nalog-plati.ru Open in urlscan Pro
185.84.108.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nalog-plati.ru/
Effective URL:
https://nalog-plati.ru/
Submission: On August 15 via manual (August 15th 2022, 8:18:32 pm UTC) from CA — Scanned from CA

Summary HTTP 199 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 52 domains to perform 199 HTTP transactions. The main IP is 185.84.108.232, located in Russian Federation and belongs to MAJORDOMO, RU. The main domain is nalog-plati.ru.
TLS certificate: Issued by R3 on August 11th 2022. Valid for: 3 months.

This is the only time nalog-plati.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	185.84.108.232 185.84.108.232	43362 (MAJORDOMO) (MAJORDOMO)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
1	95.181.171.233 95.181.171.233	50214 (QWARTA) (QWARTA)
5	2606:4700:303... 2606:4700:3036::ac43:a434	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.94.76 185.177.94.76	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
1	185.79.135.43 185.79.135.43	12695 (DINET-AS) (DINET-AS)
1	185.79.135.48 185.79.135.48	12695 (DINET-AS) (DINET-AS)
3 24	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
10	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.80.2 142.250.80.2	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1	82.202.220.202 82.202.220.202	49505 (SELECTEL) (SELECTEL)
2 19	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
13	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1 8	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2 3	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1 1	193.3.184.134 193.3.184.134	50214 (QWARTA) (QWARTA)
2 2	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2 2	195.209.108.50 195.209.108.50	52007 (ADRIVER-AS) (ADRIVER-AS)
2	195.209.111.13 195.209.111.13	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2606:4700:303... 2606:4700:3032::6815:3b42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.88.82.46 23.88.82.46	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
2	185.15.175.146 185.15.175.146	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1	195.201.8.30 195.201.8.30	24940 (HETZNER-AS) (HETZNER-AS)
2 2	88.198.16.238 88.198.16.238	24940 (HETZNER-AS) (HETZNER-AS)
1 1	148.251.236.118 148.251.236.118	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
1 1	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
2 3	199.115.115.26 199.115.115.26	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 1	185.147.80.35 185.147.80.35	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1 2	78.46.100.125 78.46.100.125	24940 (HETZNER-AS) (HETZNER-AS)
1 1	45.9.24.193 45.9.24.193	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 1	5.200.43.242 5.200.43.242	48096 (ITGRAD) (ITGRAD)
1 1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
1 2	89.108.97.2 89.108.97.2	197695 (AS-REG) (AS-REG)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
4 4	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
4	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	144.76.118.233 144.76.118.233	24940 (HETZNER-AS) (HETZNER-AS)
1 1	31.220.27.155 31.220.27.155	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	3175 (CITYTELEC...) (CITYTELECOM-MSK)
1	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	142.132.209.136 142.132.209.136	24940 (HETZNER-AS) (HETZNER-AS)
1 2	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	139.45.228.100 139.45.228.100	9002 (RETN-AS) (RETN-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
10	82.202.220.203 82.202.220.203	49505 (SELECTEL) (SELECTEL)
1	82.202.220.204 82.202.220.204	49505 (SELECTEL) (SELECTEL)
2 4	185.15.175.158 185.15.175.158	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
199	43

53 185.84.108.232 (Russian Federation) 1 redirects

ASN43362 (MAJORDOMO, RU)
PTR: web29.majordomo.ru

nalog-plati.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.171.233 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv233.qwarta.ru

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::ac43:a434 (United States)

ASN13335 (CLOUDFLARENET, US)

newrrb.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.76 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-76.ah-server.com

wwopenclick.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

toqadf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.79.135.43 (Russian Federation)

ASN12695 (DINET-AS, RU)

adcounter14.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.79.135.48 (Russian Federation)

ASN12695 (DINET-AS, RU)

adcounter19.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81e::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.220.202 (Russian Federation)

ASN49505 (SELECTEL, RU)

geo-db.feedot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 193.3.184.137 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81c::2004 (New York, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.46.186.57 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.3.184.134 (Russian Federation) 1 redirects

ASN50214 (QWARTA, RU)
PTR: asrv318.qwarta.ru

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.143 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.50 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.111.13 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b42 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.82.46 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.82.88.23.clients.your-server.de

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, DE)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.146 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.8.30 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.8.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.16.238 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-24.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.236.118 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-4.community.moscow

b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.36 (Moscow, Russian Federation) 1 redirects

ASN201009 (SUPPORTIT-AS, RU)

stat.adlabs.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.115.115.26 (Manassas, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.147.80.35 (Russian Federation) 1 redirects

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ssp2.bestssp.com

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.100.125 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.125.100.46.78.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.24.193 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.43.242 (Moscow, Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation) 1 redirects

ASN16345 (BEE-AS Russia, RU)

0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.97.2 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru

ut.rktch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.166 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-166-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.118.233 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.155 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.132.209.136 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.136.209.132.142.clients.your-server.de

dmp.gotechnology.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.158 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.100 (Russian Federation)

ASN9002 (RETN-AS, GB)
PTR: serv20.mt.viaprog.eu

mediatoday.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 82.202.220.203 (Russian Federation)

ASN49505 (SELECTEL, RU)

stat-feedot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.220.204 (Russian Federation)

ASN49505 (SELECTEL, RU)

api.feedot-cloud.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.15.175.158 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	nalog-plati.ru 1 redirects nalog-plati.ru	2 MB
29	yandex.ru 3 redirects yandex.ru — Cisco Umbrella Rank: 1316 mc.yandex.ru — Cisco Umbrella Rank: 3617 an.yandex.ru — Cisco Umbrella Rank: 2191	269 KB
23	gstatic.com fonts.gstatic.com www.gstatic.com	910 KB
19	acint.net 2 redirects www.acint.net — Cisco Umbrella Rank: 35647 acint.net — Cisco Umbrella Rank: 26182	17 KB
10	stat-feedot.ru stat-feedot.ru — Cisco Umbrella Rank: 563379	2 KB
10	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	67 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	272 KB
6	mts.ru 6 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34069 tech.rtb.mts.ru — Cisco Umbrella Rank: 33361	4 KB
6	digitaltarget.ru 2 redirects tag.digitaltarget.ru — Cisco Umbrella Rank: 131125 dmg.digitaltarget.ru — Cisco Umbrella Rank: 22551	22 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	54 KB
5	newrrb.bid newrrb.bid — Cisco Umbrella Rank: 337976	23 KB
4	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 22595 ssp.adriver.ru — Cisco Umbrella Rank: 23000	2 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6424	141 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
3	adlmerge.com 2 redirects adlmerge.com — Cisco Umbrella Rank: 152049	794 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 33294 b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com	2 KB
3	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2045	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
2	bumlam.com 1 redirects sync.bumlam.com — Cisco Umbrella Rank: 2975	1 KB
2	gotechnology.io 2 redirects dmp.gotechnology.io — Cisco Umbrella Rank: 60910	590 B
2	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 13782	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9750	510 B
2	rktch.com 1 redirects ut.rktch.com — Cisco Umbrella Rank: 60039	683 B
2	1dmp.io 1 redirects sync.1dmp.io — Cisco Umbrella Rank: 11461	815 B
2	adhigh.net 2 redirects px.adhigh.net — Cisco Umbrella Rank: 12517	823 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 12886	914 B
2	uptolike.com adcounter14.uptolike.com adcounter19.uptolike.com	4 KB
2	sape.ru 1 redirects cdn-rtb.sape.ru — Cisco Umbrella Rank: 93231 ssp-rtb.sape.ru — Cisco Umbrella Rank: 35803	41 KB
1	feedot-cloud.ru api.feedot-cloud.ru	813 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 131215	753 B
1	mediatoday.ru mediatoday.ru — Cisco Umbrella Rank: 126396	368 B
1	gnezdo.ru fcgi4.gnezdo.ru — Cisco Umbrella Rank: 66900	189 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 31268	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 31895	455 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 3708	206 B
1	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 19354	176 B
1	beeline.ru 1 redirects 0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru	637 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 22988	187 B
1	rutarget.ru 1 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 200854	411 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 62936	304 B
1	adlabs.ru 1 redirects stat.adlabs.ru — Cisco Umbrella Rank: 229986	108 B
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 14899	69 B
1	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 10103	333 B
1	republer.com sync.republer.com — Cisco Umbrella Rank: 67731	68 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 52078	863 B
1	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11502	764 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	44 KB
1	feedot.com geo-db.feedot.com — Cisco Umbrella Rank: 365451	599 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	698 B
1	toqadf.com toqadf.com	19 KB
1	wwopenclick.vip wwopenclick.vip — Cisco Umbrella Rank: 977447	19 KB
0	advarkads.com Failed s3.advarkads.com Failed
199	52

	Domain	Requested by
53	nalog-plati.ru	1 redirects nalog-plati.ru
24	mc.yandex.ru	3 redirects nalog-plati.ru cdn-rtb.sape.ru
15	www.acint.net	2 redirects cdn-rtb.sape.ru nalog-plati.ru www.acint.net
13	www.gstatic.com	googleads.g.doubleclick.net www.google.com www.gstatic.com
10	stat-feedot.ru	nalog-plati.ru
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
8	www.google.com	1 redirects nalog-plati.ru www.gstatic.com www.google.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	newrrb.bid	nalog-plati.ru
4	dmg.digitaltarget.ru	2 redirects www.acint.net
4	an.yandex.ru	www.acint.net
4	sm.rtb.mts.ru	4 redirects
4	acint.net	www.acint.net
4	yastatic.net	yandex.ru
4	pagead2.googlesyndication.com	nalog-plati.ru pagead2.googlesyndication.com
4	fonts.googleapis.com	nalog-plati.ru googleads.g.doubleclick.net client
3	adlmerge.com	2 redirects www.acint.net
3	ads.betweendigital.com	2 redirects www.acint.net
3	www.google-analytics.com	nalog-plati.ru
2	sync.bumlam.com	1 redirects www.acint.net
2	dmp.gotechnology.io	2 redirects
2	x01.aidata.io	2 redirects
2	tech.rtb.mts.ru	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	ut.rktch.com	1 redirects www.acint.net
2	sync.1dmp.io	1 redirects www.acint.net
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	ad.adriver.ru	2 redirects
2	px.adhigh.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.ca	pagead2.googlesyndication.com
1	api.feedot-cloud.ru	nalog-plati.ru
1	cs.agency2.ru	1 redirects
1	mediatoday.ru	www.acint.net
1	fcgi4.gnezdo.ru	www.acint.net
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	exchange.buzzoola.com	1 redirects
1	0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	stat.adlabs.ru	1 redirects
1	cm.g.doubleclick.net	www.acint.net
1	b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com	1 redirects
1	sync.dmp.otm-r.com	www.acint.net
1	dm-eu.hybrid.ai	www.acint.net
1	sync.republer.com	www.acint.net
1	a.utraff.com	www.acint.net
1	ad.mail.ru	www.acint.net
1	ssp-rtb.sape.ru	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	geo-db.feedot.com	nalog-plati.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adcounter19.uptolike.com	nalog-plati.ru
1	adcounter14.uptolike.com	nalog-plati.ru
1	toqadf.com	nalog-plati.ru
1	wwopenclick.vip	nalog-plati.ru
1	cdn-rtb.sape.ru	nalog-plati.ru
1	yandex.ru	nalog-plati.ru
0	s3.advarkads.com Failed	www.acint.net
199	65

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
vkontakte.ru
connect.ok.ru
plus.google.com
twitter.com

Subject Issuer	Validity	Valid
nalog-plati.ru R3	`2022-08-11` - `2022-11-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
*.sape.ru R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-11` - `2022-10-10`	a year	crt.sh
wwopenclick.space R3	`2022-06-27` - `2022-09-25`	3 months	crt.sh
toqadf.com R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
adcounter1.uptolike.com R3	`2022-07-16` - `2022-10-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
geo-db.feedot.com R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
*.acint.net R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
sync.republer.com R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
tag.digitaltarget.ru R3	`2022-07-14` - `2022-10-12`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
new-programmatic.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
fcgi4.gnezdo.ru R3	`2022-07-09` - `2022-10-07`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-05` - `2022-11-03`	6 months	crt.sh
mediatoday.ru R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh
stat-feedot.ru R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh
my.feedot.com R3	`2022-08-06` - `2022-11-04`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://nalog-plati.ru/
Frame ID: 3934613B6B2F834F9C5DF496E07DC5A9
Requests: 120 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html
Frame ID: 6E8D266DE289131441AB7A8FFC4A64C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2909179082860411&output=html&adk=1812271804&adf=3025194257&lmt=1660594701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnalog-plati.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660594701800&bpp=3&bdt=518&idt=151&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5245679594722&frm=20&pv=2&ga_vid=2051253961.1660594702&ga_sid=1660594702&ga_hid=1393305292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=48644443665404&tmod=1948623946&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Frame ID: 63CFAE9315B9AE30996B4D66448A48E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Frame ID: E59B65F0998051F428D709FEF729B94D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: 82B6A13400A2663CC412A3B05A31DAD2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 51581CC78564B45569423F4F506032E9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js
Frame ID: E82CA011B1B37A6A3C84163590422620
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&tc=1
Frame ID: 1BA930B7BEA3F32213E9890E4C4EA6E1
Requests: 37 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0FAAFA6299007E7702AD0FC2
Frame ID: 85A9055769FAC1E4C7D815B2D3FED39B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=vrxxljm5akcq
Frame ID: E3996623E7C5FDA4DB6EEFFC3D292131
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=m6s3gau16xhu
Frame ID: 4399605C9461193918AFFCC1D27068F1
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=aarqdaibzz27
Frame ID: CB2F938379B4209709F63771BA3AAF2A
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

