Submitted URL: https://bank-kredit.online/
Effective URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Submission: On March 31 via automatic, source certstream-suspicious

Summary

This website contacted 17 IPs in 5 countries across 19 domains to perform 106 HTTP transactions. The main IP is 185.147.81.27, located in St Petersburg, Russian Federation and belongs to MIRAN-AS Miran DC, RU. The main domain is dozarplati.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 10th 2020. Valid for: 3 months.
This is the only time dozarplati.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 5.181.252.205 44128 (INTERNET-...)
1 1 92.63.103.132 29182 (THEFIRST-AS)
49 185.147.81.27 41722 (MIRAN-AS ...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
14 31.41.158.42 49505 (SELECTEL)
12 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 7 2a02:6b8::1:119 13238 (YANDEX)
6 217.69.133.145 47764 (MAILRU-AS...)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 13.225.87.226 16509 (AMAZON-02)
1 87.240.190.72 47541 (VKONTAKTE...)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
106 17
Domain Requested by
37 dozarplati.com dozarplati.com
14 dozarplaticom001.webim.ru dozarplati.com
dozarplaticom001.webim.ru
12 online-api.dozarplati.com dozarplati.com
11 fonts.gstatic.com dozarplati.com
7 mc.yandex.ru 1 redirects dozarplati.com
mc.yandex.ru
6 top-fwz1.mail.ru dozarplati.com
top-fwz1.mail.ru
4 www.google-analytics.com www.googletagmanager.com
dozarplati.com
3 www.google.com 1 redirects dozarplati.com
www.gstatic.com
2 www.facebook.com dozarplati.com
connect.facebook.net
2 connect.facebook.net dozarplati.com
connect.facebook.net
2 www.youtube.com dozarplati.com
1 www.google.de
1 stats.g.doubleclick.net 1 redirects
1 ad.mail.ru dozarplati.com
1 vk.com dozarplati.com
1 cdn.amplitude.com dozarplati.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com dozarplati.com
1 cdnjs.cloudflare.com dozarplati.com
1 fonts.googleapis.com dozarplati.com
1 gl.guruleads.ru 1 redirects
1 bank-kredit.online 1 redirects
106 22
Subject Issuer Validity Valid
dozarplati.com
Let's Encrypt Authority X3
2020-02-10 -
2020-05-10
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
*.webim.ru
COMODO RSA Domain Validation Secure Server CA
2017-07-12 -
2020-07-14
3 years crt.sh
www.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
online-api.dozarplati.com
Let's Encrypt Authority X3
2020-02-01 -
2020-05-01
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2
2019-01-18 -
2021-01-18
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
cdn.amplitude.com
Amazon
2019-12-16 -
2021-01-16
a year crt.sh
vk.com
Sectigo ECC Extended Validation Secure Server CA
2019-07-11 -
2020-07-09
a year crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh

This page contains 4 frames:

Primary Page: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Frame ID: C060FDB99D3DE34E1C80596C0C8FE6E6
Requests: 103 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9GwM1-BEzoE?controls=0
Frame ID: DC49AC77B0806539FBDC6FA0A39C97FC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9GwM1-BEzoE?controls=0
Frame ID: 77A6A8C876F9DC74E3BC4211024CF9E6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4fnQUAAAAAGTWU9oGksb26ke7Ef5dkl0XlSNV&co=aHR0cHM6Ly9kb3phcnBsYXRpLmNvbTo0NDM.&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=invisible&cb=v7kp66lwz57i
Frame ID: FBA47277BB8B673F9770332625A02BFB
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://bank-kredit.online/ HTTP 302
    https://gl.guruleads.ru/click/16/144?sub1=sms_step5 HTTP 302
    https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i

Overall confidence: 100%
Detected patterns
  • script /cdn\.amplitude\.com/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

106
Requests

100 %
HTTPS

65 %
IPv6

19
Domains

22
Subdomains

17
IPs

5
Countries

2586 kB
Transfer

6811 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bank-kredit.online/ HTTP 302
    https://gl.guruleads.ru/click/16/144?sub1=sms_step5 HTTP 302
    https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://mc.yandex.ru/watch/25885646?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B HTTP 302
  • https://mc.yandex.ru/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Request Chain 103
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&gjid=1030595727&_gid=99733834.1585653529&_u=aHDAgEAB~&z=780808713 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713&slf_rd=1&random=2894204259

106 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dozarplati.com/
Redirect Chain
  • https://bank-kredit.online/
  • https://gl.guruleads.ru/click/16/144?sub1=sms_step5
  • https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
124 KB
44 KB
Document
General
Full URL
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx / Express
Resource Hash
fd8dcf69ef6d8062404de6cb9bc66a1cf2ae026e8da2d911316a6a87eb731ff2

Request headers

Host
dozarplati.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx
Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
ETag
W/"1f105-D27EX2M+rJ1zdoVrawAgwEG+Wro"
Content-Encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Tue, 31 Mar 2020 11:18:47 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.2.21
Location
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Set-Cookie
session-click-144=bd1a294a28ac9837a2d03984575bf5db3d1ba07f2064de64b3f0c126c4aaf9bfa%3A2%3A%7Bi%3A0%3Bs%3A17%3A%22session-click-144%22%3Bi%3A1%3Bs%3A32%3A%228c598c772280c8a1bd9519e287ee5c11%22%3B%7D; expires=Wed, 31-Mar-2021 11:18:47 GMT; Max-Age=31536000; path=/; domain=.guruleads.ru; HttpOnly
css
fonts.googleapis.com/
9 KB
882 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 11:18:48 GMT
server
ESF
date
Tue, 31 Mar 2020 11:18:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 31 Mar 2020 11:18:48 GMT
material-design-iconic-font.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/
83 KB
8 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 31 Mar 2020 11:18:48 GMT
content-encoding
br
cf-cache-status
HIT
age
21612661
content-security-policy-report-only
default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=57c9abf86980c303
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-ray
57c9abf86980c303-FRA
last-modified
Thu, 17 May 2018 09:20:28 GMT
server
cloudflare
etag
W/"5afd495c-14d38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sun, 21 Mar 2021 11:18:48 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
app.css
dozarplati.com/css/
107 KB
30 KB
Stylesheet
General
Full URL
https://dozarplati.com/css/app.css?09f237f3e005390acd5d
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
55226ff33b8e44eeee04d1eacd1ab53be63f0fafc79c7045427268a7519d4191

