Submitted URL: http://gov.diiapay.su/
Effective URL: https://gov.diiapay.su/
Submission: On December 20 via api from US — Scanned from US

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 35 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:215, located in Russian Federation and belongs to AS-REGRU "Domain names registrar REG.RU", Ltd, RU. The main domain is gov.diiapay.su.
TLS certificate: Issued by R10 on December 19th 2024. Valid for: 3 months.
This is the only time gov.diiapay.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
13 diiapay.su
gov.diiapay.su
1 MB
7 diia.gov.ua
diia.gov.ua — Cisco Umbrella Rank: 301113
344 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
428 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
92 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
544 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
212 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 142
35 8
Domain Requested by
13 gov.diiapay.su gov.diiapay.su
diia.gov.ua
7 diia.gov.ua gov.diiapay.su
4 www.googletagmanager.com gov.diiapay.su
www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net gov.diiapay.su
connect.facebook.net
3 www.google-analytics.com gov.diiapay.su
www.google-analytics.com
www.googletagmanager.com
2 www.facebook.com gov.diiapay.su
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
35 9
Subject Issuer Validity Valid
gov.diiapay.su
R10
2024-12-19 -
2025-03-19
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-28 -
2024-12-27
3 months crt.sh
*.diia.gov.ua
RapidSSL TLS RSA CA G1
2024-02-06 -
2025-03-08
a year crt.sh
*.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://gov.diiapay.su/
Frame ID: D3FDE7684A243C4762DDC6FC4FF367CE
Requests: 44 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-KDV8QBGVW1&gacid=622491171.1734700921&gtm=45je4cc1v9134476228za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1761011220
Frame ID: DB6C6DBCC1F3A9843088CFD3C966F0D1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Виплати | Дія

Page URL History Show full URLs

  1. http://gov.diiapay.su/ HTTP 307
    https://gov.diiapay.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

