urlscan.io logo urlscan.io
SecurityTrails logo

prognozprostudy.ru Open in urlscan Pro
188.120.251.174  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://prognoz-prostudi.ru/
Effective URL: https://prognozprostudy.ru/map/
Submission: On April 06 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 44 HTTP transactions. The main IP is 188.120.251.174, located in Russian Federation and belongs to THEFIRST-AS, RU. The main domain is prognozprostudy.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 27th 2020. Valid for: 3 months.
This is the only time prognozprostudy.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.120.253.185 29182 (THEFIRST-AS)
1 17 188.120.251.174 29182 (THEFIRST-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1148:db0... 47764 (MAILRU-AS...)
1 216.58.207.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 152.195.132.75 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 6 2a02:6b8::1:119 13238 (YANDEX)
3 217.69.133.145 47764 (MAILRU-AS...)
1 2a00:1450:400... 15169 (GOOGLE)
1 40.118.102.46 8075 (MICROSOFT...)
44 17
1    188.120.253.185 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: theraflu2.out.ktsnet.ru
prognoz-prostudi.ru
17    188.120.251.174 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: theraflu1.out.ktsnet.ru
prognozprostudy.ru
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
rs.mail.ru
1    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    152.195.132.75 (United States)

ASN15133 (EDGECAST, US)
gsk.baycloud.com
1    2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s.ytimg.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
ar.tns-counter.ru
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
3    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
1    2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    40.118.102.46 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
consenthub.org
Domain Requested by
17 prognozprostudy.ru 1 redirects prognozprostudy.ru
6 mc.yandex.ru 1 redirects prognozprostudy.ru
4 rs.mail.ru prognozprostudy.ru
3 top-fwz1.mail.ru prognozprostudy.ru
top-fwz1.mail.ru
3 gsk.baycloud.com prognozprostudy.ru
gsk.baycloud.com
2 ar.tns-counter.ru 1 redirects prognozprostudy.ru
2 www.google.de prognozprostudy.ru
2 www.google.com 1 redirects prognozprostudy.ru
2 www.google-analytics.com www.googletagmanager.com
prognozprostudy.ru
1 consenthub.org prognozprostudy.ru
1 googleads.g.doubleclick.net www.googleadservices.com
1 s.ytimg.com www.youtube.com
1 stats.g.doubleclick.net 1 redirects
1 www.youtube.com prognozprostudy.ru
1 www.googletagmanager.com prognozprostudy.ru
1 www.googleadservices.com prognozprostudy.ru
1 cdnjs.cloudflare.com prognozprostudy.ru
1 prognoz-prostudi.ru 1 redirects
44 18

This site contains no links.

Subject Issuer Validity Valid
prognozprostudy.ru
Let's Encrypt Authority X3		 2020-02-27 -
2020-05-27		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-18 -
2021-01-18		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
sa319gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-04-20 -
2020-07-23		 2 years crt.sh
*.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.tns-counter.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2018-10-29 -
2020-12-01		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
consenthub.org
Go Daddy Secure Certificate Authority - G2		 2018-06-18 -
2020-06-18		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://prognozprostudy.ru/map/
Frame ID: 329FFF749C1B70ACF3A03F5F745169E3
Requests: 46 HTTP requests in this frame

Frame: https://gsk.baycloud.com/CookieQ/cqd?hN=prognozprostudy.ru/map/&tcf=undefined&prot=https:&cqcat=null&hasLS=false&pP=no
Frame ID: 1D4AD867EC8AC753B0734E77F4694AE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://prognoz-prostudi.ru/ HTTP 301
    https://prognozprostudy.ru/ HTTP 301
    https://prognozprostudy.ru/map/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

