Submitted URL: https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html
Effective URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Submission: On May 14 via manual from NZ — Scanned from NZ

Summary

This website contacted 12 IPs in 4 countries across 18 domains to perform 64 HTTP transactions. The main IP is 178.172.165.52, located in Belarus and belongs to DATAHATA-AS, BY. The main domain is movipavto.by.
TLS certificate: Issued by R3 on March 17th 2024. Valid for: 3 months.
This is the only time movipavto.by was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spark (Telecommunication)

Domain & IP information

Domain Requested by
25 www.spark.co.nz movipavto.by
www.spark.co.nz
5 movipavto.by movipavto.by
3 www.googletagmanager.com movipavto.by
2 www.google.com movipavto.by
2 cdn2.gbqofs.com movipavto.by
cdn2.gbqofs.com
1 visitor-service-ap-southeast-2.tealiumiq.com movipavto.by
1 static.cdn-apple.com movipavto.by
1 june.takingbackjuly.com movipavto.by
1 snap.licdn.com movipavto.by
1 www.everestjs.net movipavto.by
1 media.tenor.com movipavto.by
0 px.ads.linkedin.com Failed movipavto.by
0 cdn.gbqofs.com Failed cdn2.gbqofs.com
0 www.googletagservices.com Failed movipavto.by
0 googleads.g.doubleclick.net Failed movipavto.by
0 connect.facebook.net Failed movipavto.by
0 www.gstatic.com Failed movipavto.by
0 www.google-analytics.com Failed movipavto.by
0 pagead2.googlesyndication.com Failed movipavto.by
0 sanalytics.spark.co.nz Failed movipavto.by
64 20

This site contains no links.

Subject Issuer Validity Valid
*.movipavto.by
R3
2024-03-17 -
2024-06-15
3 months crt.sh
c.tenor.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
www.everestjs.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-25 -
2024-10-25
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
www.spark.co.nz
Entrust Certification Authority - L1K
2023-06-26 -
2024-07-12
a year crt.sh
*.takingbackjuly.com
ZeroSSL ECC Domain Secure Site CA
2024-04-28 -
2024-07-27
3 months crt.sh
static.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1
2024-01-09 -
2024-07-07
6 months crt.sh
gbqofs.com
Cloudflare Inc ECC CA-3
2023-10-12 -
2024-10-11
a year crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01
2023-07-25 -
2024-08-22
a year crt.sh
*.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Frame ID: 5C84C6A3586608BBA68158821EA71BD5
Requests: 64 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html Page URL
  2. https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc/clientlibs/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Page Statistics

64
Requests

67 %
HTTPS

55 %
IPv6

18
Domains

20
Subdomains

12
IPs

4
Countries

1405 kB
Transfer

6597 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html Page URL
  2. https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Spark%20EBill%2019042024141402676.html
movipavto.by/img/trash/
379 B
392 B
Document
General
Full URL
https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.165.52 , Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x16.login.by
Software
Apache /
Resource Hash
2d600414783c39dfaf4cb3304bbf3d347e0675ed863761263e2cb7dcf46eff70

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
267
content-type
text/html
date
Tue, 14 May 2024 23:00:59 GMT
last-modified
Sun, 05 May 2024 05:23:37 GMT
server
Apache
vary
Accept-Encoding,User-Agent
loading-gif.gif
media.tenor.com/On7kvXhzml4AAAAj/
40 KB
41 KB
Image
General
Full URL
https://media.tenor.com/On7kvXhzml4AAAAj/loading-gif.gif
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b360359ffe7d46d32329b6a454b0540e6d34bd444a6f9ecface6663e1cb98aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 06:54:10 GMT
x-content-type-options
nosniff
age
58010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40957
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 22:00:14 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Wed, 15 May 2024 06:54:10 GMT
favicon.ico
movipavto.by/
0
88 B
Other
General
Full URL
https://movipavto.by/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.165.52 , Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x16.login.by
Software
Apache / PHP/5.4.45
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:01 GMT
server
Apache
x-powered-by
PHP/5.4.45
content-length
0
vary
User-Agent
content-type
image/vnd.microsoft.icon
Primary Request Spark%20EBill%20D19042024141402676.html
movipavto.by/img/
116 KB
19 KB
Document
General
Full URL
https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.165.52 , Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x16.login.by
Software
Apache /
Resource Hash
9285513efa9c3d4fd0d12288e2340f5652784341d4777db140e9d5e697699d75

Request headers

Accept-Language
en-NZ,en;q=0.9;q=0.9
Referer
https://movipavto.by/img/trash/Spark%20EBill%2019042024141402676.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
19321
content-type
text/html
date
Tue, 14 May 2024 23:01:02 GMT
last-modified
Sun, 05 May 2024 05:10:36 GMT
server
Apache
vary
Accept-Encoding,User-Agent
st.v3.js
www.everestjs.net/static/
30 KB
9 KB
Script
General
Full URL
https://www.everestjs.net/static/st.v3.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.74.33.231 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-33-231.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
04b1e988d177747bd6c04bca2d8bc857c327c1917dad463d841e50e7e5b5e40f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Date
Tue, 14 May 2024 23:01:02 GMT
Last-Modified
Mon, 01 Apr 2024 06:52:39 GMT
Server
AmazonS3
x-amz-request-id
KTH432TSZ6QTYN4K
ETag
"529e58317066a2b8c2d5810477b88a63"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8465
x-amz-id-2
3Qwd3I3+oox4iDZv3krkDBpniLyvYGEXI6/hQm3KRJYLU8dIW6tlbpGbuIz8IWAQZSRnUHbJ2tg=
js
www.googletagmanager.com/gtag/
270 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D2ZWE5J6RR&cx=c&_slc=1
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
367608993b3de1c128fdea2a2b560f14abbe6681dc5b443038e77608135f582c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95705
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 23:01:03 GMT
s27753181629227
sanalytics.spark.co.nz/b/ss/sparknzwebsite-prod/10/JS-2.23.0-LDQM/
0
0

omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/
0
0

analytics.js
www.google-analytics.com/
0
0

recaptcha__en.js
www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/
0
0

insight.min.js
snap.licdn.com/li.lms-analytics/
47 KB
17 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:11::6848:4631 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 May 2024 17:20:18 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=74739
accept-ranges
bytes
content-length
16683
js
www.googletagmanager.com/gtag/
229 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-973125260&l=dataLayer&cx=c
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8093be0e53b5f7c773568135643a55c1e97283e9c0352a78a79061f715b8e19b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84055
x-xss-protection
0
last-modified
Tue, 14 May 2024 21:16:12 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 May 2024 23:01:04 GMT
clientlib-all.css
www.spark.co.nz/etc/designs/onespark/
840 KB
111 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/onespark/clientlib-all.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
934c1c0474bd19feb129e9137984bc634cb53bd410b491a6b8b27c26383359bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 15 May 2023 01:27:41 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Transfer-Encoding
chunked
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
clientlib-all.css
www.spark.co.nz/etc/designs/sparklabs/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/sparklabs/clientlib-all.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
5a33b1b08faa141fe7a21f91a0f8bd26fb72c4f6ab530de586c1890efed6ff77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 28 Mar 2019 01:08:09 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
2232
clientlib-sparkv2.css
www.spark.co.nz/etc/designs/onespark/
116 KB
16 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/onespark/clientlib-sparkv2.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
77bbfa0cb24fc3fbd863563814a419f68661054ada740bc501a03bea5d7ce7cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 25 May 2023 01:26:25 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
15553
clientlib-forms.css
www.spark.co.nz/etc/designs/spark-responsive/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/spark-responsive/clientlib-forms.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
2d98b01da0724db55fe327b97a09ef64c25598eb8d8194414e63de0e82a20d3d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Wed, 27 May 2020 13:58:59 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
1569
xtramail-sign-in.css
www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/
38 KB
7 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/xtramail-sign-in.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
e1feb0cfb8121d6c37a4e8797daba314869376e63581c4e5d2ee36039a430a06
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Sun, 24 Mar 2019 09:50:17 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
6240
xtramail-delete-account.css
www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/
37 KB
7 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/xtramail-delete-account.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
4d899b6b03c228edf05bda2e1107e08a20d446fdaad7b4276a936ae75827a7c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Sun, 04 Mar 2018 09:09:40 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
6145
EX876142b8f7b245af92537e9484959208-libraryCode_source.min.js
www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/
0
0

AppMeasurement_Module_AudienceManagement.min.js
www.spark.co.nz/content/dam/telecomcms/dtm//3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/
0
0