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-1ab71"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
background_spring-desktop.jpg
dozarplati.com/assets/images/
158 KB
159 KB
Image
General
Full URL
https://dozarplati.com/assets/images/background_spring-desktop.jpg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
b157f282e75a5a555c235477e0b51c7ac3cf5eb66609365fc6ff3aca0c2ad89d

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-278f3"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
162035
Expires
Wed, 31 Mar 2021 11:18:48 GMT
background_spring_mobile.jpg
dozarplati.com/assets/images/
21 KB
21 KB
Image
General
Full URL
https://dozarplati.com/assets/images/background_spring_mobile.jpg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
770a9fd7cc4df25ca578aa864f27fb165548af5f70e9aef70c76f49f71eed1e8

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-52d5"
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21205
Expires
Wed, 31 Mar 2021 11:18:48 GMT
step1.svg
dozarplati.com/components/Landing/Common/Way/images/
2 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Way/images/step1.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
736035843e632f5708eaa86251250c994d2df17c0aacaf9ea6a2ab72ae4ad6a5

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-959"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
step2.svg
dozarplati.com/components/Landing/Common/Way/images/
2 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Way/images/step2.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
3073858b60247f9f49231c45d7a817be8b1b759810d4cd2710273ec7681075b6

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-83c"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
step3.svg
dozarplati.com/components/Landing/Common/Way/images/
5 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Way/images/step3.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
56eca45c8d6dfe94d6142b64c94631cf6d4214eafe3c317bec4a9149276ffccd

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-13d0"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
probably.svg
dozarplati.com/components/Landing/Common/Images/
7 KB
3 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/probably.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
21b69678e0cea6dc5bbe238faa3888c008a02126949d1fe20ecd23676761554d

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-1d20"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
quickly.svg
dozarplati.com/components/Landing/Common/Images/
4 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/quickly.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
a736d21b312721c0a1583ceaf265e359149bf8552ff622366fde88643a1b063f

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-e18"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
honestly.svg
dozarplati.com/components/Landing/Common/Images/
4 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/honestly.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e295e596f52cf21dc169d1a58b53aabab27fd42fa9a90557c6f881b480e28bd4

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-f9c"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
profitably.svg
dozarplati.com/components/Landing/Common/Images/
5 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/profitably.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
a43cf7b222bb24981c7cbdd4fd22296e00f0619251fe8645ebd09895536f5b6b

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-12de"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
safely.svg
dozarplati.com/components/Landing/Common/Images/
2 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/safely.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
8e16c1d13a85955ff7e500504f55329f66d59b16294d010174f05ed818c40b10

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-93a"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
conveniently.svg
dozarplati.com/components/Landing/Common/Images/
1 KB
966 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/conveniently.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
667dd076e34029642ae626f8009fe36ed95ad3aca6e45233a18177e06f83a0c3

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-4e1"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
frugally.svg
dozarplati.com/components/Landing/Common/Images/
5 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Images/frugally.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
c4eab5e8f0d05dc9c04621dad2760b56d3c489b10405bd05e4847ef9aaf13ac1

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-14a6"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
mobile.png
dozarplati.com/components/Landing/Common/Mobile/images/
12 KB
12 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Mobile/images/mobile.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
aa54606e462728508494f78c3eb5f109da689dccd067e7383f7fbf31485e62a1

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-30b1"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12465
Expires
Wed, 31 Mar 2021 11:18:48 GMT
map.png
dozarplati.com/components/Landing/Common/Offices/images/
86 KB
86 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Offices/images/map.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
09689d4eff4790f8909727b41e8e7d6a711ff5533d73dbe0c346e7b4070e4ced

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-15626"
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87590
Expires
Wed, 31 Mar 2021 11:18:48 GMT
somir.svg
dozarplati.com/components/Landing/Common/Partners/images/
13 KB
6 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/somir.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
6a281e093a3f107cc6e133496d626ec7441746aa98745c2e21e159d556d937de

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-3501"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
nbki.svg
dozarplati.com/components/Landing/Common/Partners/images/
9 KB
4 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/nbki.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
a921c04f1f56ee403d274c7eab9d11b5b31882da39738ea4a24e231f3c190412

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-25f7"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
sberbank.svg
dozarplati.com/components/Landing/Common/Partners/images/
8 KB
3 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/sberbank.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
d7750ae972fc0b3a1f83374fff2ec6e823f5e6aac7a473bad1aaccd3132e2621

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-1f35"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
tinkoffBank.svg
dozarplati.com/components/Landing/Common/Partners/images/
53 KB
26 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/tinkoffBank.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
c87e8fa19a6675f81a164704e2f679216b3f0ba8bb7ef0fad33a5b5784b3ebf5

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-d50b"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
cb.svg
dozarplati.com/components/Landing/Common/Partners/images/
312 KB
127 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/cb.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e4a833702133c14425a33efecc80d68cf2f55c546948192536ad2d4dd14b3012

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-4e112"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
zolotaya-korona.svg
dozarplati.com/components/Landing/Common/Partners/images/
8 KB
4 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/zolotaya-korona.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
3c4f78366096e2dbdaa06ba037376cdc78a6ebadfd2771c912d95e7799a02172

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-20fc"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
visa.svg
dozarplati.com/components/Landing/Common/Partners/images/
1 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/visa.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
a72ef2a7f4efbf38341b56028d27886ca51fb624fd86ab1070316b1464f5eaf2

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-4b7"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
mastercard.svg
dozarplati.com/components/Landing/Common/Partners/images/
4 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/mastercard.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
dfeb1f9955a62f9605a82c85b280940c75273f45f74e3e6469bbe811c5c4038d

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-10a4"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
mironline.svg
dozarplati.com/components/Landing/Common/Partners/images/
1 KB
941 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/mironline.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
1bb16c325aaf91773a94b0ef374358a6e2c1b1f5acc6a8102bc64c569145bc2b

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-419"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
equifax.svg
dozarplati.com/components/Landing/Common/Partners/images/
1 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/equifax.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
4145f8e052025bccd09475630fd40b002bc6c66653b7a588bc479bbb16947859