44
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

17
IPs

5
Countries

895 kB
Transfer

2408 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prognoz-prostudi.ru/ HTTP 301
    https://prognozprostudy.ru/ HTTP 301
    https://prognozprostudy.ru/map/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&gjid=1702320357&_gid=917053191.1586171483&_u=YGBAgEAB~&z=1039275667 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667&slf_rd=1&random=3996239629
Request Chain 14
  • https://ar.tns-counter.ru/V13a****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177 HTTP 302
  • https://ar.tns-counter.ru/V13b****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177
Request Chain 41
  • https://mc.yandex.ru/watch/45984822?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B HTTP 302
  • https://mc.yandex.ru/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prognozprostudy.ru/map/
Redirect Chain
  • http://prognoz-prostudi.ru/
  • https://prognozprostudy.ru/
  • https://prognozprostudy.ru/map/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
b477eab509961710b7f65ae5aeb314e8f856ddc43c8d295eaccd26ffdc1609ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
prognozprostudy.ru
:scheme
https
:path
/map/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
server
nginx
date
Mon, 06 Apr 2020 11:11:22 GMT
content-type
text/html
expires
Mon, 06 Apr 2020 11:11:21 GMT
cache-control
no-cache
set-cookie
KtsRb=e664544274c41bb4568cf39a1b7e623f; expires=Fri, 31 Dec 2035 23:59:59 GMT; Secure; HttpOnly
strict-transport-security
max-age=15768000
x-frame-options
SAMEORIGIN
content-encoding
gzip

Redirect headers

status
301
server
nginx
date
Mon, 06 Apr 2020 11:11:22 GMT
content-type
text/html
content-length
178
location
https://prognozprostudy.ru/map/
strict-transport-security
max-age=15768000
x-frame-options
SAMEORIGIN
theraflu:front.ee3b40.css
prognozprostudy.ru/static/css/ 		252 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
3e1994f7d91cc365fd4fd451336bf6042801266cdc5f61ff45fa980a47cb9e10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 06 Apr 2020 11:11:22 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
W/"5e86f9c4-3f1e3"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
expires
Thu, 31 Dec 2037 23:55:55 GMT
autotrack.js
cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/autotrack/2.4.1/autotrack.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:22 GMT
content-encoding
br
cf-cache-status
HIT
age
13837400
cf-ray
57fb11585d27dfc3-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:15:57 GMT
server
cloudflare
etag
W/"5afd484d-60d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 27 Mar 2021 11:11:22 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
vendor:front.dd4b7b.js
prognozprostudy.ru/static/js/ 		852 KB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
ccc6df829a73a00e23555fc671eacdd109ab33482603eace602f9cc629fd29ce
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:22 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
W/"5e86f9c4-d4f16"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
expires
Thu, 31 Dec 2037 23:55:55 GMT
theraflu:front.dd4b7b.js
prognozprostudy.ru/static/js/ 		525 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/js/theraflu:front.dd4b7b.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
4db8f6cf318a9c239db05c06379d423a3ce31f3268f7224e95fc604c854ea5a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:22 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
W/"5e86f9c4-83514"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
expires
Thu, 31 Dec 2037 23:55:55 GMT
d27641833.gif
rs.mail.ru/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/d27641833.gif
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Timing-Allow-Origin
*
Date
Mon, 06 Apr 2020 11:11:23 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
conversion.js
www.googleadservices.com/pagead/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
4c136559af89d6b340017f5353150a97735f6bc3a761568b65fba34b200302c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10479
x-xss-protection
0
server
cafe
etag
14800818816855099338
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 06 Apr 2020 11:11:22 GMT
gtm.js
www.googletagmanager.com/ 		100 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WF3WP72
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9e21ab97fe1afa8abb32a39a9bc1a4081af73bd3579072f2f0a942eb5913b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
33431
x-xss-protection
0
last-modified
Mon, 06 Apr 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 Apr 2020 11:11:23 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WF3WP72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2271
date
Mon, 06 Apr 2020 10:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 06 Apr 2020 12:33:32 GMT
tggsk.js
gsk.baycloud.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsk.baycloud.com/tggsk.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.75 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B1E) / ASP.NET
Resource Hash
716fa285a9bbee3c036151e27b3a77159ec558d0f6a8561f62347b093efe8242
Security Headers
Name Value
Strict-Transport-Security max-age=500