213308197274656
connect.facebook.net/signals/config/
0
0

fbevents.js
connect.facebook.net/en_US/
0
0

js
www.googletagmanager.com/gtag/
113 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-62VXG698NS&l=dataLayer
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104346
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 14 May 2024 23:01:04 GMT
ct
june.takingbackjuly.com/
5 KB
2 KB
Script
General
Full URL
https://june.takingbackjuly.com/ct?id=17319&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&sf=0&tpi=&ch=Spark.co.nz&uvid=&tsf=0&tsfmi=&tsfu=&cb=1690547916906&hl=5&op=0&ag=2387200458&rand=04099525981190200791727125226125275885880726668779098592797988119000110127256020&fs=1366x643&fst=1366x643&np=win32&nv=&ref=https%3A%2F%2Fwww.google.com%2F&ss=1366x768&nc=0&at=&di=W1siZWYiLDUyNzRdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiZ29vZ2xlIGluYy4gKGludGVsKVwiLFwiclwiOlwiYW5nbGUgKGludGVsLCBpbnRlbChyKSBoZCBncmFwaGljcyBkaXJlY3QzZDExIHZzXzVfMCBwc181XzApXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjBcIixcImd2ZW5cIjpcIm1vemlsbGFcIixcImJlblwiOjYsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwiYW5nbGUgKGludGVsLCBpbnRlbChyKSBoZCBncmFwaGljcyBkaXJlY3QzZDExIHZzXzVfMCBwc181XzApXCIsXCJzZWZcIjoyMzIwNjQ5OTYxLFwic2VjXCI6XCJcIn0iXSxbImNiIiwiMCwwLDEsMCwwLDAsMCwxLDAsOSwyLDAsMTAsMCwwLDUsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMCwwLDcsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCJdLFstMSwiV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0Il0sWy0yLCI5Nyx2MXVqZkFHTlBCWUlocHdZUVdVMElnRkZORFRRaWh1dEFKM2JSQTZBa3ZBVk5pbTk1c0FwaHFUSFBCM2Q3MTlxWTZtdjdmWjZUWjFXcDNnZkRtdjc3ditvU0Z1bFo2N2publB1Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiQ1FcIixcIiRcIixcImpRdWVyeVwiLFwibWF0Y2hlZFwiLFwiYnJvd3NlclwiLFwiR3Jhbml0ZVwiLFwiX2dcIixcIiRDUVwiLFwiR19YSFJfSE9PS1wiLFwiR19SRUxPQURfSE9PS1wiLFwiR19JU19IT09LRURcIixcIkdfQ09OVEVOVF9QQVRIXCIsXCJjcTVmb3Jtc19pc0FycmF5XCIsXCJjcTVmb3Jtc19pc05vZGVMaXN0XCIsXCJjcTVmb3Jtc19zaG93TXNnXCIsXCJjcTVmb3Jtc19pc0VtcHR5XCIsXCJjcTVmb3Jtc19yZWdjaGVja1wiLFwiY3E1Zm9ybXNfbXVsdGlSZXNvdXJjZUNoYW5nZVwiLFwicGljdHVyZWZpbGxcIixcImpRdWVyeTExMjQwNDY4NzU4MjA3Mjg4MTM2MVwiLFwiZGlnaXRhbERhdGFcIixcImRhdGVcIixcImNsaWVudEhvdXJPZkRheVwiLFwicGFnZVZpc2l0SnNvblwiLFwic3lzdGVtSG91ck9mRGF5XCIsXCJkaWZmSG91ck9mRGF5XCIsXCJkYXlzXCIsXCJpc1dlZWtlbmRcIixcImVtcHR5RGl2XCIsXCJwYWdlXCIsXCJ0ZWFsaXVtRGF0YVByb3ZpZGVyXCIsXCJzZW5kVGVhbGl1bUV2ZW50XCIsXCJpc0VtcHR5XCIsXCJrZXlcIixcImRpc3RpbmN0XCIsXCJ0YXJnZXRHbG9iYWxTZXR0aW5nc1wiLFwiX3NhdGVsbGl0ZVwiLFwiX19zYXRlbGxpdGVMb2FkZWRcIixcImFkb2JlXCIsXCJWaXNpdG9yXCIsXCJzX2NfaWxcIixcInNfY19pblwiLFwiZmJxXCIsXCJfZmJxXCIsXCJfX3RhcmdldF90ZWxlbWV0cnlcIixcIl9fX3RhcmdldF90cmFjZXNcIixcIm1ib3hDcmVhdGVcIixcIm1ib3hEZWZpbmVcIixcIm1ib3hVcGRhdGVcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcInRpdGxlXCJdfSJdLFstMTIsIlwidW5zcGVjaWZpZWRcIiJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWy04LC04LC04LC04LDAsMCwxLDI0LDI0LFwiLVwiLDEzNjYsNzI4LDEzNjYsNzY4LDEzODIsNzQ0LDEzNjYsNjQzLDAsMCwwLDAsXCItXCIsXCItXCIsMTM2Niw2NDNdIl0sWy0yMCwiMjA5NTUyMDU0MC4xNjkwNTQ3ODYzIl0sWy0yMSwiMC44NTQwOTkxNjE1MjAzMzU1Il0sWy0yMiwiW1wiclwiLFwiclwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCItIl0sWy0yNywiLSJdLFstMjgsImVuLVVTLGVuIl0sWy0yOSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiMCJdLFstMzMsIi0iXSxbLTM0LCItIl0sWy0zNSwiWzE2OTA1NDc5MTY4MzUsN10iXSxbLTM2LCJbXCI2ODMvMzg0XCIsXCI2ODMvMzg0XCJdIl0sWy0zNywiLSJdLFstMzgsImwsLTEsLTEsMTQsMCwwLDEwNCwwLDAsNzA4LC0xLDAsLCwyNTQ5LDI1NDgiXSxbLTM5LCJbXCIyMDEwMDEwMVwiLDIsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixcIjIwMTgxMDAxMDAwMDAwXCIsbnVsbCxmYWxzZSxudWxsLGZhbHNlLG51bGwsNSx0cnVlLGZhbHNlXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjI2MjI1NjU0ODYiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDAxMTEwMDEwMDAwMDEwMDAwMDAwIl0sWy00NCwiMCw1LDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiQW1lcmljYS9Mb3NfQW5nZWxlcyxlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMDAxIl0sWy01NCwie1wiaFwiOltcIl8zXCIsXCIyODcyODk5MzIwXCJdLFwiZFwiOltdLFwiYlwiOltdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiVFJkY1FVbFdTMDFLZVZGTlRVbEtBeFlXV0V4ZVRFcE5GMDFZVWxCWFhsdFlXbEpUVEZWQUYxcFdWQlpRRmdBT0NRRmFDd2tLVzF4YVhBb0FDUUVNQVFoY0FGZ0FBUUJkWEExZkRBNEJGMU5LQXdnRER3d01DQW9WYVhsUlRVMUpTZ01XRmxoTVhreEtUUmROV0ZKUVYxNWJXRnBTVTB4VlFCZGFWbFFXVUJZQURna0JXZ3NKQ2x0Y1dsd0tBQWtCREFFSVhBQllBQUVBWFZ3Tlh3d09BUmRUU2dNSUF3c0FEZzRLRlhWNVVVMU5TVW9ERmhaWVRGNU1TazBYVFZoU1VGZGVXMWhhVWxOTVZVQVhXbFpVRmxBV0FBNEpBVm9MQ1FwYlhGcGNDZ0FKQVF3QkNGd0FXQUFCQUYxY0RWOE1EZ0VYVTBvRENBTUtDUUVNRFJWNVVRPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsIi0iXSxbLTYxLCItIl0sWyJkZGIiLCIwLDEwMSwwLDEsMiw4LDAsMCwxLDAsMSwwLDAsMCwwLDEsMCwwLDEsMCwwLDEsMCwwLDAsMCwwLDEsMCwwLDAsNSwwLDAsMCw1LDAsMCwwLDEsMCwwLDIsNywxLDAsMiwxLDEsMCwwLDAsMCwyLDAsMCwxMCwzMiwwLDAsMCJdLFsiYm5jaCIsMjQyXSxbImFibmNoIiwyNDNdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=8fyOtHWJSG&pto=2620&ver=55&gac=2095520540.1690547863&mei=&ap=&fe=0&duid=1.1690547862.oOc7TodWzPbyC5HC&suid=1.1690547862.sOCejSPOoSHmI2qc&tuid=1.1690547862.SJFcxOGSCl1w54Pn&fbc=2.1690547873615.1019191526&gtm=W10%3D&it=21%2C2117%2C114&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd08:3437:aff5:50c:d298 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4d5f7a7ec70854ba49ea7d8100fd60dc23cf0b886fe786cfaad737368d5d3da4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/javascript
pragma
no-cache
date
Tue, 14 May 2024 23:01:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1933
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
static.cdn-apple.com/businesschat/start-chat-button/2/
26 KB
10 KB
Script
General
Full URL
https://static.cdn-apple.com/businesschat/start-chat-button/2/index.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3800:ff9e::386b -, , ASN (),
Reverse DNS
Software
Apple /
Resource Hash
1a4318f8b6d5376f1656e2b00b7ed8705d5799dd2be22378cbc43ca6e4b8f8ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 14 May 2024 23:01:03 GMT
Last-Modified
Wed, 24 Feb 2021 17:53:05 GMT
Server
Apple
ETag
W/"60369281-6770"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Content-Length
9827
X-XSS-Protection
1; mode=block
detector-dom.min.js
cdn2.gbqofs.com/spark-nz/p/
2 KB
1 KB
Script
General
Full URL
https://cdn2.gbqofs.com/spark-nz/p/detector-dom.min.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:02 GMT
x-amz-version-id
DinDznou4ddEmK5VUJUhwvQ1WWf7wo27
content-encoding
gzip
cf-cache-status
HIT
via
1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
898
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 05 Mar 2024 03:28:48 GMT
server
cloudflare
etag
W/"6524e09f037820b70a918bb1f3bd2693"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
883e82045fc95089-AKL
x-amz-cf-id
oJadxu_prFu8INPSKe0yoMNfqJRGkv5yOLxu7H-R2ZsKo4YUlCushQ==
expires
Wed, 15 May 2024 03:01:02 GMT
01899c810414001343e85cc56db305050002800d0086e
visitor-service-ap-southeast-2.tealiumiq.com/sparknz/main/
27 B
245 B
Script
General
Full URL
https://visitor-service-ap-southeast-2.tealiumiq.com/sparknz/main/01899c810414001343e85cc56db305050002800d0086e?callback=utag.ut%5B%22writevamain%22%5D&rnd=1690547919310
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.252.45.47 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-version
56fe2a0722f7a0f74453af2f3a706a260f62f0a5-SNAPSHOT
date
Tue, 14 May 2024 23:01:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
ap-southeast-2
content-length
27
x-nodeid
i-0f670c701fde0c3b3
content-type
application/javascript; charset=utf-8
/
www.google.com/pagead/1p-conversion/973125260/
2 KB
1 KB
Script
General
Full URL
https://www.google.com/pagead/1p-conversion/973125260/?random=1690547919428&cv=11&fst=1690547919428&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&ref=https%3A%2F%2Fwww.google.com%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.google.com&frm=0&tiba=Xtra%20Mail%20sign%20in%20%7C%20Spark%20NZ&gtm_ee=1&auid=1857017395.1690547863&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.4 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
05b50dff886cf82adaeb4ee3353878c53afdd091f212de66f824a52712bbd459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 23:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1502
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
RCf8e82d101ba84267b5dc98266fafaf90-source.min.js
www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/
0
0