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-5cd"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
yandexmoney.svg
dozarplati.com/components/Landing/Common/Partners/images/
3 KB
2 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Partners/images/yandexmoney.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
eaedceb75ef358c13deda689a2e45aa8408a32e24773bf2acc058558cb02613e

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-a10"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
9GwM1-BEzoE
www.youtube.com/embed/ Frame DC49
0
0
Document
General
Full URL
https://www.youtube.com/embed/9GwM1-BEzoE?controls=0
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/9GwM1-BEzoE?controls=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11

Response headers

status
200
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
cache-control
no-cache
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options
nosniff
expires
Tue, 27 Apr 1971 19:44:06 GMT
content-encoding
br
date
Tue, 31 Mar 2020 11:18:48 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=6yNJKtXXrOs; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 11:18:48 GMT; httponly; samesite=None YSC=yuVq42Wz-EU; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Tue, 31-Mar-2020 11:48:48 GMT VISITOR_INFO1_LIVE=6yNJKtXXrOs; path=/; domain=.youtube.com; secure; expires=Sun, 27-Sep-2020 11:18:48 GMT; httponly; samesite=None
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
facebook.svg
dozarplati.com/components/Landing/Common/Footer/Social/images/
415 B
723 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Footer/Social/images/facebook.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
531bb43124cda1d936ea33c8cb361a2d0c8df3f9ddc5af83c1ae78db8e649085

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-19f"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
415
Expires
Wed, 31 Mar 2021 11:18:48 GMT
vk.svg
dozarplati.com/components/Landing/Common/Footer/Social/images/
1 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Footer/Social/images/vk.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
59bdb2855114e376c82354283e0460efdbd39323ee9a910ddf42209147903d19

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-4da"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
ok.svg
dozarplati.com/components/Landing/Common/Footer/Social/images/
1 KB
1 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Footer/Social/images/ok.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
b8404b427f652ef2a65b2f6560eaaee24421aebec85a30e4d82b615612e39b05

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-4f4"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
vendor.js
dozarplati.com/js/
1 MB
442 KB
Script
General
Full URL
https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
41e0b42658e08c041d8dce7de054d8fa55ac5ebbe50a5c10dc8757787f5edd82

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-15132e"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
app.js
dozarplati.com/js/
964 KB
262 KB
Script
General
Full URL
https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
154ec70b28b048b7f7f0492f50110e6e4574fbdc54e919f9677acf1d2749560f

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-f1126"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:48 GMT
button.php
dozarplaticom001.webim.ru/
43 B
303 B
Image
General
Full URL
https://dozarplaticom001.webim.ru/button.php
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:48 GMT
Server
nginx
Etag
"2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
X-Time
0.000
Content-Length
43
X-Webim-Version
10.0.66
KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fABc4AMP6lbBP.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 01:22:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
6342992
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6864
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:22:16 GMT
KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 19:07:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:40 GMT
server
sffe
age
5847062
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6720
x-xss-protection
0
expires
Fri, 22 Jan 2021 19:07:46 GMT
KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfABc4AMP6lbBP.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:12:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:10 GMT
server
sffe
age
5879204
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6824
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:12:04 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
5846897
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 22 Jan 2021 19:10:31 GMT
KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fABc4AMP6lbBP.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 22 Jan 2020 05:44:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:34 GMT
server
sffe
age
5981669
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
6720
x-xss-protection
0
expires
Thu, 21 Jan 2021 05:44:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 28 Mar 2020 09:35:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
265388
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Sun, 28 Mar 2021 09:35:40 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 01:07:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
6343858
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:07:50 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
5879193
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11180
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:12:15 GMT
KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 01:24:21 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
6342867
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:24:21 GMT
api.js
www.google.com/recaptcha/
708 B
671 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Le4fnQUAAAAAGTWU9oGksb26ke7Ef5dkl0XlSNV
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e5a25612839ea09bf45a4e4152b2f8ece79d5886bc34eee4f2f3e9d85a0027fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 11:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
477
x-xss-protection
1; mode=block
expires
Tue, 31 Mar 2020 11:18:49 GMT
9GwM1-BEzoE
www.youtube.com/embed/ Frame 77A6
0
0
Document
General
Full URL
https://www.youtube.com/embed/9GwM1-BEzoE?controls=0
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/9GwM1-BEzoE?controls=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
VISITOR_INFO1_LIVE=6yNJKtXXrOs; YSC=yuVq42Wz-EU; GPS=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11

Response headers

status
200
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
cache-control
no-cache
x-content-type-options
nosniff
content-encoding
br
expires
Tue, 27 Apr 1971 19:44:06 GMT
date
Tue, 31 Mar 2020 11:18:49 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
arrow.svg
dozarplati.com/components/Landing/Common/Way/images/
488 B
796 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Way/images/arrow.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
c7ab5d64049f25d9052fe66098a11ad29dda06844ba6fbc5c5653d474c313346

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-1e8"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488
Expires
Wed, 31 Mar 2021 11:18:49 GMT
googleFull.svg
dozarplati.com/components/Landing/Common/Mobile/images/
4 KB
3 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Mobile/images/googleFull.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
348483665c16ab1050f24305c3fef35158d0b3e800c666b297dd1fdcd7e58697

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-1170"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:49 GMT
appleFull.svg
dozarplati.com/components/Landing/Common/Mobile/images/
6 KB
3 KB
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Mobile/images/appleFull.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
23cec28ea31a7aff91385ea6b8c1d8eccef5d69336012598da423ccf166cf010

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
W/"5e822ae7-1796"
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Wed, 31 Mar 2021 11:18:49 GMT
google.svg
dozarplati.com/components/Landing/Common/Mobile/images/
584 B
892 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Mobile/images/google.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
10ea920a904884a5d4e1d074da9f30cae01a28b27da076d301852217beddaf8c

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-248"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
584
Expires
Wed, 31 Mar 2021 11:18:49 GMT
apple.svg
dozarplati.com/components/Landing/Common/Mobile/images/
688 B
996 B
Image
General
Full URL
https://dozarplati.com/components/Landing/Common/Mobile/images/apple.svg
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/vendor.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
74cbe1550dd7cd14b488868e83a38a18bf18f6c7702d394f62e19ee0af0e91cd