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
content-encoding
gzip
vary
Accept-Encoding
x-aspnet-version
4.0.30319
age
418177
x-powered-by
ASP.NET
x-cache
HIT
p3p
CP="DSP ALL CUR ADMi DEVi TAIi PSAi PSDi IVDi OUR STP NAV COM UNI"
status
200
content-length
1195
x-aspnetmvc-version
4.0
last-modified
Wed, 01 Apr 2020 15:01:46 GMT
server
ECAcc (ama/8B1E)
etag
1GSK
strict-transport-security
max-age=500
access-control-allow-methods
GET,POST,PUT
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
expires
Fri, 01 May 2020 15:01:46 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
16fe07ce7e34ab800aecb7705b902106841919bebb7b0a7e80b5000159e2b9b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
collect
www.google-analytics.com/ 		35 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=113212127&t=pageview&_s=1&dl=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=291920735&gjid=1702320357&cid=1598303955.1586171483&tid=UA-90020653-30&_gid=917053191.1586171483&gtm=2wg3p1WF3WP72&did=i5iSjo&z=1907915500
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 31 Jan 2020 01:28:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5737347
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&gjid=1702320357&_gid=917053191.1586171483&_u=YGBAgEAB~&z=1039275667
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667&slf_rd=1&random=3996239629
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667&slf_rd=1&random=3996239629
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 11:11:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Apr 2020 11:11:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-90020653-30&cid=1598303955.1586171483&jid=291920735&_v=j81&z=1039275667&slf_rd=1&random=3996239629
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vflaP-XGF/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vflaP-XGF/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575d697f703ea404e1a023022aaeaaa81e98d1873cf2e7687238bd1606e4f625
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 08:19:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10298
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
13931
x-xss-protection
0
last-modified
Thu, 02 Apr 2020 14:06:28 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Tue, 14 Apr 2020 08:19:45 GMT
user.get
prognozprostudy.ru/api/ 		34 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/api/user.get
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
403960045b1b9ead6db8f21b6492c076c2b4faba540c209b0971e4592f4ad1bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://prognozprostudy.ru/map/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 11:11:23 GMT
server
nginx
strict-transport-security
max-age=15768000
content-length
34
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
0423135990939177
ar.tns-counter.ru/V13b****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/
Redirect Chain
  • https://ar.tns-counter.ru/V13a****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177
  • https://ar.tns-counter.ru/V13b****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ar.tns-counter.ru/V13b****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.0.1/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-3.0.1/1.14.0
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
Server
ms-counter-3.0.1/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Location
https://ar.tns-counter.ru/V13b****ar_ru/ru/CP1251/tmsec=87769_640703-2632306/0423135990939177
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
d30491429.gif
rs.mail.ru/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/d30491429.gif?no_cache_param=1586171483311
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Timing-Allow-Origin
*
Date
Mon, 06 Apr 2020 11:11:23 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
watch.js
mc.yandex.ru/metrika/ 		135 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
Content-Encoding
br
Last-Modified
Tue, 31 Mar 2020 08:20:32 GMT
Server
nginx/1.14.2
ETag
"5e82fd50-9eef"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40687
Expires
Mon, 06 Apr 2020 12:11:23 GMT
code.js
top-fwz1.mail.ru/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Keep-Alive
timeout=60
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Mon, 10 Feb 2020 15:35:40 GMT
Server
nginx
ETag
W/"5e41784c-4083"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=7200, private
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Access-Control-Allow-Headers
*
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/940483303/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940483303/?random=1586171483315&cv=9&fst=1586171483315&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2F&tiba=%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e79e7d859f74534ffc98868a954486a4cde1f7c0b068642da7cf4b8306145b68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 11:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1008
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tggsknocqcs.min.js
gsk.baycloud.com/ 		216 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsk.baycloud.com/tggsknocqcs.min.js
Requested by
Host: gsk.baycloud.com
URL: https://gsk.baycloud.com/tggsk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.75 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B2D) / ASP.NET
Resource Hash
c010776946b4d1724c7362b766cc0d6e9ba6c578b2e7d99d2d9da690e91e1a2b
Security Headers
Name Value
Strict-Transport-Security max-age=500

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
content-encoding
gzip
vary
Accept-Encoding
age
72561
x-powered-by
ASP.NET
x-cache
HIT
p3p
CP="DSP ALL CUR ADMi DEVi TAIi PSAi PSDi IVDi OUR STP NAV COM UNI"
status
200
content-length
62464
last-modified
Mon, 03 Feb 2020 11:32:23 GMT
server
ECAcc (ama/8B2D)
etag
"91708c9a85dad51:0+gzip"
strict-transport-security
max-age=500
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
expires
Tue, 07 Apr 2020 11:11:23 GMT
/
www.google.com/pagead/1p-user-list/940483303/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/940483303/?random=1586171483315&cv=9&fst=1586170800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2F&tiba=%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B&fmt=3&is_vtc=1&random=1262456568&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 11:11:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/940483303/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/940483303/?random=1586171483315&cv=9&fst=1586170800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2F&tiba=%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B&fmt=3&is_vtc=1&random=1262456568&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://prognozprostudy.ru/map/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 06 Apr 2020 11:11:23 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cqd
gsk.baycloud.com/CookieQ/ Frame 1D4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gsk.baycloud.com/CookieQ/cqd?hN=prognozprostudy.ru/map/&tcf=undefined&prot=https:&cqcat=null&hasLS=false&pP=no
Requested by
Host: gsk.baycloud.com
URL: https://gsk.baycloud.com/tggsknocqcs.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.132.75 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=500