RC4c6415dc23724b51bb920898afa4963e-source.min.js
www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/
0
0

/
www.google.com/pagead/1p-conversion/971021318/
3 KB
2 KB
Script
General
Full URL
https://www.google.com/pagead/1p-conversion/971021318/?random=1690547922395&cv=11&fst=1690547922395&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&ref=https%3A%2F%2Fwww.google.com%2F&label=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&hn=www.google.com&frm=0&tiba=Xtra%20Mail%20sign%20in%20%7C%20Spark%20NZ&value=0&bttype=purchase&auid=1857017395.1690547863&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.67.4 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
840b1a2e571f0d10e7abbc33169d7710f9796427eed447dc86f644b004832de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 23:01:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1560
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/979185687/
0
0

widgets.min.css
www.spark.co.nz/content/dam/kb/public/css/
111 KB
19 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/content/dam/kb/public/css/widgets.min.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
38529a00acbf801562baceae9dcf6130744572a378985ab3ffb877238dced261
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 25 May 2021 20:19:57 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
18323
gwc-default.css
www.spark.co.nz/content/dam/kb/public/css/
48 KB
8 KB
Stylesheet
General
Full URL
https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
35160acc270f5c78438eed08fa690c6486ee1dbf9f14eb477d36d7efd4f04c21
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Tue, 25 May 2021 20:19:56 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
7740
rx_lidar.js
www.googletagservices.com/activeview/js/current/
0
0

