urlscan.io logo urlscan.io
SecurityTrails logo

promo.vip.1otruda.ru Open in urlscan Pro
95.214.58.229  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://promo.vip.1otruda.ru/
Effective URL: https://promo.vip.1otruda.ru/
Submission: On April 16 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 45 HTTP transactions. The main IP is 95.214.58.229, located in Russian Federation and belongs to ACTION-DIGITAL, RU. The main domain is promo.vip.1otruda.ru.
TLS certificate: Issued by R3 on January 27th 2023. Valid for: 3 months.
This is the only time promo.vip.1otruda.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 95.214.58.229 209684 (ACTION-DI...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 95.214.59.159 209684 (ACTION-DI...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 93.93.88.28 34879 (CCT-AS NG...)
8 95.214.59.142 209684 (ACTION-DI...)
2 95.214.58.159 209684 (ACTION-DI...)
1 95.214.58.184 209684 (ACTION-DI...)
45 12
12    95.214.58.229 (Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)
promo.vip.1otruda.ru
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
10    95.214.59.159 (Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)
m.action-media.ru
1    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    93.93.88.28 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
cdn.action-mcfr.ru
8    95.214.59.142 (Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)
api.action-media.ru
2    95.214.58.159 (Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)
dm.action-media.ru
ss.action-media.ru
1    95.214.58.184 (Russian Federation)

ASN209684 (ACTION-DIGITAL, RU)
id2.action-media.ru
Apex Domain
Subdomains		 Transfer
21 action-media.ru
m.action-media.ru
api.action-media.ru — Cisco Umbrella Rank: 348816
dm.action-media.ru — Cisco Umbrella Rank: 736144
id2.action-media.ru
ss.action-media.ru
75 KB
12 1otruda.ru
promo.vip.1otruda.ru
877 KB
6 action-mcfr.ru
cdn.action-mcfr.ru — Cisco Umbrella Rank: 669339
35 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 323
33 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6074
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
352 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
44 KB
45 9
Domain Requested by
12 promo.vip.1otruda.ru 1 redirects promo.vip.1otruda.ru
10 m.action-media.ru promo.vip.1otruda.ru
m.action-media.ru
8 api.action-media.ru cdn.action-mcfr.ru
6 cdn.action-mcfr.ru m.action-media.ru
cdn.action-mcfr.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 ss.action-media.ru
1 id2.action-media.ru m.action-media.ru
1 dm.action-media.ru ajax.googleapis.com
1 ajax.googleapis.com m.action-media.ru
1 www.google.de promo.vip.1otruda.ru
1 www.google.com promo.vip.1otruda.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com promo.vip.1otruda.ru
45 13

This site contains links to these domains. Also see Links.

Domain
id2.action-media.ru
vip.1otruda.ru
Subject Issuer Validity Valid
promo.vip.1otruda.ru
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.action-media.ru
R3		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
cdn.action-mcfr.ru
R3		 2023-02-17 -
2023-05-18		 3 months crt.sh
api.action-media.ru
R3		 2023-02-22 -
2023-05-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promo.vip.1otruda.ru/
Frame ID: AF5F405BE250ECBBDF282DC43A5CA682
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Система Охрана труда премиальная версия

Page URL History Show full URLs

  1. http://promo.vip.1otruda.ru/ HTTP 301
    https://promo.vip.1otruda.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

13
Subdomains

12
IPs

3
Countries

1085 kB
Transfer

1471 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://promo.vip.1otruda.ru/ HTTP 301
    https://promo.vip.1otruda.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promo.vip.1otruda.ru/
Redirect Chain
  • http://promo.vip.1otruda.ru/
  • https://promo.vip.1otruda.ru/
17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
d39c76c88181faf5f4e10f8fc81c51c25d1964855816bf873c451ab97d1ee395

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 16 Apr 2023 23:50:35 GMT
Transfer-Encoding
chunked