Request headers

:method
GET
:authority
gsk.baycloud.com
:scheme
https
:path
/CookieQ/cqd?hN=prognozprostudy.ru/map/&tcf=undefined&prot=https:&cqcat=null&hasLS=false&pP=no
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://prognozprostudy.ru/map/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://prognozprostudy.ru/map/

Response headers

status
200
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT
access-control-allow-origin
*
cache-control
private
content-type
text/html; charset=utf-8
date
Mon, 06 Apr 2020 11:11:22 GMT
expires
Tue, 07 Apr 2020 11:11:23 GMT
p3p
CP="DSP ALL CUR ADMi DEVi TAIi PSAi PSDi IVDi OUR STP NAV COM UNI"
server
Microsoft-IIS/10.0
strict-transport-security
max-age=500
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-powered-by
ASP.NET
content-length
475
geo.all
prognozprostudy.ru/api/ 		974 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/api/geo.all
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
6e54ab4ec43cac32391968bd58034d2aa32c2d4615facd34ba72a271a87cf5cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://prognozprostudy.ru/map/welcome/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 11:11:23 GMT
server
nginx
strict-transport-security
max-age=15768000
content-length
974
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
geo.total
prognozprostudy.ru/api/ 		55 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/api/geo.total
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
d72d2e9e1e8082affa88f1827aa1e460fd6f6583106b864e30946342aefaecbb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://prognozprostudy.ru/map/welcome/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 11:11:23 GMT
server
nginx
strict-transport-security
max-age=15768000
content-length
55
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
d30491432.gif
rs.mail.ru/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/d30491432.gif?no_cache_param=1586171483395
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Timing-Allow-Origin
*
Date
Mon, 06 Apr 2020 11:11:23 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
d30491430.gif
rs.mail.ru/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/d30491430.gif?no_cache_param=1586171483401
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Timing-Allow-Origin
*
Date
Mon, 06 Apr 2020 11:11:23 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
truncated
/ 		727 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbf8e1c7887c80a0e6fbe386de799975dff3132073fbee5a66286c5bf0154ca4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo.9c5ad7.png
prognozprostudy.ru/static/img/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prognozprostudy.ru/static/img/logo.9c5ad7.png
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
4925a0137385eaab4cb698317c5c6832ab68a61cf5248b3d0e7e06f23e8a4554
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-aead"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
44717
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		530 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b575c888be30301facbde88211e5a3cc0ad11f11165a295352288224067845d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
theraflu_dis-mob.9d4bd3.png
prognozprostudy.ru/static/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prognozprostudy.ru/static/img/theraflu_dis-mob.9d4bd3.png
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
dae252d140b2d635c1b3aac39277ddb12453d63592573d1f2d3f797bbcfe8411
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-2bfb"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
11259
expires
Thu, 31 Dec 2037 23:55:55 GMT
title.3cb863.png
prognozprostudy.ru/static/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prognozprostudy.ru/static/img/title.3cb863.png
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
36778588dc51736e782f5e3b47b1df8666d3df1948dbace167a3f777c0568de6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-155f"
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
5471
expires
Thu, 31 Dec 2037 23:55:55 GMT
power-in-your-hands.379e71.svg
prognozprostudy.ru/static/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prognozprostudy.ru/static/img/power-in-your-hands.379e71.svg
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
7722a0c1e5122d2fd25351c714f8d8b535de29272f3364da7e7eabd3d76caebe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
W/"5e86f9c4-2407"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
expires
Thu, 31 Dec 2037 23:55:55 GMT
museosanscyrl700-webfont.514da9.woff2
prognozprostudy.ru/static/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/fonts/museosanscyrl700-webfont.514da9.woff2
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
8655a3e4ec68da4922d100ca7c0025696706447185c1d9f1f3e7eb7efe3d9d4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-7934"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
31028
expires
Thu, 31 Dec 2037 23:55:55 GMT
museosanscyrl300-webfont.7e6d4d.woff2
prognozprostudy.ru/static/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/fonts/museosanscyrl300-webfont.7e6d4d.woff2
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
39ebb8d7a9004330a8c68334259987e3df734ba775a702034c0a96f034db6236
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-77bc"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
30652
expires
Thu, 31 Dec 2037 23:55:55 GMT
museosanscyrl500-webfont.677158.woff2
prognozprostudy.ru/static/fonts/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/static/fonts/museosanscyrl500-webfont.677158.woff2
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
342df28c6ae89f7b5ea0ec4a59f81422cd6903ffffd750b1204f4d3870949e58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://prognozprostudy.ru/static/css/theraflu:front.ee3b40.css
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