О деятельности налоговой службы | Налоговый портал

Page URL History Show full URLs

http://nalog-plati.ru/ HTTP 301
https://nalog-plati.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

199
Requests

86 %
HTTPS

26 %
IPv6

52
Domains

65
Subdomains

43
IPs

5
Countries

4136 kB
Transfer

8083 kB
Size

95
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?u=https://nalog-plati.ru/&t=%D0%9E+%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8+%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9+%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B&src=sp

Search URL Search Domain Scan URL

URL: http://vkontakte.ru/share.php?url=https://nalog-plati.ru/

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https://nalog-plati.ru/&title=%D0%9E+%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8+%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9+%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://nalog-plati.ru/

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://nalog-plati.ru/&text=%D0%9E+%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8+%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9+%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nalog-plati.ru/ HTTP 301
https://nalog-plati.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://mc.yandex.ru/watch/55557739?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A244262182984%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A910372943%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/55557739/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A244262182984%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A910372943%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 71

https://mc.yandex.ru/watch/56501437?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A472250437%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A472250437%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 80

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86ldzb9x141k%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A3%3Adp%3A0%3Als%3A279270669135%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A521887845%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-1)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86ldzb9x141k%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A3%3Adp%3A0%3Als%3A279270669135%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A521887845%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29mc%28g-1%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 83

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://www.acint.net/mc/?dp=14 HTTP 302
https://www.acint.net/mc/?dp=14&tc=1

Request Chain 99

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2&crf=1

Request Chain 100

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=A6B803C110AAFA621E00A28902285D70

Request Chain 101

https://px.adhigh.net/p/cm/sape?u=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007F0FAAFA6299007E7702AD0FC2&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=syB7SKFVesh.AikABlGCoyhOtA

Request Chain 103

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5442073275 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Al3SUmFxYY_wPf_XpTdGDag&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0FAAFA6299007E7702AD0FC2

Request Chain 109

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP 302
https://www.acint.net/match?dp=71&euid=b019b9f1-7c88-4872-a7a6-c44119937573

Request Chain 111

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 301
https://adlmerge.com/md/?mdback=https%3a%2f%2fadlmerge.com%2fmerge_gpsid%2f%3fsid%3d50%26id%3d0100007F0FAAFA6299007E7702AD0FC2& HTTP 301
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2&md=18446744073195576961

Request Chain 113

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=CNJVHXJK

Request Chain 114

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2&cs=1

Request Chain 115

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=Xkp8BDttvvk6

Request Chain 116

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=78127dc1-3555-53e3-b719-e4aed5e34ea1

Request Chain 117

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=d6fbb5902d5e436f85c77df7923ec37e

Request Chain 118

https://0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru/p?ssp=sp&id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 301
https://www.acint.net/match?dp=111&euid=08958f7d-d5f3-46ad-9b98-15b77bf07b9b

Request Chain 119

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1716398606 HTTP 302
https://ut.rktch.com/matchspm?pi=1000006&pui=bJi5VtL6bW8pxPVLfPh5je&noredirect

Request Chain 120

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F0FAAFA6299007E7702AD0FC2 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=7014ddc3-1496-46c5-af3d-09af03b89580&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FcBTdwxSWRsWvPQmvA7iVgA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D3123266202 HTTP 302
https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3123266202

Request Chain 121

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=f2673c96-d39e-44c3-536c-e4083b910d10

Request Chain 122

https://s.uuidksinc.net/match/396/?remote_uid=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://www.acint.net/match?dp=127&euid=nbrlsqrG2lMLSb84ku8e

Request Chain 123

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=o7wwgsf8xz

Request Chain 126

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0FAAFA6299007E7702AD0FC2&bounce=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=qNsY8I5FLrAd52aXXnb3Mg HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=qNsY8I5FLrAd52aXXnb3Mg HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=7014ddc3-1496-46c5-af3d-09af03b89580&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FcBTdwxSWRsWvPQmvA7iVgA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D0%2526exu%253DqNsY8I5FLrAd52aXXnb3Mg%26sign%3D1891778825 HTTP 302
https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DqNsY8I5FLrAd52aXXnb3Mg&sign=1891778825

Request Chain 127

https://dmp.gotechnology.io/match/sape?id=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://dmp.gotechnology.io/match/sape?id=0100007F0FAAFA6299007E7702AD0FC2&chk=1 HTTP 302
https://an.yandex.ru/mapuid/gonetdspis/NmNkZGM1NTM3YWE5NTQyNg

Request Chain 128

https://sync.bumlam.com/?src=sap1&uid=0100007F0FAAFA6299007E7702AD0FC2 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiS1OqXBmIgMDEwMDAwN0YwRkFBRkE2Mjk5MDA3RTc3MDJBRDBGQzKiARBrSwFMHNcR7YbgACWQwGR8

Request Chain 131

https://cs.agency2.ru/p?ssp=sp&uid=0100007F0FAAFA6299007E7702AD0FC2 HTTP 301
https://www.acint.net/match?dp=186&euid=1807b323-e5b9-4352-bec5-fee191af49fd

Request Chain 190

https://dmg.digitaltarget.ru/1/1093/i/i?i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Request Chain 191

https://dmg.digitaltarget.ru/1/1093/i/i?i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_noorient

199 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
nalog-plati.ru/
Redirect Chain

http://nalog-plati.ru/
https://nalog-plati.ru/

58 KB
16 KB

558ms
280ms

Document
text/html

185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 72097ee775776954b13b92f0181973fbfc0e307c64847dae6e9f131ca0472793

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 15 Aug 2022 20:18:21 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Mon, 15 Aug 2022 20:18:20 GMT
Location: https://nalog-plati.ru/
Server: nginx

GET
H2 200 style.min.css
nalog-plati.ru/wp-includes/css/dist/block-library/ 29 KB
5 KB 140ms
137ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-includes/css/dist/block-library/style.min.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:50 GMT
server: nginx
etag: W/"5d9216fe-726f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 related-post.css
nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/ 2 KB
830 B 180ms
177ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/related-post.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 18f43e6afa50664ace58ab03d3c2ed3b018240ead481f96f9dd8225875fc4349

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
etag: W/"5d9216f4-889"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/ 41 B
159 B 181ms
178ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/style.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 80b872bd243d2453db96ec8d8ddc77072c5bf81a0fb9c9db77e893576b1a37c1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216f4-29"
content-length: 41
content-type: text/css

GET
H2 200 font-awesome.min.css
nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/ 30 KB
7 KB 182ms
179ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/font-awesome.min.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
etag: W/"5d9216f4-7918"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 owl.carousel.css
nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/ 4 KB
1 KB 182ms
179ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/css/owl.carousel.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 0dbf526f57c494e472bfbfd8dfc6f9366ce765c1e20a9dffab2c2c7932838c4a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
etag: W/"5d9216f4-100b"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 postratings-css.css
nalog-plati.ru/wp-content/plugins/wp-postratings/css/ 1 KB
540 B 182ms
180ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.86.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:30 GMT
server: nginx
etag: W/"5d9216ea-549"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 84ms
36ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

49d5b5b19c91e480bcd73ebe19434545fba228099c76513c875bed5c40510a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 20:18:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 20:18:21 GMT

GET
H2 200 style.css
nalog-plati.ru/wp-content/themes/basic/ 29 KB
7 KB 183ms
181ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/themes/basic/style.css?ver=1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 5a98abedca88aecd9d163b493a74d530dc15b47575426a410c35cb83eb7e5572

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
etag: W/"5d9216e6-7376"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.lazyloadxt.spinner.css
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/ 256 B
375 B 183ms
181ms Stylesheet
text/css 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 36367a3a65b65258bf20542465dc51720b4f6d42fad2abf1309531458cdc7790

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216f7-100"
content-length: 256
content-type: text/css

GET
H2 200 jquery.js Show response
nalog-plati.ru/wp-includes/js/jquery/ 95 KB
33 KB 316ms
315ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:49 GMT
server: nginx
etag: W/"5d9216fd-17a69"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
nalog-plati.ru/wp-includes/js/jquery/ 10 KB
4 KB 319ms
317ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:49 GMT
server: nginx
etag: W/"5d9216fd-2748"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 related-post-scripts.js Show response
nalog-plati.ru/wp-content/plugins/related-post/assets/front/js/ 64 B
192 B 319ms
318ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/js/related-post-scripts.js?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 4852a1eb8dc6c4e97fc54fdb1fe8a77336b8182372acc3cfb3fdffe138ca0e03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216f4-40"
content-length: 64
content-type: application/javascript

GET
H2 200 owl.carousel.min.js Show response
nalog-plati.ru/wp-content/plugins/related-post/assets/front/js/ 83 KB
18 KB 320ms
318ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/related-post/assets/front/js/owl.carousel.min.js?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:40 GMT
server: nginx
etag: W/"5d9216f4-14c6c"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jq-sticky-anything.min.js Show response
nalog-plati.ru/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 7 KB
2 KB 320ms
319ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/jq-sticky-anything.min.js?ver=2.1.1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: c78670d74dd4276ebea41acf32ea50bef3e18c35c9f0f85afc929baa14d5e690

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
etag: W/"5d9216e6-1cf2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 170 KB
57 KB 120ms
63ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6bac7ebed1d8b8d620bf585e034ff23ca1cfe600b40be021d34b280e7bb0b9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57497
x-xss-protection: 0
server: cafe
etag: 17027550463765842154
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 20:18:21 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 289 KB
79 KB 467ms
158ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

97e5ac067a9ec2a1aab7e9f62cf6c2ed1f82c7773f3b8593634784843b9c6ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1660594702012575-8963750822254687984-vla1-4683-vla-l7-balancer-8080-BAL-3183
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 15 Aug 2022 21:18:22 GMT

GET
H2 200 119203.js Show response
cdn-rtb.sape.ru/rtb-b/js/203/2/ 99 KB
40 KB 641ms
284ms Script
application/javascript 95.181.171.233
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-rtb.sape.ru/rtb-b/js/203/2/119203.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.171.233 , Russian Federation, ASN50214 (QWARTA, RU),

Reverse DNS

asrv233.qwarta.ru

Software

openresty /

Resource Hash

7c07478bc830f408a737eda2261577b7b083f121e3bbd0c87c81931f42bbc600

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 21:51:54 GMT
server: openresty
x-amz-request-id: 170A68DDD531B398
etag: W/"7c5a8c25e522c39cc3a843de6422c790"
x-cache-status: HIT
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
content-security-policy: block-all-mixed-content
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 21:18:22 GMT

GET
H2 200 7pwf.min.js Show response
newrrb.bid/ 66 KB
20 KB 764ms
484ms Script
text/javascript 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/7pwf.min.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
duration: 726607
access-control-allow-methods: POST, GET, OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Aug 2022 20:18:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dU4a%2FsynMWbD6LjE8LV5jtk7%2BkekiBK6tp5gbAUy9qNXPWWKpd0p8pRpYGq19YiO05SZYwh30Ztx0cvO4iruwhV8KYz71xEqp8dRTV%2FHrkRVJ7Mp92vm5gU0OC3XzwE%2Fl9EDp33oB58"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 73b49e76fa744bd7-YUL
access-control-allow-headers: *
expires: Mon, 15-Aug-2022 23:23:22 EEST

GET
H2 200 / Show response
wwopenclick.vip/ 19 KB
19 KB 371ms
117ms Script
application/javascript 185.177.94.76
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wwopenclick.vip/?pu=gfrgkyjzme5ha3ddf4ytkmrt

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.76 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-76.ah-server.com

Software

nginx /

Resource Hash

f8e8338893be06cdab0500fd4bae2c44b5e99947a5224b64ad53b7d378bf6654

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 20:18:20 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 mp0y03qh8687vuq786kypv9mltw.php Show response
toqadf.com/ywzl17/912/lvi/ 58 KB
19 KB 527ms
139ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toqadf.com/ywzl17/912/lvi/mp0y03qh8687vuq786kypv9mltw.php
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c9064711d6652ff0659841c1966c5d5303e4190ee8b57845c27fe472a1032c90

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 07:42:34 GMT
server: nginx/1.14.2
etag: "62f20fea-4aeb"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19179