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Mon, 30 Mar 2020 17:22:47 GMT
Server
nginx
ETag
"5e822ae7-2b0"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
688
Expires
Wed, 31 Mar 2021 11:18:49 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:14:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
5303050
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8024
x-xss-protection
0
expires
Fri, 29 Jan 2021 02:14:39 GMT
KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfChc4AMP6lbBP.woff2
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,300,700
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 01:13:43 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
6343506
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
0
expires
Sun, 17 Jan 2021 01:13:43 GMT
rpc
online-api.dozarplati.com/
0
387 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization,content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
authorization,content-type,x-device-id
rpc
online-api.dozarplati.com/
0
373 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
content-type,x-device-id
rpc
online-api.dozarplati.com/
0
373 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
content-type,x-device-id
rpc
online-api.dozarplati.com/
0
387 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization,content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
authorization,content-type,x-device-id
rpc
online-api.dozarplati.com/
0
387 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization,content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
authorization,content-type,x-device-id
rpc
online-api.dozarplati.com/
0
387 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/js/app.js?09f237f3e005390acd5d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://dozarplati.com
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization,content-type,x-device-id

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Server
nginx
Allow
POST,POST
Access-Control-Allow-Methods
POST,POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Max-Age
15
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
authorization,content-type,x-device-id
gtm.js
www.googletagmanager.com/
134 KB
31 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W7CC626
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3df9722ee6f5ed952bb63c189a8efe13fd692f3cecf000800c84b3785ec06ec7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 31 Mar 2020 11:18:49 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
31401
x-xss-protection
0
last-modified
Tue, 31 Mar 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Mar 2020 11:18:49 GMT
button.js
dozarplaticom001.webim.ru/js/
812 KB
203 KB
Script
General
Full URL
https://dozarplaticom001.webim.ru/js/button.js
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
cb90d1a474daeefe70fd050722fce09119d156a047726b3bb642123759d1e619

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
recaptcha__en.js
www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/
259 KB
93 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le4fnQUAAAAAGTWU9oGksb26ke7Ef5dkl0XlSNV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 30 Mar 2020 16:39:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 30 Mar 2020 04:05:21 GMT
server
sffe
age
67134
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
94752
x-xss-protection
0
expires
Tue, 30 Mar 2021 16:39:55 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7CC626
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2414
date
Tue, 31 Mar 2020 10:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 31 Mar 2020 12:38:35 GMT
tag.js
mc.yandex.ru/metrika/
363 KB
92 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ea77330dcedcb5369ed0b2c02b75c4d12aba0e6c39036038d23aa3ac9a4d62ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
br
Last-Modified
Tue, 31 Mar 2020 08:20:27 GMT
Server
nginx/1.14.2
ETag
"5e82fd4b-16fbf"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
94143
Expires
Tue, 31 Mar 2020 12:18:49 GMT
code.js
top-fwz1.mail.ru/js/
16 KB
7 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Keep-Alive
timeout=60
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Mon, 10 Feb 2020 15:35:40 GMT
Server
nginx
ETag
W/"5e41784c-4083"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=7200, private
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
*
Access-Control-Allow-Headers
*
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
rPGe8CUm/gZXgKyKj4JIjBCx/0twEODxFb5zWhiIpu1WL7/GXe0OY4JVoO8GwqF3ujLgc52ulbb69Tz6zB9lPQ==
x-fb-trip-id
1850256238
date
Tue, 31 Mar 2020 11:18:49 GMT, Tue, 31 Mar 2020 11:18:49 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
amplitude-5.7.0-min.gz.js
cdn.amplitude.com/libs/
55 KB
18 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-5.7.0-min.gz.js
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.87.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-226.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b20baf07c0a88c877dcf50bbf0335239f9be3b6656c51e11ad7908f5bf759f4