utag.js
www.spark.co.nz/content/dam/telecomcms/cdp/
55 KB
17 KB
Script
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/cdp/utag.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
82908823fd53d649648fb51f49f1fb701a847310cf51e8c64f3909e242dc4ac9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 30 Oct 2023 23:43:34 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
16747
shopping-disabled.svg
movipavto.by/content/dam/telecomcms/responsive/icons-svg/
17 KB
17 KB
Image
General
Full URL
https://movipavto.by/content/dam/telecomcms/responsive/icons-svg/shopping-disabled.svg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.165.52 , Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x16.login.by
Software
Apache / PHP/5.4.45
Resource Hash
0bf76c4088cf649aed3322007e1ddd7efb2a62b5c588587c97e689f6f35cc8a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 23:01:02 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
content-length
4567
expires
Wed, 11 Jan 1984 05:00:00 GMT
shopping.svg
movipavto.by/content/dam/telecomcms/responsive/icons-svg/
17 KB
17 KB
Image
General
Full URL
https://movipavto.by/content/dam/telecomcms/responsive/icons-svg/shopping.svg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.172.165.52 , Belarus, ASN56740 (DATAHATA-AS, BY),
Reverse DNS
x16.login.by
Software
Apache / PHP/5.4.45
Resource Hash
0bf76c4088cf649aed3322007e1ddd7efb2a62b5c588587c97e689f6f35cc8a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 14 May 2024 23:01:02 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.4.45
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
content-length
4567
expires
Wed, 11 Jan 1984 05:00:00 GMT
purple.svg
www.spark.co.nz/content/dam/sparkdigital/images/logo/
34 KB
11 KB
Image
General
Full URL
https://www.spark.co.nz/content/dam/sparkdigital/images/logo/purple.svg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Wed, 22 Mar 2017 03:37:11 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
10484
beyond-binary-banner-tile-v3.jpg
www.spark.co.nz/content/dam/telecomcms/images/Campaigns/beyond-binary/
117 KB
118 KB
Image
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/images/Campaigns/beyond-binary/beyond-binary-banner-tile-v3.jpg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
cf41c230e0e8be878e310aa6b846a0ab4d354f19c879c615113d45ff58dc2577
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:03 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Mon, 21 Feb 2022 21:11:38 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
119617
tct-netflix-vas-570x332.jpg
movipavto.by/content/dam/spark/images/product-images/subscriptions/Netflix/
0
0

young_boy_headphones_Spark_D4_S9-1Dx-0028.jpg
www.spark.co.nz/content/dam/patternlibrary/image-repo/young-boy-headphones/
217 KB
218 KB
Image
General
Full URL
https://www.spark.co.nz/content/dam/patternlibrary/image-repo/young-boy-headphones/young_boy_headphones_Spark_D4_S9-1Dx-0028.jpg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
c11b977cd2ba3b6c3a1907314f67ccaec9fcdafa813f82f077d6dc71c7b22d99
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Sun, 30 Aug 2020 23:23:41 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
222294
template-background.css
www.spark.co.nz/content/dam/telecomcms/css/help/
125 B
901 B
Stylesheet
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/css/help/template-background.css
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
1ec646367adfa9d202390de7a9b06c95e70d48801fe3f6458ea96a5fe347f7b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 28 Feb 2019 02:17:32 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
128
shopping.svg
www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/
2 KB
2 KB
Image
General
Full URL
https://www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/shopping.svg
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Sun, 10 Sep 2017 10:34:17 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
image/svg+xml
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
929
shopping-disabled.svg
www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/
0
0

shielded.png
www.spark.co.nz/content/dam/onespark/icon-images/
5 KB
6 KB
Image
General
Full URL
https://www.spark.co.nz/content/dam/onespark/icon-images/shielded.png
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Thu, 07 Feb 2019 01:21:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
5432
script.js
movipavto.by/img/
0
0

modern.js
www.spark.co.nz/etc/clientlibs/granite/lodash/
224 KB
42 KB
Script
General
Full URL
https://www.spark.co.nz/etc/clientlibs/granite/lodash/modern.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
14fd5488cd35a65a9c8d98f0ac5e97fca338d1a3532179ee3dc92d7e4667c4ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Fri, 20 Jan 2017 10:16:49 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
42243
login.js
movipavto.by/
0
0

clientlib-all.js
www.spark.co.nz/etc/designs/onespark/
2 MB
375 KB
Script
General
Full URL
https://www.spark.co.nz/etc/designs/onespark/clientlib-all.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
1615e8ad1240b75ac3b0a3a73442d6055d5015b33356a75c9d4a3e157c77f044
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Wed, 10 Apr 2024 22:38:35 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Transfer-Encoding
chunked
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
clientlib-all.js
www.spark.co.nz/etc/designs/sparklabs/
2 KB
1 KB
Script
General
Full URL
https://www.spark.co.nz/etc/designs/sparklabs/clientlib-all.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
64818334dce5c74e9b33612bcefd935d157d4e5d03a1e7f2884a0edf1e6e51b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 28 Mar 2019 01:08:09 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
550
clientlib-sparkv2.js
www.spark.co.nz/etc/designs/onespark/
85 KB
18 KB
Script
General
Full URL
https://www.spark.co.nz/etc/designs/onespark/clientlib-sparkv2.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
f0a79f4fd1a6f9f2d5cb69e56a022f403734cd3f2d61d20163248454da26b8a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Thu, 25 Mar 2021 00:15:45 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
17934
clientlib-forms.js
www.spark.co.nz/etc/designs/spark-responsive/
23 KB
6 KB
Script
General
Full URL
https://www.spark.co.nz/etc/designs/spark-responsive/clientlib-forms.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
b8f61e550cc76f12aaed06f5f92fe359a074f83808b23e3ad4266cbc10df8fa0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Mon, 19 Oct 2020 03:36:13 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
Content-Length
5245
api.js
www.google.com/recaptcha/
0
0