date
Mon, 06 Apr 2020 11:11:23 GMT
last-modified
Fri, 03 Apr 2020 08:54:28 GMT
server
nginx
etag
"5e86f9c4-791c"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
status
200
cache-control
max-age=315360000
strict-transport-security
max-age=15768000
accept-ranges
bytes
content-length
31004
expires
Thu, 31 Dec 2037 23:55:55 GMT
geo.get
prognozprostudy.ru/api/ 		223 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/api/geo.get?latitude=&longitude=
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
d3cf3b41b075eafb09a131750bbaf771da05dc766b6d97641c68bff3b3c3eb09
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://prognozprostudy.ru/map/welcome/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 11:11:23 GMT
server
nginx
strict-transport-security
max-age=15768000
content-length
223
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
geo.index
prognozprostudy.ru/api/ 		207 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prognozprostudy.ru/api/geo.index?iso=RU-KGD
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.120.251.174 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS
theraflu1.out.ktsnet.ru
Software
nginx /
Resource Hash
ee85cb85adcf01c83940c9bf0d98d37e64a4dbfa7dbe90afe35e8b4f77127f40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://prognozprostudy.ru/map/welcome/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

status
200
date
Mon, 06 Apr 2020 11:11:23 GMT
server
nginx
strict-transport-security
max-age=15768000
content-length
207
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
Record
consenthub.org/Hit/ 		43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consenthub.org/Hit/Record?url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&status=none&c=status&p=UNKNOWN&r&t=direct&cid=null&pfx=null&sn=null&bu=null
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.118.102.46 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Mon, 06 Apr 2020 11:11:23 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
ETag
none
Content-Type
image/gif
Cache-Control
private
Content-Length
43
truncated
/ 		529 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7e4298fc7d4760618ae051c4106be0e1e8c35f0f12f69d52c0a71ad63e0eb86