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 29 Mar 2020 10:13:33 GMT
content-encoding
gzip
age
176717
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
18254
via
1.1 df26103dc140569d7032449c70c3b141.cloudfront.net (CloudFront)
last-modified
Sat, 23 Nov 2019 00:22:01 GMT
server
AmazonS3
etag
"ab2256a7d614fcad270a6d87b23f7654"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
x-amz-version-id
c4kQk_MKmVGq_Jz8DfgcZ5FaPeT4TmI1
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
wFdtYdwu3l4VJiC-04PvEyW0mZfv4XJ-7_WvFG2KgEjTHCkAR1NBPw==
rtrg
vk.com/
49 B
329 B
Image
General
Full URL
https://vk.com/rtrg?r=Q55MvvmP6WhhB*x/P7AJs/q9gwRka2RoAjH4uImVB0DrPKUc9PZbqFOpMkyHrLDJFGglJcwOp2mh0ssKdKz4ZBRBPuSnJEkXOc0HS0ioMSzO7RhrhBtUky7cN/3/jad1gg4bYgAb4Wb7QUTz3lgCLBF1DiSjrqcEscCjMgvGiC0-&pixel_id=1000079059
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv72-190-240-87.vk.com
Software
VK / PHP/3.23769
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 31 Mar 2020 11:18:49 GMT
content-encoding
gzip
x-frontend
front212405
server
VK
x-powered-by
PHP/3.23769
strict-transport-security
max-age=15768000
content-type
image/gif
status
200
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=911259142&t=pageview&_s=1&dl=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&ul=en-us&de=UTF-8&dt=%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1823601078&gjid=634479870&cid=815227927.1585653529&tid=UA-91457660-11&_gid=99733834.1585653529&_r=1&gtm=2wg3i0W7CC626&z=730301994
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 31 Mar 2020 11:18:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
659763197849590
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/659763197849590?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a83af84ac9fa6c75d8dc44f7619f8d0e7d6ae7e7e949f5a00107829bb965551b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
114963
x-xss-protection
0
pragma
public
x-fb-debug
mL3dQlx6PLoDrdQbTa7EXt319H0YhSohLrPScqCgpAT9EM4pkhW47XqS5MXLnedI8jAoa0BFrhLOxWMLFbdwpA==
x-fb-trip-id
1850256238
date
Tue, 31 Mar 2020 11:18:49 GMT, Tue, 31 Mar 2020 11:18:49 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame FBA4
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le4fnQUAAAAAGTWU9oGksb26ke7Ef5dkl0XlSNV&co=aHR0cHM6Ly9kb3phcnBsYXRpLmNvbTo0NDM.&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=invisible&cb=v7kp66lwz57i
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/OOKISvkNnVD_m_9dreR_1S0n/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mQMEUpfvC2Gk7l/XX/PcvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le4fnQUAAAAAGTWU9oGksb26ke7Ef5dkl0XlSNV&co=aHR0cHM6Ly9kb3phcnBsYXRpLmNvbTo0NDM.&hl=en&v=OOKISvkNnVD_m_9dreR_1S0n&size=invisible&cb=v7kp66lwz57i
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 31 Mar 2020 11:18:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-mQMEUpfvC2Gk7l/XX/PcvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10289
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
/
www.facebook.com/tr/
44 B
248 B
Image
General
Full URL
https://www.facebook.com/tr/?id=659763197849590&ev=PageView&dl=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&rl=&if=false&ts=1585653529259&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1585653529258.1456564482&it=1585653529202&coo=false&rqm=GET
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 31 Mar 2020 11:18:49 GMT, Tue, 31 Mar 2020 11:18:49 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Tue, 31 Mar 2020 11:18:49 GMT
all-settings-default.js
dozarplaticom001.webim.ru/x/js/v/
9 KB
3 KB
Script
General
Full URL
https://dozarplaticom001.webim.ru/x/js/v/all-settings-default.js?10.0.66
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
56fa03002cb9451635050ee8b7ddd3efc47cd4da45fb73cae5d18ca1b8bfbd73
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Mar 2020 01:47:48 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ETag
W/"5e82a144-2282"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-Time
0.000
counter
top-fwz1.mail.ru/
43 B
1 KB
Other
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2924729;u=https%3A//dozarplati.com/%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11;st=1585653529087;title=%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=6ea08d94168d1369;ver=60.1.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1585653529420%3A1585653529422%3A1%3A8e3ed04a6198da1a1aef9c66e65b2ce7;opts=dl;_=0.17558559428810794
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://dozarplati.com
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://dozarplati.com
Access-Control-Allow-Headers
*
counter
top-fwz1.mail.ru/
43 B
1 KB
Other
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3141446;u=https%3A//dozarplati.com/%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11;st=1585653529087;pid=USER_ID;title=%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=6ea08d94168d1369;ver=60.1.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1585653529420%3A1585653529423%3A2%3A8e3ed04a6198da1a1aef9c66e65b2ce7;opts=sec%2Cdl;_=0.9317699347037145
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://dozarplati.com
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://dozarplati.com
Access-Control-Allow-Headers
*
tracker
top-fwz1.mail.ru/
43 B
1 KB
Other
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2924729;u=https%3A//dozarplati.com/%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11;st=1585653529087;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=6ea08d94168d1369;ver=60.1.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1585653529420%3A1585653529424%3A3%3A8e3ed04a6198da1a1aef9c66e65b2ce7;opts=dl;_=0.9293948656782636;e=IV%3AVALUE/VALUE%3BVALUE%3BVALUE
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://dozarplati.com
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://dozarplati.com
Access-Control-Allow-Headers
*
/
ad.mail.ru/retarget/
43 B
384 B
Image
General
Full URL
https://ad.mail.ru/retarget/?counter=2924729&list=VALUE&productid=VALUE&pagetype=VALUE&totalvalue=VALUE&_=0.21851443757574107
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
ui-resources.php
dozarplaticom001.webim.ru/v/
522 KB
47 KB
Script
General
Full URL
https://dozarplaticom001.webim.ru/v/ui-resources.php?location=default&mode=desktop&lang=ru&783ad71b&callback=getWebimUIResourcesCallback
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f047b0dd1ccbac81a2fa8b300499fb3be560681957481737de4f26d3de8d122

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Mar 2020 12:29:14 GMT
Server
nginx
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
application/x-javascript; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
1
mc.yandex.ru/watch/25885646/
Redirect Chain
  • https://mc.yandex.ru/watch/25885646?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&char...
  • https://mc.yandex.ru/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&ch...
0
-1 B
XHR
General
Full URL
https://mc.yandex.ru/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Tue, 31-Mar-2020 11:18:49 GMT
Server
nginx/1.14.2
Location
/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 31-Mar-2020 11:18:49 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Tue, 31-Mar-2020 11:18:49 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://dozarplati.com
Strict-Transport-Security
max-age=31536000
Location
/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 31-Mar-2020 11:18:49 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Fri, 17 Jan 2020 08:05:01 GMT
Server
nginx/1.14.2
ETag
"5e216aad-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 31 Mar 2020 12:18:49 GMT
rpc
online-api.dozarplati.com/
105 B
375 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
13f0a8c0158932ca16dd17027223aa0fbfba67552a8ce9847aeb1570affab640

Request headers

Origin
https://dozarplati.com
authorization
Content-type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
rpc
online-api.dozarplati.com/
73 B
367 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
2abffe67ddede259b47f5a38853214fc7ac6408a7acac5318f66a017f2a393d3

Request headers

Origin
https://dozarplati.com
authorization
Content-type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
get-online-status
dozarplaticom001.webim.ru/l/v/
136 B
465 B
Script
General
Full URL
https://dozarplaticom001.webim.ru/l/v/get-online-status?callback=webimRequestCallback72003569157595910
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
ecc935b6f17cd4e1bc32a4b95201e805daf8507b4de9f119ce8dd474f476d9fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Content-Encoding
gzip
Server
nginx
X-Frame-Options
SAMEORIGIN
Etag
W/"864f774fff5181040274d01fa56961ce87b769dd"
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Time
0.001
X-Webim-Version
10.0.66
throbber.gif
dozarplaticom001.webim.ru/v/images/
9 KB
9 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru/v/images/throbber.gif
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
b9c65237ee36e6f434ed5fbcfe95f7100b50e12ab448b887fbcca368bb6137e1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-2253"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Time
0.000
Content-Length
8787
ui-icons_222222_256x240.png
dozarplaticom001.webim.ru/v/images/
4 KB
5 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru/v/images/ui-icons_222222_256x240.png
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
57adb0d65f4e91dacfee975d9574422bee7486c8a182d60133728c672f2cdbbc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-1111"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
X-Time
0.000
Content-Length
4369
logo_webim.svg
dozarplaticom001.webim.ru/v/images/
4 KB
5 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru/v/images/logo_webim.svg
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
205e6b3777dc55ca4da8d725aaa964aac9d52d2e86f600c2f63c1dd5832878f1