xtramail-delete-account.js
www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/
2 MB
0
Script
General
Full URL
https://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail/xtramail-delete-account.js
Requested by
Host: movipavto.by
URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
frame-ancestors 'self'
Last-Modified
Wed, 08 May 2024 22:35:17 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript;charset=utf-8
Transfer-Encoding
chunked
Cache-Control
max-age=900
X-Cnection
close
Accept-Ranges
bytes
config.js
cdn2.gbqofs.com/spark-nz/p/
7 KB
2 KB
Script
General
Full URL
https://cdn2.gbqofs.com/spark-nz/p/config.js
Requested by
Host: cdn2.gbqofs.com
URL: https://cdn2.gbqofs.com/spark-nz/p/detector-dom.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:190d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411328f7893c39eb26097fd95a0d3c36d07173f21adb4be81264bef90db58ca3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://movipavto.by/
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 23:01:04 GMT
x-amz-version-id
lkfdgjCf5mRr3.Q1rM.quCQdxrODEAUE
content-encoding
gzip
cf-cache-status
HIT
via
1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
6462
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 05 Mar 2024 03:28:48 GMT
server
cloudflare
etag
W/"203586e1a344b1745401cec7b7d8602a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
883e820cff235089-AKL
x-amz-cf-id
yc7a6PxicRSVfD3YRWYB7_lSpnm1MjzVL1-MRCgoqv7P7RInrmwUiQ==
expires
Wed, 15 May 2024 03:01:04 GMT
f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/
24 KB
25 KB
Font
General
Full URL
https://www.spark.co.nz/content/dam/kb/public/font/avenir/f26faddb-86cc-4477-a253-1e1287684336.woff
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
6df8cab166b5abbb4a4ff8e8b39f7246ef677afd86fc906c03e8d4ece2248a95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Origin
https://movipavto.by
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Mar 2015 19:14:00 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://movipavto.by
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
24865
91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/
24 KB
25 KB
Font
General
Full URL
https://www.spark.co.nz/content/dam/kb/public/font/avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Origin
https://movipavto.by
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Mar 2015 19:13:59 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://movipavto.by
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
24606
spark-icon-family.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/
28 KB
29 KB
Font
General
Full URL
https://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.woff
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/etc/designs/onespark/clientlib-sparkv2.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
597577e553630e1a1a757b9a233376cc1c0ea7e590a796b708103f8b077b0631
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.spark.co.nz/etc/designs/onespark/clientlib-sparkv2.css
Origin
https://movipavto.by
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Wed, 07 Jun 2017 11:38:17 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://movipavto.by
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
28652
b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/
24 KB
25 KB
Font
General
Full URL
https://www.spark.co.nz/content/dam/kb/public/font/avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
Requested by
Host: www.spark.co.nz
URL: https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.171.248.36 , New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),
Reverse DNS
Software
/
Resource Hash
a468d97017c7c9d0a1a2c3d12d302e213ed8c7c7a0a401588c87b00876c0675f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css
Origin
https://movipavto.by
Accept-Language
en-NZ,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 14 May 2024 23:01:04 GMT
Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Sat, 28 Mar 2015 19:13:59 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://movipavto.by
Cache-Control
max-age=7200
X-Cnection
close
Accept-Ranges
bytes
Content-Length
24963
detector-bootstrap.min.js
cdn.gbqofs.com/sv/a/
0
0