Redirect headers

Connection
close
Content-length
0
Location
https://promo.vip.1otruda.ru/
styles.css
promo.vip.1otruda.ru/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.vip.1otruda.ru/styles.css
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
94fa92f08db16d931f1db1610dbcf97ba3006554c2c3e029412e1fd0b1553c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Oct 2018 14:44:30 GMT
ETag
W/"5bb3844e-14fb"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800, public
Expires
Sun, 23 Apr 2023 23:50:35 GMT
rx-login.css
promo.vip.1otruda.ru/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.vip.1otruda.ru/rx-login.css
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
2ee427f6bfe4dce6423a9cee7a06329fe2bce1f9d69c954257a040229f6bc6bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2017 10:53:27 GMT
ETag
W/"58b7f9a7-4689"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800, public
Expires
Sun, 23 Apr 2023 23:50:35 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-73848103-2
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35f57d117c15deecd255996d3e5cab1a5c758d917675887045f9b16970fc563a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44642
x-xss-protection
0
last-modified
Sun, 16 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 16 Apr 2023 23:50:35 GMT
logo.png
promo.vip.1otruda.ru/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/logo.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
a57571245bbcf8bfd82c25beea68e963862dc8a5b19a351740e30554a0d3cb2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 18:43:07 GMT
ETag
"5babd33b-1357"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
4951
Expires
Sun, 23 Apr 2023 23:50:36 GMT
aktion.png
promo.vip.1otruda.ru/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/aktion.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
795488e1d43ab8cf9de60516145ca38556ce4e83d27d3460fd3b67ee9761216b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 13:47:19 GMT
ETag
"5bab8de7-fc0"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
4032
Expires
Sun, 23 Apr 2023 23:50:36 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73848103-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 16 Apr 2023 22:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
5944
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 17 Apr 2023 00:11:32 GMT
all.2.js
m.action-media.ru/js/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/js/all.2.js
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4baf21b24a8b94d0e7321fd52e78783bbd98ecc23ebb118eb256ef334ce135af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:12 GMT
Server
nginx
X-Operation-Id
12af3afc48f35f264692e2457e871be2
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
rx-logo-alpha.png
promo.vip.1otruda.ru/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/rx-logo-alpha.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/rx-login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
8e30142782ac2718a6a279e46511d0a56df80851cdf027e0a4f6c6599f0101bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/rx-login.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Sun, 26 Feb 2017 21:07:00 GMT
ETag
"58b34374-a5a"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
2650
Expires
Sun, 23 Apr 2023 23:50:36 GMT
table.png
promo.vip.1otruda.ru/images/ 		568 KB
568 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/table.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
162af08a474877c761943f4325ddab98a2ffe6ccb01bc72ebea48f2b8210091a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 16:38:43 GMT
ETag
"5babb613-8de0b"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
581131
Expires
Sun, 23 Apr 2023 23:50:36 GMT
ava1.png
promo.vip.1otruda.ru/images/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/ava1.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
65b74e4b58d2e3aa3e61cc8249402daa3043816fdb732ce171dff77c75dc4363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 19:33:06 GMT
ETag
"5babdef2-deda"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
57050
Expires
Sun, 23 Apr 2023 23:50:36 GMT
ava2.png
promo.vip.1otruda.ru/images/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/ava2.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
8cc6dc4f920e7f864dc28b00e3bbb3801f15eb255b8112d515db5743191d4bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 19:38:09 GMT
ETag
"5babe021-d6c6"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
54982
Expires
Sun, 23 Apr 2023 23:50:36 GMT
ava3.png
promo.vip.1otruda.ru/images/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo.vip.1otruda.ru/images/ava3.png
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
94ba0ad4f3a70cb582bf89c7eb7598b84f599618a7c69654e45d7afd57831f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 19:39:18 GMT
ETag
"5babe066-c16e"
Content-Type
image/png
Cache-Control
max-age=604800, public
Accept-Ranges
bytes
Content-Length
49518
Expires
Sun, 23 Apr 2023 23:50:36 GMT
ProximaNova-Regular.ttf
promo.vip.1otruda.ru/fonts/ 		128 KB
128 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://promo.vip.1otruda.ru/fonts/ProximaNova-Regular.ttf
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.229 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
/
Resource Hash
c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c