GET
H2 200 logo.jpg
nalog-plati.ru/wp-content/uploads/2019/09/ 38 KB
38 KB 236ms
234ms Image
image/jpeg 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/uploads/2019/09/logo.jpg
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 2ad8bb5cc0bf86feb4546578428bdf56a74627c294a2c5284e48578e0ddc761d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 16:26:11 GMT
server: nginx
accept-ranges: bytes
etag: "5d922ca3-9682"
content-length: 38530
content-type: image/jpeg

GET
H2 200 lazy_placeholder.gif
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
161 B 237ms
235ms Image
image/gif 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216f7-2a"
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK counter.js Show response
adcounter14.uptolike.com/ 2 KB
2 KB 1653ms
137ms Script
application/javascript 185.79.135.43
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adcounter14.uptolike.com/counter.js?sid=st794e52def03272aa225e5ece55c8b90b101784bc
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.79.135.43 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: e47f286352e1a91a146202da854b97fbdd5ee978813c1e3d71f0b629c2a72d89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:23 GMT
Last-Modified: Tue, 19 Feb 2019 16:19:18 GMT
Server: nginx/1.1.19
ETag: "5c6c2c86-70f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1807

GET
H/1.1 200
OK counter.js Show response
adcounter19.uptolike.com/ 2 KB
2 KB 1472ms
136ms Script
application/javascript 185.79.135.48
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adcounter19.uptolike.com/counter.js?sid=st794e52def03272aa225e5ece55c8b90b101784bc
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.79.135.48 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: e47f286352e1a91a146202da854b97fbdd5ee978813c1e3d71f0b629c2a72d89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:23 GMT
Last-Modified: Tue, 19 Feb 2019 16:19:18 GMT
Server: nginx/1.1.19
ETag: "5c6c2c86-70f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1807

GET
H2 200 stickThis.js Show response
nalog-plati.ru/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/ 726 B
470 B 138ms
138ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/sticky-menu-or-anything-on-scroll/assets/js/stickThis.js?ver=2.1.1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 8fc646c9ba5a91dded24716aec18659da956f775f3342854241fad3a53340f70

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
etag: W/"5d9216e6-2d6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 postratings-js.js Show response
nalog-plati.ru/wp-content/plugins/wp-postratings/js/ 3 KB
892 B 155ms
155ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.86.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:30 GMT
server: nginx
etag: W/"5d9216ea-d01"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 functions.js Show response
nalog-plati.ru/wp-content/themes/basic/js/ 1 KB
720 B 140ms
136ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/themes/basic/js/functions.js?ver=1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
etag: W/"5d9216e6-52b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 q2w3-fixed-widget.min.js Show response
nalog-plati.ru/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 234ms
231ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:30 GMT
server: nginx
etag: W/"5d9216ea-1108"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 235ms
232ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=1.9.3
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
etag: W/"5d9216f7-bc6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
843 B 236ms
232ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=1.9.3
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
etag: W/"5d9216f7-543"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery.lazyloadxt.extend.js Show response
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/ 792 B
488 B 236ms
233ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=1.9.3
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
etag: W/"5d9216f7-318"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
nalog-plati.ru/wp-includes/js/ 1 KB
893 B 237ms
234ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/wp-includes/js/wp-embed.min.js?ver=5.2.2
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:48 GMT
server: nginx
etag: W/"5d9216fc-57b"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 821ms
540ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6dff4a68f0a11c3ef2f5286a72889a7a8a910fc0d13c5328416f6c0ccc14cae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-1196e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 72046
expires: Mon, 15 Aug 2022 21:18:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 68ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:32:38 GMT
x-content-type-options: nosniff
age: 434743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:32:38 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v17/ 20 KB
20 KB 109ms
65ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qWVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a430df41eca107e9496f5956eeb02ef22979f5babb0a26a6d6970d1180545f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:33:47 GMT
x-content-type-options: nosniff
age: 560674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20776
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 08:33:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 24 KB
24 KB 95ms
59ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 19:45:22 GMT
x-content-type-options: nosniff
age: 433979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 19:45:22 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 29 KB
29 KB 76ms
47ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 05:22:20 GMT
x-content-type-options: nosniff
age: 572161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Aug 2023 05:22:20 GMT

GET
H2 200 init.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 6 KB
3 KB 209ms
208ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: d95c8cf1ecb4602ff02a6ddbb1407ed985067ab6647db605833054a5308f4fe8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-165f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 loading.gif
nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 208ms
208ms Image
image/gif 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.2.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=5.2.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:43 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216f7-69a"
content-length: 1690
content-type: image/gif

GET
H2 200 li.svg
nalog-plati.ru/wp-content/themes/basic/img/ 2 KB
780 B 209ms
208ms Image
image/svg+xml 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/themes/basic/img/li.svg
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/wp-content/themes/basic/style.css?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/wp-content/themes/basic/style.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
etag: W/"5d9216e6-65b"
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 socialshare.png
nalog-plati.ru/wp-content/themes/basic/img/ 4 KB
4 KB 208ms
208ms Image
image/png 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/themes/basic/img/socialshare.png
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/wp-content/themes/basic/style.css?ver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 1c81903b2e8dd0e3e9208bca120fdd707268f8ccb5009dde637a29ca2209e70e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/wp-content/themes/basic/style.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:26 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216e6-f16"
content-length: 3862
content-type: image/png

GET
H2 200 rating_over.gif
nalog-plati.ru/wp-content/plugins/wp-postratings/images/stars/ 523 B
643 B 233ms
233ms Image
image/gif 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
last-modified: Mon, 30 Sep 2019 14:53:30 GMT
server: nginx
accept-ranges: bytes
etag: "5d9216ea-20b"
content-length: 523
content-type: image/gif

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 340 KB
120 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78b9fea3f77e0040c6ceb3753ca5c83b3caa6c7326ca75d6a68cd65435b8904a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122754
x-xss-protection: 0
server: cafe
etag: 3181493715186308862
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 20:18:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/ Frame 6E8D 10 KB
5 KB 68ms
20ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:12:18 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 20:12:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 180px-Emblem_of_the_Federal_Tax_Service.svg_.png
nalog-plati.ru/wp-content/uploads/2019/09/ 49 KB
49 KB 150ms
149ms Image
image/png 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/wp-content/uploads/2019/09/180px-Emblem_of_the_Federal_Tax_Service.svg_.png
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 3c8362b6382da1f122c7a3135ea699ccafee797ef92f81bba03d649d5074cc31

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
last-modified: Mon, 30 Sep 2019 17:06:58 GMT
server: nginx
accept-ranges: bytes
etag: "5d923632-c4cb"
content-length: 50379
content-type: image/png

GET
H2 200 settings.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/ed940/ 2 KB
701 B 211ms
211ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/ed940/settings.js?pid=b4c7ded9408b284042578d41832f292b&t=1660594701916
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: ca013870ae6ffb84721168912033dcb4de4e821c229865d5344f9341457c3bfd

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:22:59 GMT
server: nginx
etag: W/"62f25fb3-766"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
698 B 100ms
35ms Script
text/javascript 142.250.80.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nalog-plati.ru&callback=_gfp_s_&client=ca-pub-2909179082860411&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f2.1e100.net

Software

cafe /

Resource Hash

9285c2de00dcf0c6e171d18b400eadb88294d3dbf50a6437b179c08550f2675a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 105ms
38ms Script
application/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=nalog-plati.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 99ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nalog-plati.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 63CF 156 KB
44 KB 487ms
486ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2909179082860411&output=html&adk=1812271804&adf=3025194257&lmt=1660594701&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnalog-plati.ru%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660594701800&bpp=3&bdt=518&idt=151&shv=r20220811&mjsv=m202208090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5245679594722&frm=20&pv=2&ga_vid=2051253961.1660594702&ga_sid=1660594702&ga_hid=1393305292&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=48644443665404&tmod=1948623946&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6706021dec7dc1793eddf1f4c28adc5bf3a70a39a1ee718dce15b0bee6adcf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44629
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:18:22 GMT
expires: Mon, 15 Aug 2022 20:18:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.3572a036.chunk.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 370 KB
107 KB 143ms
142ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 88f5ae871964765958a80e769324ea203667945cc5016c00c9d2c311ae5aeadc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-5c8a3"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 / Show response
geo-db.feedot.com/detected-cities/ 617 B
599 B 1272ms
245ms XHR
application/json 82.202.220.202
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://geo-db.feedot.com/detected-cities/?useIp=1&preload=1
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.202 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 495ab245361570d78d65fb2345947fb30427fae08d8614262c524eaf446c0302

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

POST
H3 200 7pwf.json Show response
newrrb.bid/ 59 B
616 B 372ms
349ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/7pwf.json

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf4d6815d9f8ad1a630b6b7eda625be91c465f9bf287647ee92ef59aa34b4952

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BbfGWgaM8Sp6rE2M7RX9I0QnX%2FP0qh5ibZxa3Y7Hm%2BGMuvw33l0qZNocrNS%2Fp7y5b7gTkRffFIZF3S6xhIVlLM9ex1A6LfmYhFEQOkU%2FnublnMOb0Anfkt5z%2F%2FX5FWOq9LuOID7e3y6"}],"group":"cf-nel","max_age":604800}
cf-ray: 73b49e7a3b30ecfa-YUL
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 7pwf.json Show response
newrrb.bid/ 531 B
683 B 372ms
351ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/7pwf.json

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20341ca2dfd037a41a93815d81b9e825f665600a9b06c9857a12f1dd8362985

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=976qcXaq%2BtJTSzHPSbOe62cxd3Q%2FPOTCaZob1%2FIVncdLqJgjO8hz0RXK938J04q%2B3%2F4Gvda7AIXsUORSdBwYzXxm55R6fwVq95Rqp11CdqNN1J8JbTqz%2Bp6qvwo70DRWwCflO82EK1cr"}],"group":"cf-nel","max_age":604800}
cf-ray: 73b49e7a3b32ecfa-YUL
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aci.js Show response
www.acint.net/ 22 KB
7 KB 636ms
338ms Script
application/x-javascript 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/203/2/119203.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
last-modified: Mon, 16 May 2022 07:14:50 GMT
server: openresty
etag: "6281f9ea-1d25"
content-type: application/x-javascript
cache-control: max-age=43200
content-length: 7461
expires: Tue, 16 Aug 2022 08:18:22 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 187ms
186ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: cdn-rtb.sape.ru
URL: https://cdn-rtb.sape.ru/rtb-b/js/203/2/119203.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

722066f9cb17003e21cd6eef3019ef43e94fd206c9c2af7da73c7208f6a04321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-dea7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56999
expires: Mon, 15 Aug 2022 21:18:22 GMT

GET
H2 200 1
www.acint.net/rtbw/ 43 B
341 B 944ms
653ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/rtbw/1?dp=14&cd=%7B%22st%22%3A119203%2C%22sc%22%3A0%2C%22pl%22%3A0%2C%22ev%22%3A%22run%22%2C%22et%22%3A%22srtb%22%2C%22ec%22%3A1018%7D&sid=62faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj&ref=https%3A%2F%2Fnalog-plati.ru%2F&r=1660594702
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 a97b8876cf9341ea21a2.js Show response
yastatic.net/partner-code-bundles/630993/ 13 KB
5 KB 304ms
108ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/630993/a97b8876cf9341ea21a2.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

6ea50ece3c3bcd13451796f2adbd4db087883894b63a2122107012de376a6333

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nalog-plati.ru/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4476
last-modified: Fri, 12 Aug 2022 15:37:54 GMT
server: nginx/1.17.9
etag: "a0afc8b07f5c4d2b5cb9d6625bf4e72d"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2052 02:51:28 GMT

GET
H2 200 24e2e1f8a308da910d0a.js Show response
yastatic.net/partner-code-bundles/630993/ 86 KB
18 KB 400ms
204ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/630993/24e2e1f8a308da910d0a.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8d3829b4f85647573b7205e46ad97bef7d6912a85b1da3305b2c7e71a11f78f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nalog-plati.ru/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17913
last-modified: Fri, 12 Aug 2022 15:37:54 GMT
server: nginx/1.17.9
etag: "4e75e5ccb9422e6cd8b775147a1c37ee"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2052 02:51:28 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 433ms
238ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nalog-plati.ru/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2052 02:50:25 GMT

GET
H2 200 e0fb7c59db78b0869116.js Show response
yastatic.net/partner-code-bundles/630993/ 549 KB
109 KB 482ms
289ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/630993/e0fb7c59db78b0869116.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b13cd1481c05f9481b03e9c98b4a6b761609581eb320bf436ce4c8dadd6673a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://nalog-plati.ru/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 110882
last-modified: Fri, 12 Aug 2022 15:37:54 GMT
server: nginx/1.17.9
etag: "a4b9e3dc2a9ffb6b1017935746c8bd45"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2052 02:51:50 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/ 150 KB
53 KB 49ms
49ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73f354e6ba251629055b6de87bd5dded28a3b545ebae9394b9af3452433f63a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54705
x-xss-protection: 0
server: cafe
etag: 16999770304008392877
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Aug 2022 20:18:22 GMT

GET
H3 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
122 B 84ms
41ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=nalog-plati.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 82ms
40ms Script
application/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nalog-plati.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/ Frame E59B 10 KB
4 KB 20ms
19ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 73055
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 00:00:47 GMT
etag: 8616628553774171045
expires: Mon, 29 Aug 2022 00:00:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame E59B 4 KB
636 B 74ms
34ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 19:15:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 20:18:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 20:18:22 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E59B 205 B
744 B 68ms
19ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 08:06:39 GMT
x-content-type-options: nosniff
age: 389503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 08:06:39 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E59B 604 B
696 B 68ms
20ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:24:38 GMT
x-content-type-options: nosniff
age: 294824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 12 Aug 2023 10:24:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/ Frame E59B 19 KB
9 KB 76ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 19:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8368
x-xss-protection: 0
server: cafe
etag: 5162546928090487746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:38:19 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/55557739/
Redirect Chain

https://mc.yandex.ru/watch/55557739?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/55557739/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3...