collect
px.ads.linkedin.com/
0
0

/
www.google.com/pagead/1p-conversion/973125260/
0
0

/
www.google.com/pagead/1p-conversion/971021318/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sanalytics.spark.co.nz
URL
https://sanalytics.spark.co.nz/b/ss/sparknzwebsite-prod/10/JS-2.23.0-LDQM/s27753181629227?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F6%2F2023%205%3A38%3A40%205%20420&d.&nsid=0&jsonv=1&.d&sdid=63EDDB745332428A-62A681289C8E0AC2&mid=83861434382105482600894244937435347756&aamlh=6&ce=UTF-8&cdp=3&fpCookieDomainPeriods=3&pageName=login-content-component-test&g=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&r=https%3A%2F%2Fwww.google.com%2F&cc=NZD&ch=xtramail&server=https%3A%2F%2Fwww.spark.co.nz&v0=%3A%3A%3A%3A%3A%3A%3A%3A%3A%3A&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=%2Fcontent%2Ftelecomcms%2Fpersonal%2Fxtramail%2Flogin-content-component-test&v1=%2Fcontent%2Ftelecomcms%2Fpersonal%2Fxtramail%2Flogin-content-component-test&c2=login-content-component-test&v2=login-content-component-test&c3=Xtra%20Mail%20%7C%20Spark%20Email&v3=Xtra%20Mail%20%7C%20Spark%20Email&c4=one-spark-full-width&v4=one-spark-full-width&c5=www.spark.co.nz%2Fxtramail%2Fsignin&v5=www.spark.co.nz%2Fxtramail%2Fsignin&c6=https%20www.spark.co.nz&v6=https%20www.spark.co.nz&c7=Desktop&v7=Desktop&c8=2023-07-28T15%3A50%3A59Z&v8=2023-07-28T15%3A50%3A59Z&c10=www.spark.co.nz%2Fxtramail%2Fsignin%2F&v10=www.spark.co.nz%2Fxtramail%2Fsignin%2F&c11=xtramail&v11=xtramail&c12=xtramail%2Fsignin&v12=xtramail%2Fsignin&c15=nz&v15=nz&c16=en_US&v16=en_US&c20=SATURDAY&v20=SATURDAY&c25=https%3A%2F%2Fwww.google.com%2F&c30=login-content-component-test&c31=72%3A49%3A1%3A2&c62=22&v94=https%3A%2F%2Fwww.google.com%2F&v126=GA1.3.2095520540.1690547863&v208=false&v209=undefined%3Aundefined%3Aundefined%3A&v249=83861434382105482600894244937435347756&s=1366x768&c=24&j=1.6&v=N&k=Y&bw=1366&bh=643&mcorgid=6DE543A85589B08F7F000101%40AdobeOrg&AQE=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/r20230726/r20110914/elements/html/omrhp.js
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/pCoGBhjs9s8EhFOHJFe8cqis/recaptcha__en.js
Domain
www.spark.co.nz
URL
https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/EX876142b8f7b245af92537e9484959208-libraryCode_source.min.js
Domain
www.spark.co.nz
URL
https://www.spark.co.nz/content/dam/telecomcms/dtm//3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/213308197274656?v=2.9.119&r=stable
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
www.spark.co.nz
URL
https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/RCf8e82d101ba84267b5dc98266fafaf90-source.min.js
Domain
www.spark.co.nz
URL
https://www.spark.co.nz/content/dam/telecomcms/dtm/3ab3370ddaf0/bc5880d35c57/f51c955e9fc9/RC4c6415dc23724b51bb920898afa4963e-source.min.js
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979185687/?random=1690547922409&cv=11&fst=1690547922409&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Xtra%20Mail%20sign%20in%20%7C%20Spark%20NZ&auid=1857017395.1690547863&rfmt=3&fmt=4
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
movipavto.by
URL
https://movipavto.by/content/dam/spark/images/product-images/subscriptions/Netflix/tct-netflix-vas-570x332.jpg
Domain
www.spark.co.nz
URL
https://www.spark.co.nz/content/dam/telecomcms/responsive/icons-svg/shopping-disabled.svg
Domain
movipavto.by
URL
https://movipavto.by/img/script.js
Domain
movipavto.by
URL
https://movipavto.by/login.js
Domain
www.google.com
URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Domain
cdn.gbqofs.com
URL
https://cdn.gbqofs.com/sv/a/detector-bootstrap.min.js
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1715727664469&url=https%3A%2F%2Fmovipavto.by%2Fimg%2FSpark%2520EBill%2520D19042024141402676.html
Domain
www.google.com
URL
https://www.google.com/pagead/1p-conversion/973125260/?random=1888794248&cv=11&fst=1690547919428&bg=ffffff&guid=ON&async=1&gtm=45be37q0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&ref=https%3A%2F%2Fwww.google.com%2F&label=86mBCJXYnbYYEIztgtAD&hn=www.google.com&frm=0&tiba=Xtra%20Mail%20sign%20in%20%7C%20Spark%20NZ&gtm_ee=1&auid=1857017395.1690547863&data=event%3Dconversion&gcp=2&sscte=1&ct_cookie_present=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIlv7jz5-OhgMVbatmAh1V_AtMMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FWh0dHBzOi8vbW92aXBhdnRvLmJ5Lw
Domain
www.google.com
URL
https://www.google.com/pagead/1p-conversion/971021318/?random=2107624487&cv=11&fst=1690547922395&bg=ffffff&guid=ON&async=1&gtm=45He37q0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&ref=https%3A%2F%2Fwww.google.com%2F&label=https%3A%2F%2Fwww.spark.co.nz%2Fxtramail%2Fsignin%2F&hn=www.google.com&frm=0&tiba=Xtra%20Mail%20sign%20in%20%7C%20Spark%20NZ&value=0&auid=1857017395.1690547863&gcp=2&sscte=1&ct_cookie_present=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&eitems=ChAI8JeMsgYQtajsx_PynoNoEh0AhTdjuXXhZObLPXvJoShuAf_zRsWTkSCC7G3BEA&pscrd=IhMI9obmz5-OhgMVzaPYBR1f1QN7MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6FWh0dHBzOi8vbW92aXBhdnRvLmJ5Lw

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spark (Telecommunication)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| EF object| __ql string| path string| host object| scriptTags object| google_tag_manager object| google_tag_data object| dataLayer

8 Cookies

Domain/Path Name / Value
june.takingbackjuly.com/ Name: cg_uuid
Value: caa5bb32d34b472221da02c7637c6cd3
movipavto.by/ Name: PHPSESSID
Value: 17fre44u5rhkbhu02b54sirsj4
movipavto.by/ Name: mc_session_ids[default]
Value: 5bac6d952e591592e618d83cc04c381078f9768d
movipavto.by/ Name: mc_session_ids[multi][0]
Value: 2f2735256721871382a5b0e6eb4b5f6abe650e56
movipavto.by/ Name: mc_session_ids[multi][1]
Value: 7048acd35d526463425fba279b074c5ff5c8c346
movipavto.by/ Name: mc_session_ids[multi][2]
Value: 60617507dbe1e446b953da3c8ee3680aa6c104e9
movipavto.by/ Name: mc_session_ids[multi][3]
Value: 4dc2ef3eccfe60924b8d9569211e9813df2b818b
movipavto.by/ Name: mc_session_ids[multi][4]
Value: 270c98da45c59a551699cc10f04a6a3628ae2e5a