Request headers

Referer
https://promo.vip.1otruda.ru/styles.css
Origin
https://promo.vip.1otruda.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 26 Sep 2018 13:56:40 GMT
Accept-Ranges
bytes
ETag
"1fe4c-576c697723600"
Content-Length
130636
Content-Type
application/font-sfnt
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=588371587&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.vip.1otruda.ru%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0%20%D0%9E%D1%85%D1%80%D0%B0%D0%BD%D0%B0%20%D1%82%D1%80%D1%83%D0%B4%D0%B0%20%D0%BF%D1%80%D0%B5%D0%BC%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=352870124&gjid=1920275848&cid=636862210.1681689036&tid=UA-73848103-2&_gid=1194440418.1681689036&_r=1&gtm=457e34c0&jsscut=1&z=818735811
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 23:50:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.vip.1otruda.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-73848103-2&cid=636862210.1681689036&jid=352870124&gjid=1920275848&_gid=1194440418.1681689036&_u=YEBAAUAAAAAAACAAI~&z=572364682
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 16 Apr 2023 23:50:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo.vip.1otruda.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-73848103-2&cid=636862210.1681689036&jid=352870124&_u=YEBAAUAAAAAAACAAI~&z=1066704607
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 23:50:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-73848103-2&cid=636862210.1681689036&jid=352870124&_u=YEBAAUAAAAAAACAAI~&z=1066704607
Requested by
Host: promo.vip.1otruda.ru
URL: https://promo.vip.1otruda.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Apr 2023 23:50:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lib.3.js
m.action-media.ru/js/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/js/lib.3.js?v=2017_1_26
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
a92fe8331f662d0cb505b61d5a2688c02d405e9d854454aa24eb7328212bf1fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:14 GMT
Server
nginx
X-Operation-Id
21cd50a6323fac2758d051f68450a575
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
all.4.css
m.action-media.ru/css/ 		64 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/css/all.4.css?v=2020_6_19
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e67a452b57e1cda3a202bd9c81599929099957132beabad99b881a82df2e0110

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:12 GMT
Server
nginx
X-Operation-Id
e12278f0acc78318981c12813f96494d
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 19:30:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Apr 2024 19:30:16 GMT
loader.js
cdn.action-mcfr.ru/widgets/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/widgets/loader.js
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
cdb0dc005313574eb5e6dedd0459089bef3de1c90a5b0bfe9aaf5fbe6784f794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 11:40:24 GMT
server
nginx
x-amz-request-id
tx0000000000000069eab19-00643c80cb-60ed90a6-default
etag
W/"8db93585ea9c6ff45948bf795b1807de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
access-control-allow-credentials
true
x-ngenix-storage
ADC
a.bundle.js
cdn.action-mcfr.ru/front/a/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/front/a/a.bundle.js
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
56684e6914946982b62869985b01e6b55cf06849bf5d89ae3b032f0e853f52ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
content-encoding
gzip
last-modified
Tue, 28 Jan 2020 13:17:39 GMT
server
nginx
x-amz-request-id
tx0000000000000061cee81-00643c7f31-60ea7a3e-default
etag
W/"f1583e9b4d4083937e7692518863effb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-ngenix-storage
ADC
dark-bgr@2x.png
m.action-media.ru/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.action-media.ru/images/dark-bgr@2x.png
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/css/all.4.css?v=2020_6_19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
2cbbafca827d18c166a88feb260f13721dfcd15492fdd7209c16771ad6b96bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.action-media.ru/css/all.4.css?v=2020_6_19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 17:33:32 GMT
Server
nginx
X-Operation-Id
e20c81cc1066bbd8d627829c8c2bd70e
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
manifest.json
cdn.action-mcfr.ru/widgets/prod/ 		2 KB
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/widgets/prod/manifest.json?v=05_10_2022
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
4dd534ec5cc70b251e5f852f17258cec9fc7415b2ca50b75b56806a67a19aa08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
content-encoding
gzip
last-modified
Thu, 15 Dec 2022 06:36:09 GMT
server
nginx
x-amz-request-id
tx00000000000007007bb92-00643c8935-595f9be2-default
etag
W/"dede1d48e3dd5abedabd360941a1310a"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-ngenix-storage
ADC
gauge-raw_set-many
api.action-media.ru/metrics/backend/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set-many
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo.vip.1otruda.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Access-Control-Max-Age
30
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
c87a52a472ede80454ac7011f509a42e 9438630934f04925b8effd6738aa676b
gauge-raw_set
api.action-media.ru/metrics/backend/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo.vip.1otruda.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Access-Control-Max-Age
30
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
28b186f21b74a673313a49022dc9daf2 ef70e057a262dade76b661e893562a12
s.php
dm.action-media.ru/stat/ 		50 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dm.action-media.ru/stat/s.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
851dd8fd44aa8b6495f890824166eda5b4956d584edae3302c06492f2a2ba787