350 B
432 B

179ms
179ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55557739/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A244262182984%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A910372943%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0d7b0c5621ea6fac284cba052b10290eb7d2fb129b7a102ffcb497fa181f8ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:22 GMT
last-modified: Mon, 15-Aug-2022 20:18:22 GMT
location: /watch/55557739/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A1%3Adp%3A0%3Als%3A244262182984%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A910372943%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:22 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/56501437/
Redirect Chain

https://mc.yandex.ru/watch/56501437?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Al...
https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3...

350 B
513 B

138ms
137ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A472250437%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2bff87da7ec6ed59e9bb14fed20a6613ebadb1aaa8757fb1129296dec91a2c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:22 GMT
last-modified: Mon, 15-Aug-2022 20:18:22 GMT
location: /watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A0%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A472250437%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:22 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 315ms
315ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 15 Aug 2022 21:18:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 82B6 5 KB
667 B 34ms
33ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 19:18:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 20:18:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 20:18:22 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 82B6 2 KB
902 B 69ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 20:11:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/ Frame 82B6 23 KB
9 KB 61ms
19ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:15:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 20:15:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 82B6 3 KB
1 KB 68ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:12:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 20:12:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82B6 140 KB
44 KB 92ms
36ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660137096112928"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 20:18:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/ Frame 82B6 17 KB
7 KB 62ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220811/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Aug 2022 20:16:34 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame 82B6 32 KB
13 KB 66ms
20ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 10:06:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 23:02:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 10:06:29 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/71281900/
Redirect Chain

https://mc.yandex.ru/watch/71281900?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%22%...
https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%2...

331 B
366 B

142ms
142ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86ldzb9x141k%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A3%3Adp%3A0%3Als%3A279270669135%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A521887845%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29mc%28g-1%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

10ce364c868e325520f695b8c2c323c41a2bceced66e2bb408a9a48c842de690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:23 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:22 GMT
last-modified: Mon, 15-Aug-2022 20:18:22 GMT
location: /watch/71281900/1?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&site-info=%7B%22site_id%22%3A119203%2C%22srtb_sid%22%3A%2262faaa0e-6f9d-b40a-rc1d-ilnb8bcif0fj%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86ldzb9x141k%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A3%3Adp%3A0%3Als%3A279270669135%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201822%3Aet%3A1660594703%3Ac%3A1%3Arn%3A521887845%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Aco%3A0%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29mc%28g-1%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:22 GMT

POST
H3 200 7pwf.json Show response
newrrb.bid/ 60 B
576 B 169ms
169ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/7pwf.json

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8d6705192e06a6f75d734d5939a6a56cf7385534311eadd1e7a91fe8e77bed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 20:18:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpjjopf6W1lwfhQks0E%2FDuQcmXSH4gyRU76Dc%2FWCFJfEFiOhOWJvCplSviMRAuChDQ7Z7BexlUeM8kBbPNOANW35w93l8%2FQeB3cC8ufyQ3q4QtITe%2FmyWuNma4VanQThN0kqZt0z0hvy"}],"group":"cf-nel","max_age":604800}
cf-ray: 73b49e7cbda4ecfa-YUL
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5158 143 B
163 B 20ms
20ms Document
text/html 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 20:11:46 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5158
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

50ms
50ms

Document
text/html

2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220811/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Aug 2022 20:18:22 GMT
expires: Mon, 15 Aug 2022 20:18:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:18:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7pwf.json Show response
newrrb.bid/ 59 B
570 B 149ms
149ms XHR
application/json 2606:4700:3036::ac43:a434
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newrrb.bid/7pwf.json

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:a434 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b4f496f3ff524dcfdf0e1d7fb2ce89fd03441ceecfe1782b505860e0866e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SOz9CJs4QulCMvK%2Bn4EqFVC1Uy7bsKM6QCugyf6EakmunxZRz4gzfHlV7dHosl45N6equIr4Dz3rQxuq73g%2B1cJQkfhMJ0klblKMnD7RcFTNMVjxTiCNeicfOIhhyArHyNRQiKS0PWZ8"}],"group":"cf-nel","max_age":604800}
cf-ray: 73b49e7d8e98ecfa-YUL
access-control-allow-headers: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E82C 36 KB
14 KB 20ms
20ms Script
text/javascript 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lIG_-rjQweUtsPTJkqViasoL1XPo6OtXzg5InKx-NMQ.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 15:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14125
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 14 Aug 2023 15:54:51 GMT

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 1BA9
Redirect Chain

https://www.acint.net/mc/?dp=14
https://www.acint.net/mc/?dp=14&tc=1

4 KB
4 KB

151ms
151ms

Document
text/html

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=14&tc=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: e5f54ba71a1412211996877a6050268bce92d05d88093c0b1480364f4feceb08

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 15 Aug 2022 20:18:23 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Mon, 15 Aug 2022 20:18:23 GMT
location: /mc/?dp=14&tc=1
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 290ms
290ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.4.0&uid=170c8848-2214-4095-b235-d690af171b20&dp=14&tz=%2B00%3A00&nc=73057513&u=https%3A%2F%2Fnalog-plati.ru%2F&r=&rs=1600x1200&t=%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&oE=1&oP=1&dT=2022-08-15T20%3A18%3A23.094&fu=c1b066e1-7041-40db-8869-2956dfac4f2f
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 136ms
136ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

722066f9cb17003e21cd6eef3019ef43e94fd206c9c2af7da73c7208f6a04321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-dea7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56999
expires: Mon, 15 Aug 2022 21:18:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
20ms Script
text/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4562
date: Mon, 15 Aug 2022 19:02:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 15 Aug 2022 21:02:21 GMT

GET
H2 200 56501437 Show response
mc.yandex.ru/watch/ 43 B
85 B 142ms
142ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56501437?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fused_loader_version2&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A1%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201823%3Aet%3A1660594703%3Ac%3A1%3Arn%3A310836739%3Arqn%3A2%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-1)clc(0-0-0)lt(5000)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
last-modified: Mon, 15-Aug-2022 20:18:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 77ms
32ms XHR
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1393305292&t=pageview&_s=1&dl=https%3A%2F%2Fnalog-plati.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=680427480&gjid=1579896660&cid=2051253961.1660594702&tid=UA-147531938-36&_gid=1480537766.1660594703&_r=1&_slc=1&z=231150567

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nalog-plati.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 57335200 Show response
mc.yandex.ru/watch/ 331 B
362 B 143ms
142ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57335200?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anitzfaj0q86ldzb9x141k%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A4%3Adp%3A0%3Als%3A382829062892%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201823%3Aet%3A1660594703%3Ac%3A1%3Arn%3A539957520%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594703%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-1)clc(0-0-0)lt(5000)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

75ef7ba6b935ad400912a4957525d937559e6c2e95b3c5b15ff7ae4248725932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:23 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1393305292&t=pageview&_s=2&dl=https%3A%2F%2Fnalog-plati.ru%2F&ul=en-us&de=UTF-8&dt=%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KAhAAEABAAAAAC~&jid=&gjid=&cid=2051253961.1660594702&tid=UA-147531938-36&_gid=1480537766.1660594703&z=1268208840

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 19:02:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4538
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8.2ebe386c.chunk.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 37 KB
9 KB 139ms
138ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/8.2ebe386c.chunk.js
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: aa294e61260bfe392b032b339ff7c5867926f4bcb81278dbb92caaa2caa90736

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-94a6"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 6.04ffd8c8.chunk.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 252 KB
51 KB 274ms
272ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/6.04ffd8c8.chunk.js
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: aeeaa224d03631210f771a938695ecadc51a472cfae7fdf1b40c05f8f00fa69d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-3f16f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 0.a3e1fe84.chunk.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 41 KB
10 KB 411ms
410ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/0.a3e1fe84.chunk.js
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 2f95e26bfe5ede2b82b553a6cd262c1afc75293526c81474b54a267f7f2ae917

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-a354"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 11.49269eab.chunk.js Show response
nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/ 8 KB
3 KB 450ms
448ms Script
application/javascript 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/11.49269eab.chunk.js
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/init.js?t=1660594701661
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 6990deb17f4e5a20348c96ed3373c5ce9cba4e2d8dbbced498354d2062d2122f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
content-encoding: gzip
last-modified: Tue, 09 Aug 2022 13:10:38 GMT
server: nginx
etag: W/"62f25cce-204a"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 56501437 Show response
mc.yandex.ru/watch/ 43 B
73 B 138ms
137ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56501437?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fno_container_for_widget__inline-form&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A2%3Adp%3A1%3Als%3A683379174824%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201823%3Aet%3A1660594704%3Ac%3A1%3Arn%3A277670307%3Arqn%3A3%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-1)clc(0-0-0)lt(5000)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
last-modified: Mon, 15-Aug-2022 20:18:23 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:23 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 1BA9
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2&crf=1

68 B
607 B

25ms
24ms

Image
image/png

96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2&crf=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=73&external_user_id=0100007F0FAAFA6299007E7702AD0FC2&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 1BA9
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=A6B803C110AAFA621E00A28902285D70

43 B
269 B

228ms
168ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=A6B803C110AAFA621E00A28902285D70
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 20:18:24 GMT
Server: openresty
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Location: https://acint.net/match?dp=14&euid=A6B803C110AAFA621E00A28902285D70
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 1BA9
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F0FAAFA6299007E7702AD0FC2
https://px.adhigh.net/p/cm/sape?u=0100007F0FAAFA6299007E7702AD0FC2&bounced=1
https://acint.net/match?dp=17&euid=syB7SKFVesh.AikABlGCoyhOtA

43 B
269 B

465ms
464ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=syB7SKFVesh.AikABlGCoyhOtA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://acint.net/match?dp=17&euid=syB7SKFVesh.AikABlGCoyhOtA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 1BA9 43 B
764 B 441ms
147ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:24 GMT
Last-Modified: Mon, 15 Aug 2022 20:18:24 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Tue, 16 Aug 2022 02:18:24 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1BA9
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5442073275
https://www.acint.net/rmatch?dp=45&euid=Al3SUmFxYY_wPf_XpTdGDag&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0FAAFA6299007E7702AD0FC2

42 B
201 B

143ms
143ms

Image
image/gif

195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:25 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Mon, 15 Aug 2022 20:18:25 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F0FAAFA6299007E7702AD0FC2
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: text/html
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 1BA9 0
863 B 497ms
235ms Image
text/plain 2606:4700:3032::6815:3b42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=sape
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg83%2BG2NqlUv4EcFlCw8wGzOdrIGPb0hcxE8dCzw1u1QCO%2FZdUaJK9zkTgef%2BaACzbmsE%2F8CYUGrD3iRzCihV7hQzraHx4QJ6maNfPJMZZ1ZvOZNqBjE5C04xQTOXcCPZo8UW79DU9fl4Uk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 73b49e83ced07150-YUL
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 match
sync.republer.com/ Frame 1BA9 0
68 B 445ms
104ms Image
text/plain 23.88.82.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.republer.com/match?dsp=sape

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.88.82.46 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.46.82.88.23.clients.your-server.de

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
strict-transport-security: max-age=0
server: nginx

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 1BA9 0
333 B 312ms
96ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F0FAAFA6299007E7702AD0FC2

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, DE),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:23 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 506
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 1BA9 3 KB
3 KB 972ms
682ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:24 GMT
Last-Modified: Mon, 15 Aug 2022 20:04:42 GMT
Server: nginx
ETag: "62faa6da-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 1BA9 0
69 B 711ms
108ms Image
text/plain 195.201.8.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.8.30 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.8.201.195.clients.your-server.de
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 20:18:24 GMT
server: nginx/1.21.6

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
https://www.acint.net/match?dp=71&euid=b019b9f1-7c88-4872-a7a6-c44119937573

43 B
269 B

543ms
542ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=b019b9f1-7c88-4872-a7a6-c44119937573
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 20:18:24 GMT
server: nginx
location: https://www.acint.net/match?dp=71&euid=b019b9f1-7c88-4872-a7a6-c44119937573
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 1BA9 170 B
502 B 92ms
36ms Image
image/png 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=AQAAfw-q-mKZAH53Aq0Pwg