1942 kB
Transfer

3857 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gov.diiapay.su/ HTTP 307
    https://gov.diiapay.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gov.diiapay.su/
Redirect Chain
  • http://gov.diiapay.su/
  • https://gov.diiapay.su/
68 KB
10 KB
Document
General
Full URL
https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
a569ec2c55fb5e1e5d00f57e7b5e816edd89de651fe2d488e798d8d788f621cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 20 Dec 2024 13:22:00 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://gov.diiapay.su/
Non-Authoritative-Reason
HttpsUpgrades
44261ff286f3cd30e7cdd7bb96061748-1732022823.css
gov.diiapay.su/css/
558 KB
147 KB
Stylesheet
General
Full URL
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
00c0e0bf9adee3ca2b4ab977652671712cb26ddf082d2e196b9dc36832bae99a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
max-age=3888000
content-encoding
gzip
etag
W/"6763c2bb-8b9d1"
expires
Mon, 03 Feb 2025 13:22:00 GMT
date
Fri, 20 Dec 2024 13:22:00 GMT
content-type
text/css
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
vary
Accept-Encoding
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
age
2899
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 14:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 12:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
2853763384889398
connect.facebook.net/signals/config/
76 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2853763384889398?v=2.9.176&r=stable&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f816c327602e9efce8732c5e45730b0f0b8961ce4c3be2390278fe2eebf2eaa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-isRZekx3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-isRZekx3' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=77, mss=1232, tbw=71764, tp=66, tpl=0, uplat=78, ullat=0
pragma
public
x-fb-debug
EGYo0mB8cXmcZN383AQP6Fndmbo80Bmh/DGhynAbWjHAh3JSZLKwbhdjelq5V5cR0/OPxnvT9PQvhxgJVEk0wA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-KQrwjtMN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-KQrwjtMN' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=23, mss=1232, tbw=5796, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
3v+Gbj6QgOzzl/GU1w2Rr3ivP9ogMcK0KdQurY/G9Ci05Gxr8S2K2UrQlJeZTYrYUbjKGWeykTbRMUtA57W9YA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/
259 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBX3V3Z
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7aae8892935241c50f58de6f613d75651342d0678ba0c796522125e247367105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 20 Dec 2024 13:22:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 20 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89723
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
329 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZF72K12ETR&l=dataLayer&cx=c&gtm=45He4bk0v831006156za200
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e14e1ffbdedcf6656f347a5f041a514d84c83def366c5cdde80296e848c15b29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 13:22:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110646
x-xss-protection
0
server
Google Tag Manager
c5a159185922f4526c0f3a0c21b5d662-1732022823
diia.gov.ua/combine/
264 KB
264 KB
Script
General
Full URL
https://diia.gov.ua/combine/c5a159185922f4526c0f3a0c21b5d662-1732022823
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
ab5f2eab75b0d8e538da562507d734205d33ea82273260a5eaa704d38d47ff94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache-Status
MISS
Cache-Control
max-age=604800, public
X-Fastcgi-Cache
MISS
ETag
"c5a159185922f4526c0f3a0c21b5d662"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ajax.js
diia.gov.ua/plugins/kitsoft/pages/assets/js/
429 B
805 B
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/pages/assets/js/ajax.js?v=2.1.20
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
5674778e54be657bb0ec2a7d0599f7edff73973405916b30874161238153a79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d2e-1ad"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
429
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:30:54 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
csrf_token.js
diia.gov.ua/plugins/kitsoft/pages/assets/js/
2 KB
2 KB
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/pages/assets/js/csrf_token.js?v=2.1.20
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
29debfbd89e9ddba4b369d32e78a52f5f604d87a89848e5c7a6d6caee5aa72bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d2e-653"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
1619
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:30:54 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
hit.js
diia.gov.ua/plugins/kitsoft/services/assets/js/
277 B
637 B
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/services/assets/js/hit.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
7a9f77ca86cae5a82f3055bed9762927881c82c9f9032080c98bcb08bcbb6d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d4b-115"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
277
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:31:23 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
jquery.validate.min.js
diia.gov.ua/themes/diia/assets/vendor/validate-1.19.3/
24 KB
24 KB
Script
General
Full URL
https://diia.gov.ua/themes/diia/assets/vendor/validate-1.19.3/jquery.validate.min.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
c74d06bbbd775b61fdc17ac4a2e71178803ed7f032320f2337d28a26872268ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-5f71"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
24433
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
serviceitem.bundle.js
diia.gov.ua/themes/diia/assets/javascript/build/
32 KB
32 KB
Script
General
Full URL
https://diia.gov.ua/themes/diia/assets/javascript/build/serviceitem.bundle.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
5f4907340aaff5fb5d7968d13195717cf1909c8ad94060d7cf256c16ca17b8fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-7efe"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
32510
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99d5c6b8e0c7431abbb21aae59ecbcca4381cb79c44ec898d3d1cc00dd6d8cf1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5b1f5f9346169e6205738dce4505533f414e242b75fc421d5c8d317d89d4987

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
768 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a114796c5cf904276265efa8fb616c47974d1552b18911ef2fccb6195be3d85

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
409 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
486f47a4dd912217e8004c81c1c83b58e2302a8222d24bb72cf004954c5ef0af

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
ic_back(ic_service-back).svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/ic_back(ic_service-back).svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
531e54df1389a69f754c08f4c97cdd2cce152688bf15cd76692a38d558d52585

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cd6fd55e95aba57c1db45511d8141cdcbf36acbf26326558dce417e41473889

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41aa9d14c1337403ef4b2fb8e9225707868a15df39a99d62916e52f97c8d3134

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc52bf5eadd856ce725eeae5bc5c4039f05a2097e7ad8b70b537c6895fe64490