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Wed, 10 Jun 2015 08:00:00 GMT
Server
nginx
X-Operation-Id
8277423581a0f8edb5f429e24172beb0
ETag
"708e514135ba3b22100e2e0f8e532e35ef65b02a"
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public
Connection
keep-alive
Content-Length
50
Expires
Tue, 16 Apr 2024 23:50:36 GMT
s_light.css
m.action-media.ru/css/ 		479 B
563 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/css/s_light.css?v=2020_6_19
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
39807ffd8db03c22dd999539fe59000883862acea5526aee7df073bc0ecb52aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 17:33:32 GMT
Server
nginx
X-Operation-Id
cf03494210394d3f604aa7bf473e0a89
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
gauge-raw_set-many
api.action-media.ru/metrics/backend/api/v1/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set-many
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/front/a/a.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
a0e8ee126b341c7ad0fe3ec07aad0e9c, 294a92eb3a6eac0fa37f67796fd4baf0
Access-Control-Max-Age
30
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Content-Length
0
gauge-raw_set
api.action-media.ru/metrics/backend/api/v1/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/front/a/a.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
ea1f745f2b93d14fa042705ca6a0ef6f, 39df1851b787c8e3e16a9a6153e94934
Access-Control-Max-Age
30
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Content-Length
0
templates.4.js
m.action-media.ru/js/templates/ru/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/js/templates/ru/templates.4.js?v=2020_6_19
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
6b13426af4b2d8465a180da340948ba79220835de51329e84e2867e97e0b9b82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:22 GMT
Server
nginx
X-Operation-Id
011de98c8ad99433dd1d729483b702b4
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
polezno.js
m.action-media.ru/js/component/ru/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/js/component/ru/polezno.js?v=2020_6_19
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
36257596c90442edf9dcc900f6d820ed930171622f8e47a96ff8ce12b36f54d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:21 GMT
Server
nginx
X-Operation-Id
5a9deee3cda9fc38307763b14d5eaa4a
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
client
id2.action-media.ru/api/rest/ 		84 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id2.action-media.ru/api/rest/client?method=gettoken&rand=1681689036579&format=json&appid=10776
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.184 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
b5e99fa38acd00cf30497dd94f6b705cfe36275b67af9bee66eb92cfb47da369

Request headers

Accept
application/json
Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
78fffeffb16a8458e56fa5eee881d1db
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
84
Expires
-1
light-bgr.png
m.action-media.ru/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.action-media.ru/images/light-bgr.png
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/css/s_light.css?v=2020_6_19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
badb741a1e970522aa341f3fb89d255f9cb1690b04fe7230877717cbaefacfe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.action-media.ru/css/s_light.css?v=2020_6_19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 17:33:32 GMT
Server
nginx
X-Operation-Id
604bcf51777e4df89014f4308759c969
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
id2login2.1.js
m.action-media.ru/js/component/ru/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.action-media.ru/js/component/ru/id2login2.1.js?v=2020_6_19
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/js/all.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
eee207f6a2d975a4fb71c873a1fb7f172c51ad9b9facb3c894af09f993fd9ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jul 2020 21:33:18 GMT
Server
nginx
X-Operation-Id
fedcc45cc71e6f3968b4b8f58d33322c
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
rx-action-badge.png
m.action-media.ru/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.action-media.ru/images/rx-action-badge.png
Requested by
Host: m.action-media.ru
URL: https://m.action-media.ru/css/all.4.css?v=2020_6_19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
dd746f5ab82815c28fdd5add2c4bd9c5a2e3d7dbb6ce8c431a5c952be597207d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.action-media.ru/css/all.4.css?v=2020_6_19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Dec 2019 17:33:32 GMT
Server
nginx
X-Operation-Id
777ffddf392efb41376b1efae2142ee7
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Tue, 16 May 2023 23:50:36 GMT
manifest.json
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/latest/ 		30 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/latest/manifest.json?v=05_10_2022
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
last-modified
Thu, 27 Oct 2022 14:31:02 GMT
server
nginx
x-amz-request-id
tx0000000000000061d7827-00643c8289-60ea7a3e-default
etag
"a4491fabe18c7b40df08f874b8c956e4"
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
30
x-ngenix-storage
ADC
manifest.json
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/ 		102 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/manifest.json?rnd=579630631
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
c1b7605e483da65ffb357f6ba064cf5c70a75f91ae0f8eb1dc7bcbfcd6b450c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
last-modified
Thu, 27 Oct 2022 14:31:02 GMT
server
nginx
x-amz-request-id
tx0000000000000069e7e7d-00643c7fcc-60ed90a6-default
etag
"38102066776b3e0b8045f5b360c46500"
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
102
x-ngenix-storage
ADC
gauge-raw_set
api.action-media.ru/metrics/backend/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo.vip.1otruda.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Access-Control-Max-Age
30
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
aee3c81efc16532645f26db7486b6b54 76ffe1aa1c0d53f87b7746798198e4e8
gauge-raw_set
api.action-media.ru/metrics/backend/api/v1/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/metrics/backend/api/v1/gauge-raw_set
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/front/a/a.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo.vip.1otruda.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
02f3588ff841dde3e632389fabd826b5, 0c114bad53371ff8ea7217bd077b647e
Access-Control-Max-Age
30
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Expose-Headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
Content-Length
0
id.gif
ss.action-media.ru/save/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss.action-media.ru/save/id.gif?appid=10776&metricname=gettoken&metricvalue=noauth&source=https%3A%2F%2Fpromo.vip.1otruda.ru%2F&datetime=2023-04-16%2023%3A50%3A36.801&aceuid=708e514135ba3b22100e2e0f8e532e35ef65b02a&r=1681689036802
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.58.159 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Pragma
public
Date
Sun, 16 Apr 2023 23:50:36 GMT
Last-Modified
Tue, 24 Apr 2018 09:43:10 GMT
Server
nginx
X-Operation-Id
49fee8afbb96e3de4ddb6cc9d3ffac77
ETag
"5adefc2e-2a"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Tue, 16 May 2023 23:50:36 GMT
main.afe4f94da74903f96bdc.js
cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/main.afe4f94da74903f96bdc.js
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.93.88.28 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
Software
nginx /
Resource Hash
93713e221a6499935ad74c702895685313aa3d977edf6430694ada3b695090d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://promo.vip.1otruda.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Sun, 16 Apr 2023 23:50:36 GMT
x-ngenix-cache
HIT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 14:31:02 GMT
server
nginx
x-amz-request-id
tx00000000000007007992f-00643c8848-595f9be2-default
etag
W/"23323f73853597e79a7668aad1c8a5bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
x-ngenix-storage
ADC
sync-deadpool
api.action-media.ru/ 		84 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/sync-deadpool
Requested by
Host: cdn.action-mcfr.ru
URL: https://cdn.action-mcfr.ru/widgets/prod/marketing-entry-point/1_0_0/main.afe4f94da74903f96bdc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash
eeca31a9cc5cf0fe882a55b95b55a7eecca9cd397272a52dbf2a57ab73b0c6cd