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-10c1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
4289
Ubuntu-Bold.ttf
dozarplaticom001.webim.ru/v/fonts/
238 KB
239 KB
Font
General
Full URL
https://dozarplaticom001.webim.ru/v/fonts/Ubuntu-Bold.ttf
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
7e69b4f16e10da8a7248010ab10646fd2c6e51c736d8d8a706c6eba3d8960ccd

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-3b810"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
243728
Ubuntu.ttf
dozarplaticom001.webim.ru/v/fonts/
267 KB
267 KB
Font
General
Full URL
https://dozarplaticom001.webim.ru/v/fonts/Ubuntu.ttf
Requested by
Host: dozarplaticom001.webim.ru
URL: https://dozarplaticom001.webim.ru/js/button.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
12c988d5bae1fed3fd16f3d80d9912f7c86f553111625ed60e95f224f0d0ebf7

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-42b50"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
273232
cursor.png
dozarplaticom001.webim.ru/webim/images/
591 B
866 B
Image
General
Full URL
https://dozarplaticom001.webim.ru/webim/images/cursor.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
a1fb1b429d644ad011e6bd98701d1951138d3f973bda19ce3411e1c1d65ef35e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-24f"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
X-Time
0.000
Content-Length
591
dozarplaticom001_site_logo.png
dozarplaticom001.webim.ru//images/logo/
4 KB
4 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru//images/logo/dozarplaticom001_site_logo.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
9232432b1f2e0ff5c27fb58bd5e60e8e934fb79876132de0a733967131aea6c3

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Sat, 28 Mar 2020 12:29:14 GMT
Server
nginx
Connection
keep-alive
Content-Length
3931
X-Cache
HIT
Content-Type
image/png
upload.png
dozarplaticom001.webim.ru/v/images/
5 KB
6 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru/v/images/upload.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
455f8ff96a7775e51c6766e041b6d94f324729236e4f11cee602d5374d4c70e6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-15e7"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
X-Time
0.000
Content-Length
5607
default-department-logo.png
dozarplaticom001.webim.ru/v/images/
15 KB
15 KB
Image
General
Full URL
https://dozarplaticom001.webim.ru/v/images/default-department-logo.png
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.41.158.42 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
a5b367cc08f01ae61da2109c04047ee7e218df860be597c35d4ca7e064fea63a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Wed, 25 Mar 2020 21:22:24 GMT
Server
nginx
ETag
"5e7bcb90-3c77"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
X-Time
0.000
Content-Length
15479
rpc
online-api.dozarplati.com/
122 B
398 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
c44d2d49cf0353e4e3d688b55f21997580edc6ea2e7232606840d9bc42672b3a

Request headers

Accept
application/json
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
rpc
online-api.dozarplati.com/
2 KB
890 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
2650247a40abb31064dde8bcfb91eb0de601e43fef0fb75b123bb9e3c652c13f

Request headers

Accept
application/json
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
1
mc.yandex.ru/watch/25885646/
187 B
737 B
XHR
General
Full URL
https://mc.yandex.ru/watch/25885646/1?wmode=7&page-url=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653529%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A282672912%3Ahid%3A115080545%3Ads%3A197%2C111%2C120%2C40%2C673%2C0%2C0%2C704%2C0%2C%2C%2C%2C1808%3Afp%3A1241%3Awn%3A2319%3Ahl%3A2%3Agdpr%3A14%3Av%3A1837%3Awv%3A2%3Ast%3A1585653529%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
916bf2300ad9c17d81d7d4f826e3eab82c4c2a9fef816256d667a883571af8b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 11:18:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 31-Mar-2020 11:18:49 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
187
X-XSS-Protection
1; mode=block
Expires
Tue, 31-Mar-2020 11:18:49 GMT
rpc
online-api.dozarplati.com/
38 B
335 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
dad832c5c102bf93b58997ca605c3f6c2e7a3d6a8c68f7c6557e9b24454b8e75

Request headers

Origin
https://dozarplati.com
authorization
Content-type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
rpc
online-api.dozarplati.com/
73 B
368 B
Fetch
General
Full URL
https://online-api.dozarplati.com/rpc
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.81.27 St Petersburg, Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS
vl2538.miran.ru
Software
nginx /
Resource Hash
f12d858000fa7053450378ccd99f037e6a401261376dbc259d914a0388e4bb6d

Request headers

Origin
https://dozarplati.com
authorization
Content-type
application/json
Accept
application/json
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Sec-Fetch-Dest
empty
X-DEVICE-ID
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
no-cache, private
Connection
keep-alive
collect
www.google-analytics.com/
35 B
100 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=911259142&t=event&ni=1&_s=2&dl=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&ul=en-us&de=UTF-8&dt=%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=webim&ea=offline-button&_u=aHBAAEAB~&jid=&gjid=&cid=815227927.1585653529&tid=UA-91457660-11&_gid=99733834.1585653529&gtm=2wg3i0W7CC626&z=391432271
Requested by
Host: dozarplati.com
URL: https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:19:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2498389
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
47 B
Other
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAAoLOsI1nClLvArB