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bb42605e51379fbe4ab9b8e50e068a6934bed3b6f16b888a5b0a40ed636f24b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
reddot.svg
diia.gov.ua/themes/diia/assets/images/
20 KB
20 KB
Image
General
Full URL
https://diia.gov.ua/themes/diia/assets/images/reddot.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
a8130e624349048491acca779eb786ae3fa70d3789ce5996dcb3e2547ca223b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-5046"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
20550
Date
Fri, 20 Dec 2024 13:22:01 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/svg+xml
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
apple-store.svg
gov.diiapay.su/themes/diia/assets/images/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/apple-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
google-store.svg
gov.diiapay.su/themes/diia/assets/images/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/google-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
AppGallery-store.svg
gov.diiapay.su/themes/diia/assets/images/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/AppGallery-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_telegram.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
164 KB
164 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_telegram.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
c1ab0300ed45a4d1a57e89b6c378dc45bb7e0ccae3bfb738480b582c743bbd20

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_viber.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
201 KB
201 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_viber.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
de404b45417da5bad0a85f8307890cc069223d01131e02a7db1022ff8aad4e4d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_fb.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
307 KB
307 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_fb.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
f8189cc4dcf4d7587e9192d17dd28f5a7dab255fa5ee4a446113cacd72a970fc

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
e-Ukraine-Regular.otf
gov.diiapay.su/fonts/
69 KB
69 KB
Font
General
Full URL
https://gov.diiapay.su/fonts/e-Ukraine-Regular.otf
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
99da5f554cb416b08a628f94415dfe357a365d0adc0d1d6a2f157a71cb30696b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://gov.diiapay.su
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

accept-ranges
bytes
content-length
70420
date
Fri, 20 Dec 2024 13:22:01 GMT
etag
"11314-62999fa244438"
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
e-Ukraine-Light.otf
gov.diiapay.su/fonts/
68 KB
68 KB
Font
General
Full URL
https://gov.diiapay.su/fonts/e-Ukraine-Light.otf
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
172f548715156c318750e7378ec8e6caef46d2c07a3a88476c708de0c717f570

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://gov.diiapay.su
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