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
adlmerge.com/merge_gpsid/ Frame 1BA9
Redirect Chain

https://stat.adlabs.ru/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2
https://adlmerge.com/md/?mdback=https%3a%2f%2fadlmerge.com%2fmerge_gpsid%2f%3fsid%3d50%26id%3d0100007F0FAAFA6299007E7702AD0FC2&
https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2&md=18446744073195576961

43 B
299 B

24ms
23ms

Image
image/gif

199.115.115.26
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2&md=18446744073195576961
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 199.115.115.26 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Aug 2022 20:18:24 GMT
server: nginx/1.14.0
p3p: policyref="adlmerge.com/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
iseu: noneu
content-type: image/gif

Redirect headers

location: https://adlmerge.com/merge_gpsid/?sid=50&id=0100007F0FAAFA6299007E7702AD0FC2&md=18446744073195576961
date: Mon, 15 Aug 2022 20:18:24 GMT
server: nginx/1.14.0
access-control-allow-origin: *
iseu: noneu
p3p: policyref="adlmerge.com/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 1BA9 42 B
201 B 587ms
143ms Image
image/gif 195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=CNJVHXJK

43 B
269 B

730ms
729ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=CNJVHXJK
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=95&euid=CNJVHXJK
Date: Mon, 15 Aug 2022 20:18:24 GMT
Server: nginx/1.16.1
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 1BA9
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2
https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2&cs=1

35 B
376 B

105ms
105ms

Image
image/gif

78.46.100.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2&cs=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 78.46.100.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.125.100.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0100007F0FAAFA6299007E7702AD0FC2&cs=1
date: Mon, 15 Aug 2022 20:18:24 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=Xkp8BDttvvk6

43 B
269 B

517ms
516ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=Xkp8BDttvvk6
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=Xkp8BDttvvk6
Date: Mon, 15 Aug 2022 20:18:24 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 1BA9
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=78127dc1-3555-53e3-b719-e4aed5e34ea1

43 B
269 B

290ms
289ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=78127dc1-3555-53e3-b719-e4aed5e34ea1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=78127dc1-3555-53e3-b719-e4aed5e34ea1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 1BA9
Redirect Chain

https://ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=d6fbb5902d5e436f85c77df7923ec37e

43 B
269 B

517ms
517ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=d6fbb5902d5e436f85c77df7923ec37e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=d6fbb5902d5e436f85c77df7923ec37e
date: Mon, 15 Aug 2022 20:18:24 GMT
server: Kestrel
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru/p?ssp=sp&id=0100007F0FAAFA6299007E7702AD0FC2
https://www.acint.net/match?dp=111&euid=08958f7d-d5f3-46ad-9b98-15b77bf07b9b

43 B
269 B

147ms
147ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=111&euid=08958f7d-d5f3-46ad-9b98-15b77bf07b9b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Mon, 15 Aug 2022 20:18:25 GMT
x-route: http://upstream_cookiesync
server: nginx
location: https://www.acint.net/match?dp=111&euid=08958f7d-d5f3-46ad-9b98-15b77bf07b9b
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.32
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

matchspm
ut.rktch.com/ Frame 1BA9
Redirect Chain

https://ut.rktch.com/matchspm?pi=1000005&pui=0100007F0FAAFA6299007E7702AD0FC2
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=1716398606
https://ut.rktch.com/matchspm?pi=1000006&pui=bJi5VtL6bW8pxPVLfPh5je&noredirect

88 B
88 B

133ms
133ms

Image
image/png

89.108.97.2
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ut.rktch.com/matchspm?pi=1000006&pui=bJi5VtL6bW8pxPVLfPh5je&noredirect
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d50603.reg.regrucolo.ru
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:25 GMT
Server: nginx/1.22.0
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Content-Length: 88

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
via: 1.1 google
last-modified: Mon, 15 Aug 2022 20:18:25 GMT
server: Weborama Collect Frontend
location: https://ut.rktch.com/matchspm?pi=1000006&pui=bJi5VtL6bW8pxPVLfPh5je&noredirect
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

cBTdwxSWRsWvPQmvA7iVgA
an.yandex.ru/setud/mts_banner/ Frame 1BA9
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F0FAAFA6299007E7702AD0FC2
https://sm.rtb.mts.ru/match/second?ssp=30&exu=0100007F0FAAFA6299007E7702AD0FC2
https://tech.rtb.mts.ru/?dsp_uid=7014ddc3-1496-46c5-af3d-09af03b89580&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FcBTdwxSWRsWvPQmvA7iVgA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3123266202

43 B
104 B

317ms
159ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3123266202

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 20:18:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:25 GMT

Redirect headers

Date: Mon, 15 Aug 2022 20:18:25 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3123266202
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=f2673c96-d39e-44c3-536c-e4083b910d10

43 B
269 B

329ms
329ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=f2673c96-d39e-44c3-536c-e4083b910d10
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=f2673c96-d39e-44c3-536c-e4083b910d10
date: Mon, 15 Aug 2022 20:18:22 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F0FAAFA6299007E7702AD0FC2
https://www.acint.net/match?dp=127&euid=nbrlsqrG2lMLSb84ku8e

43 B
269 B

442ms
441ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=nbrlsqrG2lMLSb84ku8e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=nbrlsqrG2lMLSb84ku8e
date: Mon, 15 Aug 2022 20:18:25 GMT
server: nginx/1.19.0
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=o7wwgsf8xz

43 B
269 B

145ms
145ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=o7wwgsf8xz
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
server: nginx/1.14.0
access-control-allow-origin: *
surrogate-control: no-store
vary: Origin
location: https://www.acint.net/match?dp=129&euid=o7wwgsf8xz
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: 9a0ff3c7-21df-4afc-a043-b258d9f6ac35
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 1BA9 0
215 B 433ms
139ms Image
text/plain 217.65.2.150
CITYTELECOM-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 , Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 15 Aug 2022 20:18:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.0
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 204 0100007F0FAAFA6299007E7702AD0FC2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/ Frame 1BA9 0
189 B 437ms
142ms Image
text/plain 93.95.102.105
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: unspecified.mtw.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"

GET
H2

404

cBTdwxSWRsWvPQmvA7iVgA
an.yandex.ru/setud/mts_banner/ Frame 1BA9
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0FAAFA6299007E7702AD0FC2
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F0FAAFA6299007E7702AD0FC2&bounce=1
https://sm.rtb.mts.ru/p?ssp=aidata&id=qNsY8I5FLrAd52aXXnb3Mg
https://sm.rtb.mts.ru/match/second?ssp=51&exu=qNsY8I5FLrAd52aXXnb3Mg
https://tech.rtb.mts.ru/?dsp_uid=7014ddc3-1496-46c5-af3d-09af03b89580&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FcBTdwxSWRsWvPQmvA7iVgA%3Flocation%3Dhttps%253A%252F%252Fsm.rtb.mts...
https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DqNsY8I5FLrAd52aXXnb3Mg&sign=1891778825

43 B
80 B

151ms
151ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DqNsY8I5FLrAd52aXXnb3Mg&sign=1891778825

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:27 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 20:18:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:27 GMT

Redirect headers

Date: Mon, 15 Aug 2022 20:18:27 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DqNsY8I5FLrAd52aXXnb3Mg&sign=1891778825
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

NmNkZGM1NTM3YWE5NTQyNg
an.yandex.ru/mapuid/gonetdspis/ Frame 1BA9
Redirect Chain

https://dmp.gotechnology.io/match/sape?id=0100007F0FAAFA6299007E7702AD0FC2
https://dmp.gotechnology.io/match/sape?id=0100007F0FAAFA6299007E7702AD0FC2&chk=1
https://an.yandex.ru/mapuid/gonetdspis/NmNkZGM1NTM3YWE5NTQyNg

43 B
152 B

148ms
148ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetdspis/NmNkZGM1NTM3YWE5NTQyNg

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:27 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 20:18:27 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:27 GMT

Redirect headers

date: Mon, 15 Aug 2022 20:18:27 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetdspis/NmNkZGM1NTM3YWE5NTQyNg
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 1BA9
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F0FAAFA6299007E7702AD0FC2
https://sync.bumlam.com/?src=sap1&s_data=CAIQARiS1OqXBmIgMDEwMDAwN0YwRkFBRkE2Mjk5MDA3RTc3MDJBRDBGQzKiARBrSwFMHNcR7YbgACWQwGR8

0
523 B

103ms
103ms

Image
text/html

31.172.81.158
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARiS1OqXBmIgMDEwMDAwN0YwRkFBRkE2Mjk5MDA3RTc3MDJBRDBGQzKiARBrSwFMHNcR7YbgACWQwGR8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.158 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:26 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Mon, 15 Aug 2022 20:18:26 GMT
Server: nginx
ETag: 6b4b014c-1cd7-11ed-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARiS1OqXBmIgMDEwMDAwN0YwRkFBRkE2Mjk5MDA3RTc3MDJBRDBGQzKiARBrSwFMHNcR7YbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 0100007F0FAAFA6299007E7702AD0FC2
an.yandex.ru/mapuid/sapeis/ Frame 1BA9 43 B
387 B 449ms
150ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F0FAAFA6299007E7702AD0FC2

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 20:18:25 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:25 GMT

GET
H2 200 match.gif
mediatoday.ru/core/ Frame 1BA9 43 B
368 B 429ms
139ms Image
image/gif 139.45.228.100
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediatoday.ru/core/match.gif?s=32&id=0100007F0FAAFA6299007E7702AD0FC2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.100 , Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS: serv20.mt.viaprog.eu
Software: nginx/1.20.2 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:26 GMT
server: nginx/1.20.2
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
content-type: image/gif
content-length: 43
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 1BA9
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007F0FAAFA6299007E7702AD0FC2
https://www.acint.net/match?dp=186&euid=1807b323-e5b9-4352-bec5-fee191af49fd

43 B
269 B

525ms
525ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=1807b323-e5b9-4352-bec5-fee191af49fd
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:26 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Mon, 15 Aug 2022 20:18:26 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=1807b323-e5b9-4352-bec5-fee191af49fd
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET frame.html
s3.advarkads.com/modules/match/ Frame 85A9 0
0

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ 3 KB
3 KB 310ms
309ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 988ce2749844cdf80448f94150a7f2d17a2cebb6da7c1516981a0c485f006216

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
last-modified: Tue, 29 Mar 2022 12:36:51 GMT
server: nginx
etag: "a1e-5db5aaeedb58f"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2590
expires: Tue, 16 Aug 2022 20:18:23 GMT

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/sticky/ 8 B
195 B 310ms
309ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/sticky/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 2aa9b98dada10cc8e73a2958221ed883e3d336e96abebb43cb82cc158167a91e

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:23 GMT
last-modified: Tue, 29 Mar 2022 12:36:52 GMT
server: nginx
etag: "8-5db5aaef78d17"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 8
expires: Tue, 16 Aug 2022 20:18:23 GMT

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ 3 KB
3 KB 265ms
264ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 988ce2749844cdf80448f94150a7f2d17a2cebb6da7c1516981a0c485f006216

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Tue, 29 Mar 2022 12:36:51 GMT
server: nginx
etag: "a1e-5db5aaeedb58f"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2590
expires: Tue, 16 Aug 2022 20:18:24 GMT

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/chat/ 4 KB
4 KB 271ms
271ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/chat/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 6e151a29c303e101b7676c988418583253990cf8f7cb33a07a54deeb8515cdec

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Tue, 29 Mar 2022 12:36:51 GMT
server: nginx
etag: "ef0-5db5aaeec9097"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3824
expires: Tue, 16 Aug 2022 20:18:24 GMT

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 923ms
134ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nalog-plati.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 15 Aug 2022 20:18:24 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 961 B
618 B 82ms
39ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&badge=inline&onload=feedotCaptchaLoaded

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

64f96112cbe2bb343fde87bba27229dab111b0df76da51f76df9f8a725442123

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 597
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:24 GMT

GET
H2 200 / Show response
api.feedot-cloud.ru/rest/partner-phones/ 233 B
813 B 1560ms
179ms XHR
application/json 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://api.feedot-cloud.ru/rest/partner-phones/?partnerId=2d0aa6b50146ab63f61dde3a1ca4a041&channels=%5B792412%5D
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 8301ba1a29e067a219da06cecefc9d3a7a3a20be17b9000387c0f5e5bd856666

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
vary: Accept-Encoding
serverid: cpa-59ddcf4db7-mrtxm
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS, GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://nalog-plati.ru
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, X-Auth-Token, Authorization, Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
stat-feedot.ru/event/ 20 B
471 B 284ms
282ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-5f585b478d-cf5vj
pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

GET
H2 200 64738168 Show response
mc.yandex.ru/watch/ 350 B
453 B 138ms
137ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/64738168?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A5%3Adp%3A1%3Als%3A1058543796047%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594704%3Ac%3A1%3Arn%3A87235629%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-2)clc(0-0-0)lt(5000)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

953a07fb9975fb419992413363dcf6d10fb42b086b91995020dcabb85910876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ 3 KB
3 KB 141ms
140ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/global/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 988ce2749844cdf80448f94150a7f2d17a2cebb6da7c1516981a0c485f006216