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://dozarplati.com
date
Tue, 31 Mar 2020 11:18:49 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-27=":443"; ma=3600
content-length
0
1
mc.yandex.ru/watch/25885646/
43 B
537 B
Other
General
Full URL
https://mc.yandex.ru/watch/25885646/1?page-ref=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&page-url=goal%3A%2F%2Fdozarplati.com%2FWEBIM_offline-button&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131849%3Aet%3A1585653530%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Arn%3A617022502%3Ahid%3A115080545%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Afu%3A3%3Av%3A1837%3Awv%3A2%3Ast%3A1585653530%3Au%3A1585653529862276381%3App%3A3629563401%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 11:18:49 GMT
Last-Modified
Tue, 31-Mar-2020 11:18:49 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 31-Mar-2020 11:18:49 GMT
tracker
top-fwz1.mail.ru/
43 B
1 KB
Other
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2924729;u=https%3A//dozarplati.com/%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11;st=1585653529087;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=6ea08d94168d1369;ver=60.1.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1585653527279/////673/674/871/871/982/884/982/1102/1142/1104/1808/1808/1808/2758/2758/;ni=10//4g/0/0/;lvid=1585653529420%3A1585653530053%3A4%3A8e3ed04a6198da1a1aef9c66e65b2ce7;opts=dl;_=0.2122041278754072;e=RT/load;et=1585653530037
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://dozarplati.com
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://dozarplati.com
Access-Control-Allow-Headers
*
tracker
top-fwz1.mail.ru/
43 B
1 KB
Other
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3141446;u=https%3A//dozarplati.com/%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11;st=1585653529087;pid=USER_ID;s=1600*1200;vp=1585*1200;touch=0;hds=1;flash=;sid=6ea08d94168d1369;ver=60.1.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1585653527279/////673/674/871/871/982/884/982/1102/1142/1104/1808/1808/1808/2758/2758/;ni=10//4g/0/0/;lvid=1585653529420%3A1585653530054%3A5%3A8e3ed04a6198da1a1aef9c66e65b2ce7;opts=sec%2Cdl;_=0.8560110919293797;e=RT/load;et=1585653530037
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 31 Mar 2020 11:18:50 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Keep-Alive
timeout=60
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://dozarplati.com
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory
Timing-Allow-Origin
https://dozarplati.com
Access-Control-Allow-Headers
*
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=911259142&t=pageview&_s=1&dl=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&ul=en-us&de=UTF-8&dt=%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aHDAgEAB~&jid=393258947&gjid=1030595727&cid=815227927.1585653529&tid=UA-91457660-1&_gid=99733834.1585653529&gtm=2wg3i0W7CC626&z=1474273184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 13:19:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2498390
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&gjid=1030595727&_gid=99733834.1585653529&_u=aHDAgEAB~&z=780808713
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713&slf_rd=1&random=2894204259
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713&slf_rd=1&random=2894204259
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Mar 2020 11:18:50 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Mar 2020 11:18:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91457660-1&cid=815227927.1585653529&jid=393258947&_v=j81&z=780808713&slf_rd=1&random=2894204259
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/25885646/
43 B
537 B
Other
General
Full URL
https://mc.yandex.ru/watch/25885646/1?page-ref=https%3A%2F%2Fdozarplati.com%2F%3Futm_source%3Dgl_leads%26utm_medium%3Dcpa%26utm_campaign%3D16%26clickid%3D8c598c772280c8a1bd9519e287ee5c11&page-url=goal%3A%2F%2Fdozarplati.com%2Fno_smile&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1585653527279%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20200331131850%3Aet%3A1585653530%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Arn%3A782448896%3Ahid%3A115080545%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2758%2C2758%2C18%2C%3Agdpr%3A14%3Afu%3A3%3Aeu%3A1%3Av%3A1837%3Awv%3A2%3Ast%3A1585653530%3Au%3A1585653529862276381%3At%3A%D0%A1%D1%80%D0%BE%D1%87%D0%BD%D1%8B%D0%B5%20%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BD%D0%B0%20%D0%BA%D0%B0%D1%80%D1%82%D1%83%20-%200%25%20%D0%B4%D0%BB%D1%8F%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%BA%D0%BB%D0%B8%D0%B5%D0%BD%D1%82%D0%BE%D0%B2%20-%20%D0%9C%D0%B8%D0%BA%D1%80%D0%BE%D0%B7%D0%B0%D0%B9%D0%BC%D1%8B%20%D0%94%D0%BE%20%D0%97%D0%B0%D1%80%D0%BF%D0%BB%D0%B0%D1%82%D1%8B
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dozarplati.com/?utm_source=gl_leads&utm_medium=cpa&utm_campaign=16&clickid=8c598c772280c8a1bd9519e287ee5c11
Origin
https://dozarplati.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 31 Mar 2020 11:18:50 GMT
Last-Modified
Tue, 31-Mar-2020 11:18:50 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
https://dozarplati.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 31-Mar-2020 11:18:50 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| __mobxInstanceCount object| __mobxGlobals number| 2f1acc6c3a606b082e5eef5e54414ffb object| dataLayer object| webim object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| google_tag_manager string| GoogleAnalyticsObject function| ga function| ym object| _tmr function| fbq function| _fbq object| amplitude object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_449910 undefined| $ undefined| jQuery function| webimJQuery undefined| _ boolean| webimInitialized object| jQuery11240164695848267725 function| webimStartChatSimple object| getWebimUIResourcesCallback object| Ya object| yaCounter25885646 object| webimRequestCallback72003569157595910