accept-ranges
bytes
content-length
69740
date
Fri, 20 Dec 2024 13:22:01 GMT
etag
"1106c-62999fa244050"
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
js
www.googletagmanager.com/gtag/
329 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZF72K12ETR&l=dataLayer&cx=c&gtm=45He4cc1v831006156za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBX3V3Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f721fd0db3f9976c1518437e71307fffa8d11f423eecfaf6228b39c32bae27dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 13:22:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110648
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/j/
15 B
433 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=805130681&t=pageview&_s=1&dl=https%3A%2F%2Fgov.diiapay.su%2F&ul=en-us&de=UTF-8&dt=%D0%92%D0%B8%D0%BF%D0%BB%D0%B0%D1%82%D0%B8%20%7C%20%D0%94%D1%96%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=2118588182&gjid=1876813180&cid=622491171.1734700921&tid=UA-148361071-3&_gid=1453216274.1734700921&_r=1&_slc=1&gtm=45He4cc1n81WBX3V3Zv831006156za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1723293674
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533afca9a5ce27be8179b980275daa8e523882f18baf14b6147bdc5d49667a26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://gov.diiapay.su/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
2853763384889398
connect.facebook.net/signals/config/
78 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2853763384889398?v=2.9.179&r=stable&domain=gov.diiapay.su&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7335d8c4dd4fc6aff33bc97084f89d2b518f30bc95962b5284d53d8aeb2f4c01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-S8MGJ4Ql' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-S8MGJ4Ql' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=90, mss=1232, tbw=88050, tp=83, tpl=0, uplat=47, ullat=0
pragma
public
x-fb-debug
fMDFZz21kfzx/3Sj+swvOx3hju8b+SjSoc2It2IUTznacd+gMEoIX6q5nmdnzKO4ix/0SLGnoTnHEFJLOFNegw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-ZF72K12ETR&gtm=45je4cc1v9132077229z8831006156za200zb831006156&_p=1734700921088&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=622491171.1734700921&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734700921&sct=1&seg=0&dl=https%3A%2F%2Fgov.diiapay.su%2F&dt=%D0%92%D0%B8%D0%BF%D0%BB%D0%B0%D1%82%D0%B8%20%7C%20%D0%94%D1%96%D1%8F&en=page_view&_fv=1&_ss=1&tfd=1825
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZF72K12ETR&l=dataLayer&cx=c&gtm=45He4bk0v831006156za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/
368 KB
123 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
faecf7f7ded58daff715af8e40146078b0b0f13a3266b4578a923ba87eb9a666
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 13:22:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
125988
x-xss-protection
0
server
Google Tag Manager
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2853763384889398&ev=PageView&dl=https%3A%2F%2Fgov.diiapay.su%2F&rl=&if=false&ts=1734700921525&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734700921522.304995114962612957&cs_est=true&ler=empty&cdl=API_unavailable&it=1734700921401&coo=false&rqm=GET
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=5798, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
193 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2853763384889398&ev=PageView&dl=https%3A%2F%2Fgov.diiapay.su%2F&rl=&if=false&ts=1734700921525&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734700921522.304995114962612957&cs_est=true&ler=empty&cdl=API_unavailable&it=1734700921401&coo=false&rqm=FGET
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
arAbEXNA68FESt5G63kBsVJjdoht1YlqmhDUvT8M2OQqTred4gMK8KjqK3R4Ug/IuSSoq+iBAGL9QIOF5eF0Lg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=6118, tp=13, tpl=0, uplat=28, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KDV8QBGVW1&gtm=45je4cc1v9134476228za200&_p=1734700921088&_gaz=1&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&ul=en-us&sr=1600x1200&cid=622491171.1734700921&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fgov.diiapay.su%2F&dt=%D0%92%D0%B8%D0%BF%D0%BB%D0%B0%D1%82%D0%B8%20%7C%20%D0%94%D1%96%D1%8F&sid=1734700921&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2018
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDV8QBGVW1&cid=622491171.1734700921&gtm=45je4cc1v9134476228za200&aip=1&dma=0&gcd=13l3l3l3l2l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:01 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame DB6C
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-KDV8QBGVW1&gacid=622491171.1734700921&gtm=45je4cc1v9134476228za200&dma=0&gcd=13l3l3l3l2l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1761011220
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gov.diiapay.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Dec 2024 13:22:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csrf-token
gov.diiapay.su/
307 KB
67 KB
XHR
General
Full URL
https://gov.diiapay.su/csrf-token
Requested by
Host: diia.gov.ua
URL: https://diia.gov.ua/combine/c5a159185922f4526c0f3a0c21b5d662-1732022823
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
f8189cc4dcf4d7587e9192d17dd28f5a7dab255fa5ee4a446113cacd72a970fc

Request headers

Referer
https://gov.diiapay.su/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
*/*

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
truncated
/
367 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7640d507efce0b5e94e928cce5d1530dd20cf3e8e2be234da02cecd91d5a61e0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
favicon.ico
gov.diiapay.su/
1 KB
1 KB
Other
General
Full URL
https://gov.diiapay.su/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
e6b50a4a72eb293819b386154bf847f53425cac53a77e8c10205ef0a1ac9210b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

accept-ranges
bytes
content-length
1150
date
Fri, 20 Dec 2024 13:22:02 GMT
etag
"47e-62999fa243c68"
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_tag_data function| ga object| gaplugins object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject object| gaGlobal object| gaData function| fbq function| _fbq function| onYouTubeIframeAPIReady function| $ function| jQuery object| bootstrap function| moment function| ocJSON function| ocSanitize function| getCsrf function| isCurrentHost string| currentRequestUrl

7 Cookies

Domain/Path Name / Value
.diiapay.su/ Name: _gid
Value: GA1.2.1453216274.1734700921
.diiapay.su/ Name: _gat_UA-148361071-3
Value: 1
.diiapay.su/ Name: _ga_ZF72K12ETR
Value: GS1.1.1734700921.1.0.1734700921.0.0.0
.diiapay.su/ Name: _ga
Value: GA1.1.622491171.1734700921
.diiapay.su/ Name: _fbp
Value: fb.1.1734700921522.304995114962612957
.diiapay.su/ Name: _ga_KDV8QBGVW1
Value: GS1.2.1734700921.1.0.1734700921.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