3 Console Messages

Source Level URL
Text
other warning URL: https://movipavto.by/img/Spark%20EBill%20D19042024141402676.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://movipavto.by/content/dam/telecomcms/responsive/icons-svg/shopping-disabled.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://movipavto.by/content/dam/telecomcms/responsive/icons-svg/shopping.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.gbqofs.com
cdn2.gbqofs.com
connect.facebook.net
googleads.g.doubleclick.net
june.takingbackjuly.com
media.tenor.com
movipavto.by
pagead2.googlesyndication.com
px.ads.linkedin.com
sanalytics.spark.co.nz
snap.licdn.com
static.cdn-apple.com
visitor-service-ap-southeast-2.tealiumiq.com
www.everestjs.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.spark.co.nz
cdn.gbqofs.com
connect.facebook.net
googleads.g.doubleclick.net
movipavto.by
pagead2.googlesyndication.com
px.ads.linkedin.com
sanalytics.spark.co.nz
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.spark.co.nz
104.74.33.231
142.250.67.4
146.171.248.36
178.172.165.52
2404:6800:4006:80b::200a
2404:6800:4006:810::2008
2600:1415:11::6848:4631
2600:1415:3800:ff9e::386b
2600:1f18:e8a:cd08:3437:aff5:50c:d298
2606:4700::6812:190d
54.252.45.47
04b1e988d177747bd6c04bca2d8bc857c327c1917dad463d841e50e7e5b5e40f
05b50dff886cf82adaeb4ee3353878c53afdd091f212de66f824a52712bbd459
0bf76c4088cf649aed3322007e1ddd7efb2a62b5c588587c97e689f6f35cc8a8
14fd5488cd35a65a9c8d98f0ac5e97fca338d1a3532179ee3dc92d7e4667c4ce
1615e8ad1240b75ac3b0a3a73442d6055d5015b33356a75c9d4a3e157c77f044
1a4318f8b6d5376f1656e2b00b7ed8705d5799dd2be22378cbc43ca6e4b8f8ce
1ec646367adfa9d202390de7a9b06c95e70d48801fe3f6458ea96a5fe347f7b1
2d600414783c39dfaf4cb3304bbf3d347e0675ed863761263e2cb7dcf46eff70
2d98b01da0724db55fe327b97a09ef64c25598eb8d8194414e63de0e82a20d3d
35160acc270f5c78438eed08fa690c6486ee1dbf9f14eb477d36d7efd4f04c21
367608993b3de1c128fdea2a2b560f14abbe6681dc5b443038e77608135f582c
38529a00acbf801562baceae9dcf6130744572a378985ab3ffb877238dced261
411328f7893c39eb26097fd95a0d3c36d07173f21adb4be81264bef90db58ca3
4589441ac97df1033c946f3403b0199cfb05e8ba3e406e21013d1af6965dd06a
4d5f7a7ec70854ba49ea7d8100fd60dc23cf0b886fe786cfaad737368d5d3da4
4d899b6b03c228edf05bda2e1107e08a20d446fdaad7b4276a936ae75827a7c5
4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f
597577e553630e1a1a757b9a233376cc1c0ea7e590a796b708103f8b077b0631
5a33b1b08faa141fe7a21f91a0f8bd26fb72c4f6ab530de586c1890efed6ff77
620660f45d9afea331852f7c4ef47e924069518bbf332b0fda09568f4f51bccf
64818334dce5c74e9b33612bcefd935d157d4e5d03a1e7f2884a0edf1e6e51b4
6df8cab166b5abbb4a4ff8e8b39f7246ef677afd86fc906c03e8d4ece2248a95
77bbfa0cb24fc3fbd863563814a419f68661054ada740bc501a03bea5d7ce7cc
8093be0e53b5f7c773568135643a55c1e97283e9c0352a78a79061f715b8e19b
82908823fd53d649648fb51f49f1fb701a847310cf51e8c64f3909e242dc4ac9
840b1a2e571f0d10e7abbc33169d7710f9796427eed447dc86f644b004832de4
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
9285513efa9c3d4fd0d12288e2340f5652784341d4777db140e9d5e697699d75
934c1c0474bd19feb129e9137984bc634cb53bd410b491a6b8b27c26383359bd
a468d97017c7c9d0a1a2c3d12d302e213ed8c7c7a0a401588c87b00876c0675f
b360359ffe7d46d32329b6a454b0540e6d34bd444a6f9ecface6663e1cb98aba
b8f61e550cc76f12aaed06f5f92fe359a074f83808b23e3ad4266cbc10df8fa0
c11b977cd2ba3b6c3a1907314f67ccaec9fcdafa813f82f077d6dc71c7b22d99
cf41c230e0e8be878e310aa6b846a0ab4d354f19c879c615113d45ff58dc2577
d65da0384164d3caeeee36b2e8b7b5da42e1183d4575725a3bd05213e786ec55
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e1feb0cfb8121d6c37a4e8797daba314869376e63581c4e5d2ee36039a430a06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0a79f4fd1a6f9f2d5cb69e56a022f403734cd3f2d61d20163248454da26b8a3