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Tue, 29 Mar 2022 12:36:51 GMT
server: nginx
etag: "a1e-5db5aaeedb58f"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2590
expires: Tue, 16 Aug 2022 20:18:24 GMT

GET
H2 200 ru.json Show response
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/exit-popup/ 2 KB
2 KB 193ms
192ms XHR
application/json 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/localizations/exit-popup/ru.json
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 68c97115fd44b4d4776b5390b741afc23fc0090d5b506f75e62f9a4572f57068

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Tue, 29 Mar 2022 12:36:51 GMT
server: nginx
etag: "84a-5db5aaeed117f"
content-type: application/json
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2122
expires: Tue, 16 Aug 2022 20:18:24 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 383 KB
152 KB 64ms
19ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&badge=inline&onload=feedotCaptchaLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nalog-plati.ru/
Origin: https://nalog-plati.ru
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:28 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/64738168/ 43 B
73 B 139ms
139ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/64738168/1?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fwidget-sticky__view&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A5%3Adp%3A1%3Als%3A1058543796047%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594704%3Ac%3A1%3Arn%3A534415116%3Arqn%3A2%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-3)clc(0-0-0)lt(5000)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame E399 42 KB
22 KB 55ms
54ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=vrxxljm5akcq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d5c77ebd1b4874d5dcc3ac72f51e2e2eea4904d235c0f1e2546f5d71368090d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N2vr7RyPHLLxfgCGdzbf4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22053
content-security-policy: script-src 'report-sample' 'nonce-N2vr7RyPHLLxfgCGdzbf4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:18:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 8 KB
730 B 34ms
34ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap&subset=cyrillic

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

942b50839b4c887e66f8a0962cb5ec87a757bab5924b1c1431ac80303b26c895

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 20:12:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 15 Aug 2022 20:18:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Aug 2022 20:18:24 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4399 42 KB
22 KB 55ms
54ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef9856ad31c6ddbc5b8236026007d9374cd4e54a597325738dd517bc8c904a77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HL7aQtoU9ibPiqI-As_3aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22139
content-security-policy: script-src 'report-sample' 'nonce-HL7aQtoU9ibPiqI-As_3aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:18:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 925ms
404ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nalog-plati.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 15 Aug 2022 20:18:25 GMT

POST
H2 200 / Show response
stat-feedot.ru/event/ 20 B
471 B 150ms
150ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-5f585b478d-r9n94
pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

GET
H2 200 61110988 Show response
mc.yandex.ru/watch/ 350 B
381 B 139ms
138ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/61110988?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A6%3Adp%3A1%3Als%3A1474809608668%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594704%3Ac%3A1%3Arn%3A368959001%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-3)clc(0-0-0)lt(5000)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0fbad3bc29d7fe1adf489e6fa91d0646139dafc9ed803b163d813a4e34df4bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
DATA 200
OK truncated
/ 257 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07069033b288dafa2cd4731331181f89593bc5673575e7be2afff90ec22d6a7a

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avatar.png
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/ 2 KB
2 KB 138ms
137ms Image
image/png 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/avatar.png
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 5e2d56402e8b4fd93e5b9881ad637d3117a140932740e7011c6a26edce06e416

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:08 GMT
server: nginx
accept-ranges: bytes
etag: "608a3a10-73c"
content-length: 1852
content-type: image/png

GET
H2 200 logo.png
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/recaptcha/ 1 KB
2 KB 220ms
220ms Image
image/png 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/recaptcha/logo.png
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 495689f54a5420eb6ab00a1f44c16c2f00f2a0cfe3d8e7cd7bead5f41feb3cd7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:50 GMT
server: nginx
accept-ranges: bytes
etag: "608a3a3a-596"
content-length: 1430
content-type: image/png

GET
H2 200 avatar.png
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/ 2 KB
2 KB 188ms
188ms Image
image/png 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/avatar.png
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 80701f768ec9cc98df93182ad737038504f7d94e09230d45c75087a4677a0307

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:44 GMT
server: nginx
accept-ranges: bytes
etag: "608a3a34-7ab"
content-length: 1963
content-type: image/png

GET
H2 200 background.jpg
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/skins/whatsapp/ 39 KB
39 KB 188ms
188ms Image
image/jpeg 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/skins/whatsapp/background.jpg
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: daf1d9e70e6f574d89122364e4832780448e3d728ffb410378ccad2e4ca9bc21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:50 GMT
server: nginx
accept-ranges: bytes
etag: "608a3a3a-9d0b"
content-length: 40203
content-type: image/jpeg

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CB2F 41 KB
21 KB 48ms
47ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0322d701e775cf647053fe270f6a7701d41c02790740baeaeb10baffb10c93b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6DoJmObrz7KQIOElY_9kOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 21906
content-security-policy: script-src 'report-sample' 'nonce-6DoJmObrz7KQIOElY_9kOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Aug 2022 20:18:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 604ms
134ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nalog-plati.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 15 Aug 2022 20:18:24 GMT

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 602ms
135ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nalog-plati.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 15 Aug 2022 20:18:24 GMT

POST
H2 200 / Show response
stat-feedot.ru/event/ 20 B
471 B 287ms
286ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-5f585b478d-nsjv7
pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

POST
H2 200 / Show response
stat-feedot.ru/event/ 20 B
471 B 288ms
288ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-5f585b478d-rkvn5
pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

GET
H2 200 57119542 Show response
mc.yandex.ru/watch/ 350 B
381 B 360ms
360ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542?wmode=7&page-url=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afp%3A1596%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A7%3Adp%3A1%3Als%3A1560485270278%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594704%3Ac%3A1%3Arn%3A704266325%3Arqn%3A1%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Ads%3A1%2C277%2C280%2C1%2C648%2C0%2C%2C604%2C12%2C%2C%2C%2C1811%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-4)clc(0-0-0)lt(5000)aw(1)rqnt(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a55b76783b8e1b2d35cd3ea25c6f6ea47dfcf54c50ee3d9e08c5b0e3ae424d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
H2 206 initial.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/ 79 KB
0 427ms
426ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/initial.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:10 GMT
server: nginx
etag: "7f76f-5c1152c9b689c"
content-type: video/webm
Content-Range: bytes 0-522094/522095
cache-control: max-age=86400
Content-Length: 522095
expires: Tue, 16 Aug 2022 20:18:24 GMT

GET
H2 206 initial.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/ 510 KB
511 KB 158ms
158ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/initial.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 8bdd95df25b52344ae6f8f49c9cffe5496caa3ccc05fe2fcdd19bcec3732aa5e

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Thu, 29 Apr 2021 04:46:10 GMT
server: nginx
etag: "7f76f-5c1152c9b689c"
content-type: video/webm
Content-Range: bytes 0-522094/522095
cache-control: max-age=86400
Content-Length: 522095
expires: Tue, 16 Aug 2022 20:18:24 GMT

GET
H2 206 initial.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/ 61 KB
61 KB 701ms
700ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/initial.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: a888a496063a6f8b834f7cfb83253095ea610cfef4e68b6e61bd6a91f42548b4

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Thu, 29 Apr 2021 04:46:46 GMT
server: nginx
etag: "f417-5c1152ebef865"
content-type: video/webm
Content-Range: bytes 0-62486/62487
cache-control: max-age=86400
Content-Length: 62487
expires: Tue, 16 Aug 2022 20:18:25 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E399 52 KB
24 KB 20ms
19ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=vrxxljm5akcq

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame E399 383 KB
152 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:28 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 4399 52 KB
24 KB 24ms
23ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame 4399 383 KB
152 KB 48ms
48ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:28 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame CB2F 52 KB
24 KB 24ms
24ms Stylesheet
text/css 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:30 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ Frame CB2F 383 KB
152 KB 45ms
45ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 155978
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Aug 2023 17:06:28 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/61110988/ 43 B
73 B 272ms
272ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/61110988/1?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fwidget-exit-popup__view&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A6%3Adp%3A1%3Als%3A1474809608668%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594704%3Ac%3A1%3Arn%3A955058783%3Arqn%3A2%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594704%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-6)clc(0-0-0)lt(10100)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E399 2 KB
2 KB 20ms
20ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 195521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 20 Aug 2022 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E399 15 KB
15 KB 60ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 533913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E399 15 KB
15 KB 78ms
38ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:35:09 GMT
x-content-type-options: nosniff
age: 596595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:35:09 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4399 2 KB
2 KB 21ms
20ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 195521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 20 Aug 2022 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4399 15 KB
15 KB 23ms
21ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 533913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4399 15 KB
15 KB 29ms
28ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:35:09 GMT
x-content-type-options: nosniff
age: 596595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:35:09 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CB2F 2 KB
2 KB 20ms
19ms Image
image/png 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 13:59:43 GMT
x-content-type-options: nosniff
age: 195521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 20 Aug 2022 13:59:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB2F 15 KB
15 KB 21ms
20ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 15:59:51 GMT
x-content-type-options: nosniff
age: 533913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Aug 2023 15:59:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB2F 15 KB
15 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 22:35:09 GMT
x-content-type-options: nosniff
age: 596595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 22:35:09 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame E399 102 B
134 B 39ms
39ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=vrxxljm5akcq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:24 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4399 102 B
134 B 39ms
38ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=m6s3gau16xhu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:24 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CB2F 102 B
134 B 40ms
37ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly9uYWxvZy1wbGF0aS5ydTo0NDM.&hl=en&v=mq0-U1BHZ5YTcoDC-CvsLPNc&size=invisible&badge=inline&cb=aarqdaibzz27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 15 Aug 2022 20:18:24 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/57119542/ 43 B
145 B 278ms
277ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542/1?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fwidget-chat__view&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A7%3Adp%3A1%3Als%3A1560485270278%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594705%3Ac%3A1%3Arn%3A621198105%3Arqn%3A2%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594705%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-6)clc(0-0-0)lt(10100)aw(1)rqnt(2)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:25 GMT
last-modified: Mon, 15-Aug-2022 20:18:25 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:25 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/57119542/ 43 B
73 B 271ms
270ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542/1?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fwidget-chat__used_loader_version2&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A7%3Adp%3A1%3Als%3A1560485270278%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201824%3Aet%3A1660594705%3Ac%3A1%3Arn%3A329933801%3Arqn%3A3%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594705%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-6)clc(0-0-0)lt(10100)aw(1)rqnt(3)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:24 GMT
last-modified: Mon, 15-Aug-2022 20:18:24 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:24 GMT

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 1BA9 16 KB
16 KB 268ms
268ms Script
application/javascript 185.15.175.146
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=446190166748762
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.146 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:25 GMT
Last-Modified: Mon, 15 Aug 2022 20:04:43 GMT
Server: nginx
ETag: "62faa6db-3e06"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15878

POST
H2 200 55557739 Show response
mc.yandex.ru/webvisor/ 43 B
73 B 4886ms
2957ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55557739?wmode=0&wv-part=1&wv-hit=414352670&page-url=https%3A%2F%2Fnalog-plati.ru%2F&rn=1067729989&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660594705%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220815201825%3Au%3A1660594703382706161%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660594705&t=gdpr(14)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:30 GMT
last-modified: Mon, 15-Aug-2022 20:18:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:30 GMT

POST
H2 200 55557739 Show response
mc.yandex.ru/webvisor/ 43 B
176 B 4484ms
2954ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55557739?wmode=0&wv-part=1&wv-hit=414352670&page-url=https%3A%2F%2Fnalog-plati.ru%2F&rn=162050633&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1660594706%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220815201825%3Au%3A1660594703382706161%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660594706&t=gdpr(14)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:30 GMT
last-modified: Mon, 15-Aug-2022 20:18:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:30 GMT

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 1BA9
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.syn...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FA...

49 B
603 B

157ms
157ms

Image
image/gif

185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Server

185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 15
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 15 Aug 2022 20:18:26 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.85997267771858&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/1093/i/ Frame 1BA9
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sy...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0F...

