyapps/fancybox/dist/jquery.fancybox.min.css?91974

Domain

prom-water.ru

URL

https://prom-water.ru/templates/PromWater/compiled/css/style.css?v=7

Domain

prom-water.ru

URL

https://prom-water.ru/templates/PromWater/compiled/css/media_xxl.css?v=7

Domain

translate.google.com

URL

https://translate.google.com/translate_a/element.js?cb=TranslateInit

Domain

prom-water.ru

URL

https://prom-water.ru/images/header_logo.jpg

Domain

prom-water.ru

URL

https://prom-water.ru/templates/PromWater/images/favicon.png

Domain

prom-water.ru

URL

https://prom-water.ru/templates/PromWater/images/logo256.png

Domain

prom-water.ru

URL

https://prom-water.ru/templates/PromWater/compiled/js/main.bundle.js?v=7

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=UA-28714907-2

Domain

app2.gnzs.ru

URL

https://app2.gnzs.ru/site-integration/js/script.v3.js

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.amocrm.ru/	1970-01-21 01:40:01	Name: gso_visitor_uid Value: 26acca88-bc64-4712-bc12-0b7feb73ee12

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amo.sh
app2.gnzs.ru
gso.amocrm.ru
prom-water.ru
translate.google.com
www.googletagmanager.com
app2.gnzs.ru
prom-water.ru
translate.google.com
www.googletagmanager.com
23.105.230.37
31.31.198.213
95.143.181.42
1612deb9c5b262c5e73144bb02ae751d3791c72fdd48d2bad4b244fe6e37a099
27bf08ae6d02e0a4d96c6ee29bd3b01455ac0971dbc00e589b818de93555e201
488a5ebeaafa2f57a64e1fa13185afeb2252c718de043c8af43c8710e301350f
5f1b50a4d46ff88113fd9ae5bd9784739c7f256afc712f507e4d13d7b6b01a20
7712d75f190854987c82cc71ca0d67500e29077eb76631ef55d2b7b082c511c6
d0c9cc87862329722d33c3efa7d5b7a439e17d5001d943da20e35a815492aff0
f844af6e48ac04f6a1f5042974ba632280bae73177f4e5e648c278d61c9957c3