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2928915;u=https%3A//prognozprostudy.ru/map/welcome/;st=1586171483317;title=%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=a4c6010c9e486949;ver=60.1.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1586171483723%3A1586171483726%3A1%3Afe98229b646126e0cbca439f8b8ac4a7;opts=dl;_=0.30996818722523245
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://prognozprostudy.ru
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://prognozprostudy.ru
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://prognozprostudy.ru
Access-Control-Allow-Headers
*
1
mc.yandex.ru/watch/45984822/
Redirect Chain
  • https://mc.yandex.ru/watch/45984822?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A...
  • https://mc.yandex.ru/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
Last-Modified
Mon, 06-Apr-2020 11:11:23 GMT
Server
nginx/1.14.2
Location
/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://prognozprostudy.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 06-Apr-2020 11:11:23 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
Last-Modified
Mon, 06-Apr-2020 11:11:23 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://prognozprostudy.ru
Strict-Transport-Security
max-age=31536000
Location
/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Mon, 06-Apr-2020 11:11:23 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Mon, 06 Apr 2020 12:11:23 GMT
1
mc.yandex.ru/watch/45984822/ 		152 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/45984822/1?wmode=7&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1586171482338%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200406131123%3Aet%3A1586171484%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Arn%3A529495234%3Ahid%3A279931455%3Ads%3A0%2C0%2C55%2C1%2C538%2C0%2C0%2C381%2C0%2C%2C%2C%2C980%3Afp%3A1083%3Awn%3A17878%3Ahl%3A3%3Agdpr%3A14%3Av%3A1834%3Ast%3A1586171484%3Au%3A1586171484655905475%3At%3A%D0%9F%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%83%D0%B4%D1%8B
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/map/welcome/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
170821961cba9f58267df807aae10e63c8fde1c6ed2f24baf8e8c11508b4fcae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06-Apr-2020 11:11:23 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://prognozprostudy.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Mon, 06-Apr-2020 11:11:23 GMT
tracker
top-fwz1.mail.ru/ 		43 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2928915;u=https%3A//prognozprostudy.ru/map/welcome/;st=1586171483317;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=a4c6010c9e486949;ver=60.1.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1586171482338/////538/538/538/538/538//538/593/594/598/979/980/980/1500/1500/;ni=10//4g/0/0/;lvid=1586171483723%3A1586171483838%3A2%3Afe98229b646126e0cbca439f8b8ac4a7;opts=dl;_=0.03553357112658606;e=RT/load;et=1586171483838
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 06 Apr 2020 11:11:23 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://prognozprostudy.ru
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://prognozprostudy.ru
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://prognozprostudy.ru
Access-Control-Allow-Headers
*
45984822
mc.yandex.ru/webvisor/ 		43 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/45984822?wv-type=1&page-url=https%3A%2F%2Fprognozprostudy.ru%2Fmap%2Fwelcome%2F&wv-hit=279931455&browser-info=ti%3A7%3Az%3A120%3Ai%3A20200406131123%3Apct%3Atext%2Fhtml%3Bcharset%3Dutf-8%3Ast%3A1586171484%3Au%3A1586171484655905475
Requested by
Host: prognozprostudy.ru
URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://prognozprostudy.ru/map/welcome/
Origin
https://prognozprostudy.ru
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 06 Apr 2020 11:11:23 GMT
Last-Modified
Mon, 06-Apr-2020 11:11:23 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://prognozprostudy.ru
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Mon, 06-Apr-2020 11:11:23 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| ga object| gaDevIds object| gaplugins object| google_tag_manager function| postscribe string| GoogleAnalyticsObject object| google_tag_data object| gaGlobal object| gaData object| YT object| YTConfig function| onYTReady object| webpackJsonp object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubSubscribedKeys object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytLoggingTransportLogPayloadsQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportDispatchedStats_ object| ytytLoggingTransportCapturedTime_ object| ytLoggingGelSequenceIdObj_ object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| Konva function| P object| _tmr object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url string| __cqPartner object| __cqSiteInfo function| cqcs function| loadScript boolean| cqCSPInitDone undefined| __cqcs string| tgorigin string| cqversion undefined| __cqheldcStatus undefined| cqOptins undefined| cqThirdparties undefined| __cqConsentStatus string| __cqCDN string| __cqVideoEmbed function| dateFormat string| loc object| ___cq string| __cqOneTimeHost number| __cqOneTimeCount function| _cqconsolelog string| cqnotice number| _cqLogStarted boolean| supports_whitelists number| _cqLoggingLevel boolean| _cqfpalert boolean| __cqCL boolean| __cqIgnoreCommands object| cqitemslastconsent function| isIE function| isEdge function| isIE11 function| whatIE function| _cqConsoleLogSR function| _cqConsoleLog function| cqGetcStatus function| cqChangeConsent function| cqDetails2 function| cqDetails function| tgCookieParse function| __cqVersion function| _cqcloseWindow function| _cqCheck function| __cqPlayVideo function| __cqConsent function| __cqResize function| CommandToPopup function| StopBubbling function| __cqInitialise function| __tgShowBanner function| CookieQ_Action function| CookieQ_FormSubmit function| CookieQ_LinkSubmit function| CookieQ_SP function| CookieQ_ServiceRequest function| __tgFormSubmit function| tgGetTPL function| onIframeLoad function| _cq function| _cqGetDB function| _cqdb boolean| cqnonewtag boolean| CQDEBUG boolean| __cqNoTag boolean| cqClicksDisabled object| Ya object| yaCounter

13 Cookies

Domain/Path Name / Value
.prognozprostudy.ru/ Name: tmr_reqNum
Value: 2
prognozprostudy.ru/map Name: KtsRb
Value: e664544274c41bb4568cf39a1b7e623f
.prognozprostudy.ru/ Name: _ym_uid
Value: 1586171484655905475
.prognozprostudy.ru/ Name: _ym_d
Value: 1586171484
.prognozprostudy.ru/ Name: _ym_isad
Value: 2
.prognozprostudy.ru/ Name: tmr_lvidTS
Value: 1586171483723
.prognozprostudy.ru/ Name: _ym_visorc_45984822
Value: w
.prognozprostudy.ru/ Name: tmr_lvid
Value: fe98229b646126e0cbca439f8b8ac4a7
.prognozprostudy.ru/ Name: __cqClearToReset
Value: 1
.prognozprostudy.ru/ Name: _dc_gtm_UA-90020653-30
Value: 1
.prognozprostudy.ru/ Name: _gid
Value: GA1.2.917053191.1586171483
.prognozprostudy.ru/ Name: _ga
Value: GA1.2.1598303955.1586171483
.prognozprostudy.ru/ Name: _gcl_au
Value: 1.1.924000149.1586171483