49 B
603 B

170ms
169ms

Image
image/gif

185.15.175.158
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_noorient

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1

Protocol

HTTP/1.1

Server

185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Mon, 15 Aug 2022 20:18:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 17
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Mon, 15 Aug 2022 20:18:27 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=395195652485525.471100153205202&a=77&e=0100007F0FAAFA6299007E7702AD0FC2&pref=https%3A%2F%2Fnalog-plati.ru%2F&c=ss:77.up:0100007F0FAAFA6299007E7702AD0FC2.sync:up.xdua:dufzTr0CdrEcHHTafgAb1uwq.xps:xpsdFDkDgRW0wgX6WC8aLqksO.dn:acint__net.adcm:hit.tg:adcmjs_noorient
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 146ms
145ms Image
image/gif 193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.4.0&uid=170c8848-2214-4095-b235-d690af171b20&dp=14&tz=%2B00%3A00&nc=80746378&dT=2022-08-15T20%3A18%3A26.097
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://nalog-plati.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 20:18:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
content-type: image/gif
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 206 chunk-3.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/ 125 KB
126 KB 143ms
142ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/right/5/48/chunk-3.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: 547f7dc04707d4e8253d66bf7ee54e0a177053a6a9384404ee9186bbe6adf323

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:27 GMT
last-modified: Thu, 29 Apr 2021 04:46:45 GMT
server: nginx
etag: "1f4ac-5c1152eb1775d"
content-type: video/webm
Content-Range: bytes 0-128171/128172
cache-control: max-age=86400
Content-Length: 128172
expires: Tue, 16 Aug 2022 20:18:27 GMT

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 135ms
134ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://nalog-plati.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Mon, 15 Aug 2022 20:18:29 GMT

POST
H2 200 / Show response
stat-feedot.ru/event/ 20 B
471 B 173ms
173ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-5f585b478d-qdwbp
pragma: no-cache
date: Mon, 15 Aug 2022 20:18:29 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

POST
H2 200 1 Show response
mc.yandex.ru/watch/57119542/ 43 B
73 B 824ms
824ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542/1?page-url=goal%3A%2F%2Fnalog-plati.ru%2Fwidget-chat__auto_open&page-ref=https%3A%2F%2Fnalog-plati.ru%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp71c81qpn94%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A860%3Acn%3A7%3Adp%3A1%3Als%3A1560485270278%3Ahid%3A414352670%3Az%3A0%3Ai%3A20220815201829%3Aet%3A1660594709%3Ac%3A1%3Arn%3A192651958%3Arqn%3A4%3Au%3A1660594703382706161%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A1660594700072%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3App%3A3629563401%3Arqnl%3A1%3Ast%3A1660594709%3At%3A%D0%9E%20%D0%B4%D0%B5%D1%8F%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%D1%81%D1%82%D0%B8%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D0%BE%D0%B9%20%D1%81%D0%BB%D1%83%D0%B6%D0%B1%D1%8B%20%7C%20%D0%9D%D0%B0%D0%BB%D0%BE%D0%B3%D0%BE%D0%B2%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)mc(g-6)clc(0-0-0)lt(10100)aw(1)rqnt(4)ecs(1)rqnl(1)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:30 GMT
last-modified: Mon, 15-Aug-2022 20:18:30 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:30 GMT

GET
H2 206 chunk-3.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/ 593 KB
593 KB 280ms
279ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/chunk-3.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: ccfe6d3a36395fd88e7f2b04a9858a2da640c8b6c8641c6ddedd2dfa6dacfdcb

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:31 GMT
last-modified: Thu, 29 Apr 2021 04:46:09 GMT
server: nginx
etag: "9424e-5c1152c92e4ec"
content-type: video/webm
Content-Range: bytes 0-606797/606798
cache-control: max-age=86400
Content-Length: 606798
expires: Tue, 16 Aug 2022 20:18:31 GMT

GET
H2 206 chunk-2.webm
nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/ 476 KB
477 KB 835ms
835ms Media
video/webm 185.84.108.232
MAJORDOMO

General

Check archive.org

Show headers Download Go to

Full URL: https://nalog-plati.ru/2d0aa6b50146ab63f61dde3a1ca4a041/images/avatars/animated/loops/left/3/100/chunk-2.webm
Requested by: Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.84.108.232 , Russian Federation, ASN43362 (MAJORDOMO, RU),
Reverse DNS: web29.majordomo.ru
Software: nginx /
Resource Hash: d0b71ddb31bc88e8a0927cc2e01cffcc9d768cb62768089258c816a9d072c677

Request headers

Referer: https://nalog-plati.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Aug 2022 20:18:31 GMT
last-modified: Thu, 29 Apr 2021 04:46:09 GMT
server: nginx
etag: "771bb-5c1152c89191c"
content-type: video/webm
Content-Range: bytes 0-487866/487867
cache-control: max-age=86400
Content-Length: 487867
expires: Tue, 16 Aug 2022 20:18:31 GMT

POST
H2 200 55557739 Show response
mc.yandex.ru/webvisor/ 43 B
145 B 136ms
135ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/55557739?wmode=0&wv-part=2&wv-hit=414352670&page-url=https%3A%2F%2Fnalog-plati.ru%2F&rn=140404534&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1660594711%3Aw%3A1600x1200%3Av%3A860%3Az%3A0%3Ai%3A20220815201831%3Au%3A1660594703382706161%3Avf%3Anlzej4hetqp71c81qpn94%3Awe%3A1%3Ast%3A1660594711&t=gdpr(14)ti(2)

Requested by

Host: nalog-plati.ru
URL: https://nalog-plati.ru/b4c7ded9408b284042578d41832f292b/b4c7d/js/main.3572a036.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nalog-plati.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Aug 2022 20:18:31 GMT
last-modified: Mon, 15-Aug-2022 20:18:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://nalog-plati.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 15-Aug-2022 20:18:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s3.advarkads.com
URL: https://s3.advarkads.com/modules/match/frame.html?id=8113-1-1&uid=0100007F0FAAFA6299007E7702AD0FC2

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

95 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mediatoday.ru/core	1970-01-20 14:52:34	Name: idntfy Value: VUb5zw7d0e2M6xd
.wwopenclick.vip/	1970-01-20 05:59:46	Name: uuid Value: 67acd190-9056-4ebe-86ef-9eeaa697ff0e
.nalog-plati.ru/	1970-01-20 14:38:10	Name: __gads Value: ID=ab201d89e40f0bff-221454be11d50002:T=1660594702:RT=1660594702:S=ALNI_MZQ1F-3VPcG8nPpX43DB5lU1k6o_A
.nalog-plati.ru/	1970-01-20 14:38:10	Name: __gpi Value: UID=0000070a21509697:T=1660594702:RT=1660594702:S=ALNI_MZ-J4_PJ5Tw5-X4k8lsarSBKbd8sQ
.nalog-plati.ru/	1969-12-31 23:59:59	Name: surfer_uuid Value: 228938fd-28df-41c6-a380-cdc08ddb7a0e
.nalog-plati.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Fnalog-plati.ru%2F%22%2C%22depth%22%3A1%7D
.nalog-plati.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: 1990ec1c-8834-4eaf-9717-6ccac4c8839c
.nalog-plati.ru/	1970-01-20 14:02:10	Name: _ym_uid Value: 1660594703382706161
.nalog-plati.ru/	1970-01-20 14:02:10	Name: _ym_d Value: 1660594703
.yandex.ru/	1970-01-20 14:02:10	Name: ymex Value: 1975954702.yrts.1660594702#1975954702.yrtsi.1660594702
.doubleclick.net/	1970-01-20 05:16:38	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 14:52:34	Name: IDE Value: AHWqTUmioB8ihliKl0oKIgBIw9JQyRfuSrS5v94CXnVlUuPrjPhteiQcNA0XMObP
.yandex.ru/	1970-01-20 14:52:34	Name: yandexuid Value: 8921531971660594702
.yandex.ru/	1970-01-20 14:52:34	Name: yuidss Value: 8921531971660594702
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 324720741660594702
.yandex.ru/	1970-01-20 14:52:34	Name: i Value: /wJoq67VpLkxafleVxLZvC7mb+XPxLM3Sp3KmDjC2g6jbAs0VqCEg6/rym5kbxMn8/oIDIxa/7KCGEJIbddaDI8leNI=
.nalog-plati.ru/	1970-01-20 05:17:46	Name: _ym_isad Value: 2
.nalog-plati.ru/	1970-01-20 05:16:36	Name: _ym_visorc Value: w
nalog-plati.ru/	1970-01-20 14:52:34	Name: fid Value: c1b066e1-7041-40db-8869-2956dfac4f2f
.nalog-plati.ru/	1970-01-20 14:52:34	Name: _ga Value: GA1.2.2051253961.1660594702
.nalog-plati.ru/	1970-01-20 05:18:01	Name: _gid Value: GA1.2.1480537766.1660594703
.nalog-plati.ru/	1970-01-20 05:16:34	Name: _gat Value: 1
.acint.net/	1970-01-20 05:16:35	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-20 14:52:34	Name: aid Value: fwAAAWL6qg93fgCZwg+tAvdXb9kkdoEXO+dQfM4g9GXHBl17
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp7v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp14v3 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp17 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp32 Value: 1660594703
.acint.net/	1970-01-20 05:18:01	Name: cSyncDp45v3 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp53 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp54v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp62 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp67v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp68 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp71 Value: 1660594703
.acint.net/	1970-01-20 05:36:44	Name: cSyncDp77 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp84 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp85 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp95v3 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp101 Value: 1660594703
.acint.net/	1970-01-20 05:36:44	Name: cSyncDp104v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp107 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp110 Value: 1660594703
.acint.net/	1970-01-20 05:36:44	Name: cSyncDp111v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp112v2 Value: 1660594703
.acint.net/	1970-01-20 05:38:10	Name: cSyncDp125v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp126 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp127 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp129 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp136v2 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp138 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp144 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp146 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp148 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp149 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp151 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp179 Value: 1660594703
.acint.net/	1970-01-20 05:59:46	Name: cSyncDp186 Value: 1660594703
.betweendigital.com/	1970-01-20 14:02:10	Name: dc Value: was1
.betweendigital.com/	1970-01-20 14:02:10	Name: tuuid Value: 78127dc1-3555-53e3-b719-e4aed5e34ea1
.betweendigital.com/	1970-01-20 14:02:10	Name: ss Value: 1
.hybrid.ai/	1970-01-20 14:02:10	Name: vid Value: 22cf17f5378cdfc61946
nalog-plati.ru/	1970-01-20 05:18:01	Name: feedot_cookie_test Value: test
nalog-plati.ru/	1970-01-20 05:18:01	Name: feedot__st__sticky Value: {%22sign%22:%22a57ef5e2e0665c0e23cb6af5c7688ae1%22%2C%22data%22:{%22name%22:%22NO-SPLIT%22%2C%22value%22:0}}
.adhigh.net/	1970-01-20 14:02:10	Name: gi_u Value: syB7SKFVesh.AikABlGCoyhOtA
.mail.ru/	1970-01-20 14:03:37	Name: VID Value: 1dNyRD2NsvIB00299R2_aEYB:::0-0-0-81502d0:CAASEIzDbCnKJqEJTzQYHSmjY4waYFZZV71pMHAyugAe88yKhr2tkz9P98AMi2cum3J5sDO6ooTpBiDAEX8mnRnkCiMiHKwABDs5syAPvfU2KUrc6XWScMIBtAd4JvcUrmVbpX7-IU9UenXjkwc01YwQRN25Kw
.ssp-rtb.sape.ru/	1970-01-20 14:52:34	Name: sspuid Value: wQO4pmL6qhCJogAecF0oAtrSGTa3PKw+yyjo/nvyhXkIF7T9
.utraff.com/	1970-01-20 05:59:57	Name: preutid Value: 1
.upravel.com/	1970-01-20 05:16:34	Name: session_tptc Value: 1660594704159
.adhigh.net/	1970-01-20 14:02:10	Name: sape_sync Value: jTI
nalog-plati.ru/	1970-01-20 05:18:01	Name: feedot__st__exit-popup Value: {%22sign%22:%22a57ef5e2e0665c0e23cb6af5c7688ae1%22%2C%22data%22:{%22name%22:%22NO-SPLIT%22%2C%22value%22:0}}
nalog-plati.ru/	1970-01-20 05:18:01	Name: feedot__st__chat Value: {%22sign%22:%22a57ef5e2e0665c0e23cb6af5c7688ae1%22%2C%22data%22:{%22name%22:%22NO-SPLIT%22%2C%22value%22:0}}
.upravel.com/	1970-01-20 14:52:34	Name: user_id Value: b019b9f1-7c88-4872-a7a6-c44119937573
.betweendigital.com/	1970-01-20 14:02:10	Name: ut Value: YvqqEAAF49CXBJm40AcfWsjfjsLGWSE5lF7Qqw==
.1dmp.io/	1970-01-20 14:02:10	Name: uid Value: 6a429c11-1cd7-11ed-8677-901b0e934d81
.adriver.ru/	1970-01-20 14:52:34	Name: cid Value: Al3SUmFxYY_wPf_XpTdGDag
.rutarget.ru/	1970-01-20 09:35:46	Name: userId Value: Xkp8BDttvvk6
ads.adlook.me/	1970-01-20 14:00:46	Name: adlm_userId Value: d6fbb5902d5e436f85c77df7923ec37e
.uuidksinc.net/	1970-01-20 14:02:10	Name: jcsuuid Value: nbrlsqrG2lMLSb84ku8e
.rktch.com/	1970-01-20 05:59:46	Name: b_uid Value: 2a45799edb87b0f68c7eeda6b2ec502d811c
.mts.ru/	1970-01-20 13:49:13	Name: dspid Value: 7014ddc3-1496-46c5-af3d-09af03b89580
.weborama.fr/	1970-01-20 14:42:29	Name: AFFICHE_W Value: tWqozc@PtXS125
.mts.ru/	1970-01-20 14:52:34	Name: mts_id Value: 075b596f-6c24-4457-88e2-34b6d85fe057
.mts.ru/	1970-01-20 14:52:34	Name: mts_id_last_sync Value: 1660594705
.ops.beeline.ru/	1970-01-20 13:49:13	Name: BeeAID Value: 08958f7d-d5f3-46ad-9b98-15b77bf07b9b
.aidata.io/	1970-01-20 14:52:34	Name: __upin Value: qNsY8I5FLrAd52aXXnb3Mg
.aidata.io/	1970-01-20 14:52:34	Name: __upints Value: 1660594705
.gnezdo.ru/	1970-01-20 14:52:34	Name: uid Value: XV9maWL6qhGYERMDoChdAg==
ssp.bidvol.com/	1970-01-20 14:52:34	Name: bvuid Value: o7wwgsf8xz
x01.aidata.io/	1970-01-20 05:20:53	Name: mts Value: 1
.agency2.ru/	1970-01-20 13:49:13	Name: uuid Value: 1807b323-e5b9-4352-bec5-fee191af49fd
.bumlam.com/	1970-01-20 14:52:34	Name: suuid3 Value: IiQ2YjRiMDE0Yy0xY2Q3LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
dmp.gotechnology.io/	1969-12-31 23:59:59	Name: chk Value: 1
.gotechnology.io/	1970-01-20 14:02:10	Name: pid Value: NmNkZGM1NTM3YWE5NTQyNg
.dmg.digitaltarget.ru/	1970-01-20 14:52:34	Name: viuserid Value: mRBFRKFPR7u5n-X7MP36