8 Console Messages

Source Level URL
Text
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/ic_back(ic_service-back).svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/AppGallery-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_viber.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/google-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/apple-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_fb.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_telegram.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/csrf-token
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
connect.facebook.net
diia.gov.ua
gov.diiapay.su
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
195.189.240.75
2001:4860:4802:34::181
2607:f8b0:4004:c19::9d
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2008
2a00:f940:2:2:1:1:0:215
2a03:2880:f112:182:face:b00c:0:25de
2a03:2880:f35a:80:face:b00c:0:3
00c0e0bf9adee3ca2b4ab977652671712cb26ddf082d2e196b9dc36832bae99a
172f548715156c318750e7378ec8e6caef46d2c07a3a88476c708de0c717f570
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
29debfbd89e9ddba4b369d32e78a52f5f604d87a89848e5c7a6d6caee5aa72bb
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925
41aa9d14c1337403ef4b2fb8e9225707868a15df39a99d62916e52f97c8d3134
486f47a4dd912217e8004c81c1c83b58e2302a8222d24bb72cf004954c5ef0af
4bb42605e51379fbe4ab9b8e50e068a6934bed3b6f16b888a5b0a40ed636f24b
4f816c327602e9efce8732c5e45730b0f0b8961ce4c3be2390278fe2eebf2eaa
531e54df1389a69f754c08f4c97cdd2cce152688bf15cd76692a38d558d52585
533afca9a5ce27be8179b980275daa8e523882f18baf14b6147bdc5d49667a26
5674778e54be657bb0ec2a7d0599f7edff73973405916b30874161238153a79c
5f4907340aaff5fb5d7968d13195717cf1909c8ad94060d7cf256c16ca17b8fa
7335d8c4dd4fc6aff33bc97084f89d2b518f30bc95962b5284d53d8aeb2f4c01
7640d507efce0b5e94e928cce5d1530dd20cf3e8e2be234da02cecd91d5a61e0
7a9f77ca86cae5a82f3055bed9762927881c82c9f9032080c98bcb08bcbb6d27
7aae8892935241c50f58de6f613d75651342d0678ba0c796522125e247367105
8cd6fd55e95aba57c1db45511d8141cdcbf36acbf26326558dce417e41473889
99d5c6b8e0c7431abbb21aae59ecbcca4381cb79c44ec898d3d1cc00dd6d8cf1
99da5f554cb416b08a628f94415dfe357a365d0adc0d1d6a2f157a71cb30696b
9a114796c5cf904276265efa8fb616c47974d1552b18911ef2fccb6195be3d85
a569ec2c55fb5e1e5d00f57e7b5e816edd89de651fe2d488e798d8d788f621cf
a8130e624349048491acca779eb786ae3fa70d3789ce5996dcb3e2547ca223b7
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5f2eab75b0d8e538da562507d734205d33ea82273260a5eaa704d38d47ff94
c1ab0300ed45a4d1a57e89b6c378dc45bb7e0ccae3bfb738480b582c743bbd20
c74d06bbbd775b61fdc17ac4a2e71178803ed7f032320f2337d28a26872268ed
d5b1f5f9346169e6205738dce4505533f414e242b75fc421d5c8d317d89d4987
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de404b45417da5bad0a85f8307890cc069223d01131e02a7db1022ff8aad4e4d
e14e1ffbdedcf6656f347a5f041a514d84c83def366c5cdde80296e848c15b29
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b50a4a72eb293819b386154bf847f53425cac53a77e8c10205ef0a1ac9210b
f721fd0db3f9976c1518437e71307fffa8d11f423eecfaf6228b39c32bae27dd
f8189cc4dcf4d7587e9192d17dd28f5a7dab255fa5ee4a446113cacd72a970fc
faecf7f7ded58daff715af8e40146078b0b0f13a3266b4578a923ba87eb9a666
fc52bf5eadd856ce725eeae5bc5c4039f05a2097e7ad8b70b537c6895fe64490