2 Console Messages

Source Level URL
Text
console-api warning URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js(Line 58)
Message:
"intro__children-wrapper-after_step1" CSS module is undefined.
console-api warning URL: https://prognozprostudy.ru/static/js/vendor:front.dd4b7b.js(Line 58)
Message:
"intro_step1" CSS module is undefined.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ar.tns-counter.ru
cdnjs.cloudflare.com
consenthub.org
googleads.g.doubleclick.net
gsk.baycloud.com
mc.yandex.ru
prognoz-prostudi.ru
prognozprostudy.ru
rs.mail.ru
s.ytimg.com
stats.g.doubleclick.net
top-fwz1.mail.ru
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
152.195.132.75
188.120.251.174
188.120.253.185
2001:6d0:4001::226
216.58.207.34
217.69.133.145
2606:4700::6811:4004
2a00:1148:db00::17
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a02:6b8::1:119
40.118.102.46
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
16fe07ce7e34ab800aecb7705b902106841919bebb7b0a7e80b5000159e2b9b0
170821961cba9f58267df807aae10e63c8fde1c6ed2f24baf8e8c11508b4fcae
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
342df28c6ae89f7b5ea0ec4a59f81422cd6903ffffd750b1204f4d3870949e58
36778588dc51736e782f5e3b47b1df8666d3df1948dbace167a3f777c0568de6
39ebb8d7a9004330a8c68334259987e3df734ba775a702034c0a96f034db6236
3e1994f7d91cc365fd4fd451336bf6042801266cdc5f61ff45fa980a47cb9e10
403960045b1b9ead6db8f21b6492c076c2b4faba540c209b0971e4592f4ad1bd
4925a0137385eaab4cb698317c5c6832ab68a61cf5248b3d0e7e06f23e8a4554
4c136559af89d6b340017f5353150a97735f6bc3a761568b65fba34b200302c7
4db8f6cf318a9c239db05c06379d423a3ce31f3268f7224e95fc604c854ea5a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
575d697f703ea404e1a023022aaeaaa81e98d1873cf2e7687238bd1606e4f625
5b575c888be30301facbde88211e5a3cc0ad11f11165a295352288224067845d
6e54ab4ec43cac32391968bd58034d2aa32c2d4615facd34ba72a271a87cf5cf
716fa285a9bbee3c036151e27b3a77159ec558d0f6a8561f62347b093efe8242
7722a0c1e5122d2fd25351c714f8d8b535de29272f3364da7e7eabd3d76caebe
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8655a3e4ec68da4922d100ca7c0025696706447185c1d9f1f3e7eb7efe3d9d4a
a160fd1060c77d86dcf2601dd586bb11d94c02628225a3008347bef00d14fc95
a9e21ab97fe1afa8abb32a39a9bc1a4081af73bd3579072f2f0a942eb5913b02
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b477eab509961710b7f65ae5aeb314e8f856ddc43c8d295eaccd26ffdc1609ce
bbf8e1c7887c80a0e6fbe386de799975dff3132073fbee5a66286c5bf0154ca4
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
c010776946b4d1724c7362b766cc0d6e9ba6c578b2e7d99d2d9da690e91e1a2b
ccc6df829a73a00e23555fc671eacdd109ab33482603eace602f9cc629fd29ce
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3cf3b41b075eafb09a131750bbaf771da05dc766b6d97641c68bff3b3c3eb09
d72d2e9e1e8082affa88f1827aa1e460fd6f6583106b864e30946342aefaecbb
dae252d140b2d635c1b3aac39277ddb12453d63592573d1f2d3f797bbcfe8411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79e7d859f74534ffc98868a954486a4cde1f7c0b068642da7cf4b8306145b68
e7e4298fc7d4760618ae051c4106be0e1e8c35f0f12f69d52c0a71ad63e0eb86
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee85cb85adcf01c83940c9bf0d98d37e64a4dbfa7dbe90afe35e8b4f77127f40
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629