Request headers

X-Window-Name
X-Web-SQL
accept-language
de-DE,de;q=0.9
X-Session-Storage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
X-Target-Cookie
Referer
https://promo.vip.1otruda.ru/
X-Local-Storage
X-Indexed-DB

Response headers

Date
Sun, 16 Apr 2023 23:50:37 GMT
Server
nginx
X-Operation-Id
40b9e62eb95032cceebf2c8a1e00bf23, 0ba9f736a9d69039fad2004ff9149fbf
Etag
f8d85341-c370-4a3d-b58e-02214031b7b2
Content-Type
application/json
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Cache-Control
max-age=2592000
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
84
Expires
Tue, 16 May 2023 23:50:37 GMT
sync-deadpool
api.action-media.ru/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.action-media.ru/sync-deadpool
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.214.59.142 , Russian Federation, ASN209684 (ACTION-DIGITAL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-indexed-db,x-local-storage,x-session-storage,x-target-cookie,x-web-sql,x-window-name
Access-Control-Request-Method
GET
Origin
https://promo.vip.1otruda.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Cookie, X-Anchor-Cookie, X-Target-Cookie, X-Indexed-DB, X-Local-Storage, X-Session-Storage, X-Web-SQL, X-Window-Name
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://promo.vip.1otruda.ru
Access-Control-Max-Age
600
Allow
GET, OPTIONS
Connection
keep-alive
Content-Type
application/octet-stream
Date
Sun, 16 Apr 2023 23:50:36 GMT
Server
nginx
X-Operation-Id
faabecc5015e1180e5b10800ea71e9f1 d7909ebdae85f39c9a9230cb94e5ca2a

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| google_tag_manager object| google_tag_data object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| aktion undefined| token undefined| user function| AsyncInit object| gaplugins object| gaGlobal object| gaData function| toast function| loadMarketingEntryPoint object| id2ButtonRequireNS object| aktionmodels object| aktiondebug object| handled_resources object| aktiontracking object| aktionlogin object| aktionpool object| aktionswitch object| aktiondeferred object| aktionid object| aktionui object| aktionmsg object| aktionpolezno object| aktionnotify object| aktionnotification object| nerve function| $ function| jQuery object| CryptoJS string| AUTOBAHNJS_VERSION object| global object| Hogan function| when object| ab object| ActionMetrics object| WidgetLoader object| templates object| id2Usefull function| showloginpopup object| MarketingEntryPoint object| core