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
bank-kredit.online
cdn.amplitude.com
cdnjs.cloudflare.com
connect.facebook.net
dozarplati.com
dozarplaticom001.webim.ru
fonts.googleapis.com
fonts.gstatic.com
gl.guruleads.ru
mc.yandex.ru
online-api.dozarplati.com
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
13.225.87.226
185.147.81.27
217.69.133.145
2606:4700::6811:4004
2a00:1148:db00::17
2a00:1450:4001:800::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c08::9a
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
31.41.158.42
5.181.252.205
87.240.190.72
92.63.103.132
0921a7dc8054b08e4b5dd8e6ca764c72370ef59b7a7bb80be61efdc320d077a8
09689d4eff4790f8909727b41e8e7d6a711ff5533d73dbe0c346e7b4070e4ced
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ea920a904884a5d4e1d074da9f30cae01a28b27da076d301852217beddaf8c
12c988d5bae1fed3fd16f3d80d9912f7c86f553111625ed60e95f224f0d0ebf7
13f0a8c0158932ca16dd17027223aa0fbfba67552a8ce9847aeb1570affab640
154ec70b28b048b7f7f0492f50110e6e4574fbdc54e919f9677acf1d2749560f
1bb16c325aaf91773a94b0ef374358a6e2c1b1f5acc6a8102bc64c569145bc2b
205e6b3777dc55ca4da8d725aaa964aac9d52d2e86f600c2f63c1dd5832878f1
21b69678e0cea6dc5bbe238faa3888c008a02126949d1fe20ecd23676761554d
23cec28ea31a7aff91385ea6b8c1d8eccef5d69336012598da423ccf166cf010
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2650247a40abb31064dde8bcfb91eb0de601e43fef0fb75b123bb9e3c652c13f
2abffe67ddede259b47f5a38853214fc7ac6408a7acac5318f66a017f2a393d3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3073858b60247f9f49231c45d7a817be8b1b759810d4cd2710273ec7681075b6
348483665c16ab1050f24305c3fef35158d0b3e800c666b297dd1fdcd7e58697
3c4f78366096e2dbdaa06ba037376cdc78a6ebadfd2771c912d95e7799a02172
3df9722ee6f5ed952bb63c189a8efe13fd692f3cecf000800c84b3785ec06ec7
4145f8e052025bccd09475630fd40b002bc6c66653b7a588bc479bbb16947859
41e0b42658e08c041d8dce7de054d8fa55ac5ebbe50a5c10dc8757787f5edd82
4512a0f507a7df3a354a3f552a4b34e2e642ce0e4902c002dfd1ce55e33abce4
455f8ff96a7775e51c6766e041b6d94f324729236e4f11cee602d5374d4c70e6
531bb43124cda1d936ea33c8cb361a2d0c8df3f9ddc5af83c1ae78db8e649085
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55226ff33b8e44eeee04d1eacd1ab53be63f0fafc79c7045427268a7519d4191
56eca45c8d6dfe94d6142b64c94631cf6d4214eafe3c317bec4a9149276ffccd
56fa03002cb9451635050ee8b7ddd3efc47cd4da45fb73cae5d18ca1b8bfbd73
57adb0d65f4e91dacfee975d9574422bee7486c8a182d60133728c672f2cdbbc
59bdb2855114e376c82354283e0460efdbd39323ee9a910ddf42209147903d19
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
667dd076e34029642ae626f8009fe36ed95ad3aca6e45233a18177e06f83a0c3
6a281e093a3f107cc6e133496d626ec7441746aa98745c2e21e159d556d937de
6f1dc81498da5df5cc4a4b2730c86480122e1b4a6808621b7d941aaa6e29d824
736035843e632f5708eaa86251250c994d2df17c0aacaf9ea6a2ab72ae4ad6a5
74cbe1550dd7cd14b488868e83a38a18bf18f6c7702d394f62e19ee0af0e91cd
770a9fd7cc4df25ca578aa864f27fb165548af5f70e9aef70c76f49f71eed1e8
7e69b4f16e10da8a7248010ab10646fd2c6e51c736d8d8a706c6eba3d8960ccd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8750509f5a4895bc45c5d3cbc3e3892a09d34e3463fcacdde920882eed78be8b
8b20baf07c0a88c877dcf50bbf0335239f9be3b6656c51e11ad7908f5bf759f4
8e16c1d13a85955ff7e500504f55329f66d59b16294d010174f05ed818c40b10
8f047b0dd1ccbac81a2fa8b300499fb3be560681957481737de4f26d3de8d122
916bf2300ad9c17d81d7d4f826e3eab82c4c2a9fef816256d667a883571af8b5
9232432b1f2e0ff5c27fb58bd5e60e8e934fb79876132de0a733967131aea6c3
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
a1fb1b429d644ad011e6bd98701d1951138d3f973bda19ce3411e1c1d65ef35e
a43cf7b222bb24981c7cbdd4fd22296e00f0619251fe8645ebd09895536f5b6b
a5b367cc08f01ae61da2109c04047ee7e218df860be597c35d4ca7e064fea63a
a72ef2a7f4efbf38341b56028d27886ca51fb624fd86ab1070316b1464f5eaf2
a736d21b312721c0a1583ceaf265e359149bf8552ff622366fde88643a1b063f
a83af84ac9fa6c75d8dc44f7619f8d0e7d6ae7e7e949f5a00107829bb965551b
a921c04f1f56ee403d274c7eab9d11b5b31882da39738ea4a24e231f3c190412
aa54606e462728508494f78c3eb5f109da689dccd067e7383f7fbf31485e62a1
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
af2fdef955568dc79de38bfb097d53586855945811b638d6c41513bd62e25cc4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157f282e75a5a555c235477e0b51c7ac3cf5eb66609365fc6ff3aca0c2ad89d
b8404b427f652ef2a65b2f6560eaaee24421aebec85a30e4d82b615612e39b05
b9c65237ee36e6f434ed5fbcfe95f7100b50e12ab448b887fbcca368bb6137e1
c44d2d49cf0353e4e3d688b55f21997580edc6ea2e7232606840d9bc42672b3a
c4eab5e8f0d05dc9c04621dad2760b56d3c489b10405bd05e4847ef9aaf13ac1
c7ab5d64049f25d9052fe66098a11ad29dda06844ba6fbc5c5653d474c313346
c87e8fa19a6675f81a164704e2f679216b3f0ba8bb7ef0fad33a5b5784b3ebf5
cb90d1a474daeefe70fd050722fce09119d156a047726b3bb642123759d1e619
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4a0134009f70c36d82c43c77b2a6f0ee48a57beb8d4f9e9ff7c3dd3887212bc
d7750ae972fc0b3a1f83374fff2ec6e823f5e6aac7a473bad1aaccd3132e2621
dad832c5c102bf93b58997ca605c3f6c2e7a3d6a8c68f7c6557e9b24454b8e75
daf6c28c5a080458eba26ba64a95b1fcff823944d429ccb84e8a4f3a0baf05ca
dfeb1f9955a62f9605a82c85b280940c75273f45f74e3e6469bbe811c5c4038d
e295e596f52cf21dc169d1a58b53aabab27fd42fa9a90557c6f881b480e28bd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4398e863ecd066e77ee4180c582e45424471d757666f8541b10c8e95685b5ea
e4a833702133c14425a33efecc80d68cf2f55c546948192536ad2d4dd14b3012
e5a25612839ea09bf45a4e4152b2f8ece79d5886bc34eee4f2f3e9d85a0027fc
ea77330dcedcb5369ed0b2c02b75c4d12aba0e6c39036038d23aa3ac9a4d62ab
eaedceb75ef358c13deda689a2e45aa8408a32e24773bf2acc058558cb02613e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc935b6f17cd4e1bc32a4b95201e805daf8507b4de9f119ce8dd474f476d9fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12d858000fa7053450378ccd99f037e6a401261376dbc259d914a0388e4bb6d
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
fd8dcf69ef6d8062404de6cb9bc66a1cf2ae026e8da2d911316a6a87eb731ff2