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=3123266202 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://an.yandex.ru/setud/mts_banner/cBTdwxSWRsWvPQmvA7iVgA?location=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D0%26exu%3DqNsY8I5FLrAd52aXXnb3Mg&sign=1891778825 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0100007f0faafa6299007e7702ad0fc2-sp.ops.beeline.ru
a.utraff.com
acint.net
ad.adriver.ru
ad.mail.ru
adcounter14.uptolike.com
adcounter19.uptolike.com
adlmerge.com
ads.adlook.me
ads.betweendigital.com
adservice.google.ca
adservice.google.com
an.yandex.ru
api.feedot-cloud.ru
b019b9f1-7c88-4872-a7a6-c44119937573.sync.upravel.com
cdn-rtb.sape.ru
cm.g.doubleclick.net
cs.agency2.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.gotechnology.io
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
geo-db.feedot.com
googleads.g.doubleclick.net
match.new-programmatic.com
mc.yandex.ru
mediatoday.ru
nalog-plati.ru
newrrb.bid
pagead2.googlesyndication.com
partner.googleadservices.com
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
s3.advarkads.com
sape-sync.rutarget.ru
sm.rtb.mts.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.bestssp.com
ssp.bidvol.com
stat-feedot.ru
stat.adlabs.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.republer.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
toqadf.com
tpc.googlesyndication.com
ut.rktch.com
wwopenclick.vip
www.acint.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x01.aidata.io
yandex.ru
yastatic.net
s3.advarkads.com
109.248.237.36
139.45.228.100
142.132.209.136
142.250.80.2
142.250.80.34
144.76.118.233
148.251.236.118
185.147.80.35
185.15.175.146
185.15.175.158
185.177.94.76
185.79.135.43
185.79.135.48
185.84.108.232
193.232.148.143
193.3.184.134
193.3.184.137
195.201.8.30
195.209.108.50
195.209.111.13
199.115.115.26
213.87.44.187
217.65.2.150
217.66.147.166
23.111.107.44
23.88.82.46
2606:4700:3032::6815:3b42
2606:4700:3036::ac43:a434
2607:f8b0:4006:808::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:824::2003
2a00:1148:db00::17
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
31.172.81.158
31.220.27.155
35.190.24.218
37.18.103.21
37.9.245.57
45.9.24.193
5.200.43.242
62.76.25.27
65.108.1.48
78.46.100.125
82.202.220.202
82.202.220.203
82.202.220.204
88.198.16.238
89.108.119.43
89.108.97.2
93.95.102.105
95.181.171.233
96.46.186.57
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
0322d701e775cf647053fe270f6a7701d41c02790740baeaeb10baffb10c93b1
07069033b288dafa2cd4731331181f89593bc5673575e7be2afff90ec22d6a7a
0a1aebdca3b69662a8cb029eb3909c5d8d5d20022b2be9c5497e6d2e12539b1f
0a9e05fa3d5632de3fa9bc89b1e59ad5c93e2f3017675c2f9610623bc9a33eb1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7b0c5621ea6fac284cba052b10290eb7d2fb129b7a102ffcb497fa181f8ccf
0dbf526f57c494e472bfbfd8dfc6f9366ce765c1e20a9dffab2c2c7932838c4a
0fbad3bc29d7fe1adf489e6fa91d0646139dafc9ed803b163d813a4e34df4bd2
10ce364c868e325520f695b8c2c323c41a2bceced66e2bb408a9a48c842de690
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18b6abb488a83b046ecfa92e27ba686e01070ea96863b66f8b604c0bf3954b95
18f43e6afa50664ace58ab03d3c2ed3b018240ead481f96f9dd8225875fc4349
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c52b5b8eb0a18d62cf486c7d591517c90cc4c4dd5e21de5c298da51a0fd7dbd
1c81903b2e8dd0e3e9208bca120fdd707268f8ccb5009dde637a29ca2209e70e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa9b98dada10cc8e73a2958221ed883e3d336e96abebb43cb82cc158167a91e
2ad8bb5cc0bf86feb4546578428bdf56a74627c294a2c5284e48578e0ddc761d
2bff87da7ec6ed59e9bb14fed20a6613ebadb1aaa8757fb1129296dec91a2c8c
2f95e26bfe5ede2b82b553a6cd262c1afc75293526c81474b54a267f7f2ae917
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36367a3a65b65258bf20542465dc51720b4f6d42fad2abf1309531458cdc7790
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3c8362b6382da1f122c7a3135ea699ccafee797ef92f81bba03d649d5074cc31
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
4852a1eb8dc6c4e97fc54fdb1fe8a77336b8182372acc3cfb3fdffe138ca0e03
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
495689f54a5420eb6ab00a1f44c16c2f00f2a0cfe3d8e7cd7bead5f41feb3cd7
495ab245361570d78d65fb2345947fb30427fae08d8614262c524eaf446c0302
49d5b5b19c91e480bcd73ebe19434545fba228099c76513c875bed5c40510a8b
4a430df41eca107e9496f5956eeb02ef22979f5babb0a26a6d6970d1180545f9
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
547f7dc04707d4e8253d66bf7ee54e0a177053a6a9384404ee9186bbe6adf323
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5a98abedca88aecd9d163b493a74d530dc15b47575426a410c35cb83eb7e5572
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e2d56402e8b4fd93e5b9881ad637d3117a140932740e7011c6a26edce06e416
64f96112cbe2bb343fde87bba27229dab111b0df76da51f76df9f8a725442123
68c97115fd44b4d4776b5390b741afc23fc0090d5b506f75e62f9a4572f57068
6990deb17f4e5a20348c96ed3373c5ce9cba4e2d8dbbced498354d2062d2122f
6d5c77ebd1b4874d5dcc3ac72f51e2e2eea4904d235c0f1e2546f5d71368090d
6dff4a68f0a11c3ef2f5286a72889a7a8a910fc0d13c5328416f6c0ccc14cae8
6e151a29c303e101b7676c988418583253990cf8f7cb33a07a54deeb8515cdec
6ea50ece3c3bcd13451796f2adbd4db087883894b63a2122107012de376a6333
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
72097ee775776954b13b92f0181973fbfc0e307c64847dae6e9f131ca0472793
722066f9cb17003e21cd6eef3019ef43e94fd206c9c2af7da73c7208f6a04321
73f354e6ba251629055b6de87bd5dded28a3b545ebae9394b9af3452433f63a4
75bf5c0112a41f871dc47c5e98deef6dc7db8e94178bf0c853f3a09415f6d338
75ef7ba6b935ad400912a4957525d937559e6c2e95b3c5b15ff7ae4248725932
78b9fea3f77e0040c6ceb3753ca5c83b3caa6c7326ca75d6a68cd65435b8904a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c07478bc830f408a737eda2261577b7b083f121e3bbd0c87c81931f42bbc600
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
80701f768ec9cc98df93182ad737038504f7d94e09230d45c75087a4677a0307
80b872bd243d2453db96ec8d8ddc77072c5bf81a0fb9c9db77e893576b1a37c1
8301ba1a29e067a219da06cecefc9d3a7a3a20be17b9000387c0f5e5bd856666
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
88f5ae871964765958a80e769324ea203667945cc5016c00c9d2c311ae5aeadc
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bdd95df25b52344ae6f8f49c9cffe5496caa3ccc05fe2fcdd19bcec3732aa5e
8d3829b4f85647573b7205e46ad97bef7d6912a85b1da3305b2c7e71a11f78f9
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fc646c9ba5a91dded24716aec18659da956f775f3342854241fad3a53340f70
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9285c2de00dcf0c6e171d18b400eadb88294d3dbf50a6437b179c08550f2675a
942b50839b4c887e66f8a0962cb5ec87a757bab5924b1c1431ac80303b26c895
9481bffab8d0c1e52db0f4c992a5626aca0bd573e8e8eb57ce0e489cac7e34c4
953a07fb9975fb419992413363dcf6d10fb42b086b91995020dcabb85910876d
97e5ac067a9ec2a1aab7e9f62cf6c2ed1f82c7773f3b8593634784843b9c6ea2
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
988ce2749844cdf80448f94150a7f2d17a2cebb6da7c1516981a0c485f006216
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a05569a6a6ec13c9bda09ebf2f691f6d5a4f251878c58807472321018428fb33
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55b76783b8e1b2d35cd3ea25c6f6ea47dfcf54c50ee3d9e08c5b0e3ae424d80
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a888a496063a6f8b834f7cfb83253095ea610cfef4e68b6e61bd6a91f42548b4
aa294e61260bfe392b032b339ff7c5867926f4bcb81278dbb92caaa2caa90736
aeeaa224d03631210f771a938695ecadc51a472cfae7fdf1b40c05f8f00fa69d
b13cd1481c05f9481b03e9c98b4a6b761609581eb320bf436ce4c8dadd6673a5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
b8cf531ef85346abed1d97d7526e8033ed4712b6d51bd007e0a75ebbdc69882e
b8d6705192e06a6f75d734d5939a6a56cf7385534311eadd1e7a91fe8e77bed1
b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850
b9a8e582ffaf88140ef253b6fc848ca9b50ad3a5f26f35e16791271bed5af1a4
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bf4d6815d9f8ad1a630b6b7eda625be91c465f9bf287647ee92ef59aa34b4952
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc
c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f
c6706021dec7dc1793eddf1f4c28adc5bf3a70a39a1ee718dce15b0bee6adcf5
c78670d74dd4276ebea41acf32ea50bef3e18c35c9f0f85afc929baa14d5e690
c9064711d6652ff0659841c1966c5d5303e4190ee8b57845c27fe472a1032c90
c9b4f496f3ff524dcfdf0e1d7fb2ce89fd03441ceecfe1782b505860e0866e90
ca013870ae6ffb84721168912033dcb4de4e821c229865d5344f9341457c3bfd
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ccfe6d3a36395fd88e7f2b04a9858a2da640c8b6c8641c6ddedd2dfa6dacfdcb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b71ddb31bc88e8a0927cc2e01cffcc9d768cb62768089258c816a9d072c677
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d95c8cf1ecb4602ff02a6ddbb1407ed985067ab6647db605833054a5308f4fe8
daf1d9e70e6f574d89122364e4832780448e3d728ffb410378ccad2e4ca9bc21
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e20341ca2dfd037a41a93815d81b9e825f665600a9b06c9857a12f1dd8362985
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f286352e1a91a146202da854b97fbdd5ee978813c1e3d71f0b629c2a72d89
e5f54ba71a1412211996877a6050268bce92d05d88093c0b1480364f4feceb08
ee5d738d637e6ae6e5f7683fa41aadc91e1b9ff9e722d474f2192c66dc955925
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9856ad31c6ddbc5b8236026007d9374cd4e54a597325738dd517bc8c904a77
f3c666d75eeb7a517edef5cd6fc4db0c45f5e3e1442c603ae4fa77d93e4ece7a
f6bac7ebed1d8b8d620bf585e034ff23ca1cfe600b40be021d34b280e7bb0b9d
f8e8338893be06cdab0500fd4bae2c44b5e99947a5224b64ad53b7d378bf6654
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb

nalog-plati.ru Open in urlscan Pro 185.84.108.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

86 %HTTPS

26 %IPv6

52 Domains

65 Subdomains

43 IPs

5 Countries

4136 kBTransfer

8083 kBSize

95 Cookies

5 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nalog-plati.ru Open in urlscan Pro
185.84.108.232 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

86 %
HTTPS

26 %
IPv6

52
Domains

65
Subdomains

43
IPs

5
Countries

4136 kB
Transfer

8083 kB
Size

95
Cookies

199 HTTP transactions
2 data transactions