6 Cookies

Domain/Path Name / Value
.1otruda.ru/ Name: _ga
Value: GA1.2.636862210.1681689036
.1otruda.ru/ Name: _gid
Value: GA1.2.1194440418.1681689036
.1otruda.ru/ Name: _gat_gtag_UA_73848103_2
Value: 1
promo.vip.1otruda.ru/ Name: _aceuid
Value: 708e514135ba3b22100e2e0f8e532e35ef65b02a
.action-media.ru/ Name: deadpool
Value: f8d85341-c370-4a3d-b58e-02214031b7b2
.promo.vip.1otruda.ru/ Name: deadpool
Value: f8d85341-c370-4a3d-b58e-02214031b7b2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.action-media.ru
cdn.action-mcfr.ru
dm.action-media.ru
id2.action-media.ru
m.action-media.ru
promo.vip.1otruda.ru
ss.action-media.ru
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
93.93.88.28
95.214.58.159
95.214.58.184
95.214.58.229
95.214.59.142
95.214.59.159
162af08a474877c761943f4325ddab98a2ffe6ccb01bc72ebea48f2b8210091a
2cbbafca827d18c166a88feb260f13721dfcd15492fdd7209c16771ad6b96bd9
2ee427f6bfe4dce6423a9cee7a06329fe2bce1f9d69c954257a040229f6bc6bf
35f57d117c15deecd255996d3e5cab1a5c758d917675887045f9b16970fc563a
36257596c90442edf9dcc900f6d820ed930171622f8e47a96ff8ce12b36f54d6
39807ffd8db03c22dd999539fe59000883862acea5526aee7df073bc0ecb52aa
4baf21b24a8b94d0e7321fd52e78783bbd98ecc23ebb118eb256ef334ce135af
4dd534ec5cc70b251e5f852f17258cec9fc7415b2ca50b75b56806a67a19aa08
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
56684e6914946982b62869985b01e6b55cf06849bf5d89ae3b032f0e853f52ac
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
65b74e4b58d2e3aa3e61cc8249402daa3043816fdb732ce171dff77c75dc4363
6a9d46ddb4add705d8ceaaa9b86552898354303ca27121aad55c8a0a467fd520
6b13426af4b2d8465a180da340948ba79220835de51329e84e2867e97e0b9b82
795488e1d43ab8cf9de60516145ca38556ce4e83d27d3460fd3b67ee9761216b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851dd8fd44aa8b6495f890824166eda5b4956d584edae3302c06492f2a2ba787
8cc6dc4f920e7f864dc28b00e3bbb3801f15eb255b8112d515db5743191d4bb0
8e30142782ac2718a6a279e46511d0a56df80851cdf027e0a4f6c6599f0101bd
93713e221a6499935ad74c702895685313aa3d977edf6430694ada3b695090d9
94ba0ad4f3a70cb582bf89c7eb7598b84f599618a7c69654e45d7afd57831f13
94fa92f08db16d931f1db1610dbcf97ba3006554c2c3e029412e1fd0b1553c34
a57571245bbcf8bfd82c25beea68e963862dc8a5b19a351740e30554a0d3cb2d
a92fe8331f662d0cb505b61d5a2688c02d405e9d854454aa24eb7328212bf1fd
b5e99fa38acd00cf30497dd94f6b705cfe36275b67af9bee66eb92cfb47da369
badb741a1e970522aa341f3fb89d255f9cb1690b04fe7230877717cbaefacfe9
c1b7605e483da65ffb357f6ba064cf5c70a75f91ae0f8eb1dc7bcbfcd6b450c1
c28997e16f0bf987fb031b9f7bf5d5fbadb58fdfee8ad36eb67cc0a6aaca3b2c
cdb0dc005313574eb5e6dedd0459089bef3de1c90a5b0bfe9aaf5fbe6784f794
d39c76c88181faf5f4e10f8fc81c51c25d1964855816bf873c451ab97d1ee395
dd746f5ab82815c28fdd5add2c4bd9c5a2e3d7dbb6ce8c431a5c952be597207d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67a452b57e1cda3a202bd9c81599929099957132beabad99b881a82df2e0110
eeca31a9cc5cf0fe882a55b95b55a7eecca9cd397272a52dbf2a57ab73b0c6cd
eee207f6a2d975a4fb71c873a1fb7f172c51ad9b9facb3c894af09f993fd9ea7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629