poduw-ka.goodsleep.fun Open in urlscan Pro
185.68.16.130  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response poduw-ka.goodsleep.fun/	15 KB 4 KB	575ms 135ms	Document text/html	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 53e16fe01cac99bb2112ffa683f2a885321f8efe00f842f6538dad1db3e78a26 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 4225 content-type text/html; charset=UTF-8 date Fri, 26 Jan 2024 20:07:55 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx vary Accept-Encoding,User-Agent x-ray wnp32838:0.000/wn32838:0.000/wa32838:D=3682
GET H2	200	js Show response www.googletagmanager.com/gtag/	235 KB 81 KB	363ms 77ms	Script application/javascript	142.250.72.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-11481461150 Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f8.1e100.net Software Google Tag Manager / Resource Hash 0950d4d29643cce7cc84a825276d33a34f63ad1a235cc20ac65835cc7304001b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 82662 x-xss-protection 0 last-modified Fri, 26 Jan 2024 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 26 Jan 2024 20:07:55 GMT
GET H2	200	styles.css poduw-ka.goodsleep.fun/files/	23 KB 5 KB	135ms 131ms	Stylesheet text/css	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://poduw-ka.goodsleep.fun/files/styles.css Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 170fd50389274f5d6398ca1c4951fa63dd33cb87475c4b7166223bca5d7589ac Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ content-encoding br last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag W/"64e60624-5cf9" content-type text/css
GET H2	200	IMG_4187.gif poduw-ka.goodsleep.fun/files/	11 MB 11 MB	265ms 262ms	Image image/gif	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/IMG_4187.gif Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 139a967458c157451490c5360ac604b7a959ceab018255a2e2ce69375e0b6a1a Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:13 GMT server nginx etag "64e60625-b00739" content-type image/gif accept-ranges bytes content-length 11536185
GET H2	200	foto.webp poduw-ka.goodsleep.fun/files/	45 KB 45 KB	970ms 967ms	Image image/webp	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/foto.webp Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 28735f887e679f29652a710b6398a667f1d6cce4f92ef1777ec10a12f9b37773 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:13 GMT server nginx etag "64e60625-b2fc" content-type image/webp accept-ranges bytes content-length 45820
GET H2	200	foto_2.webp poduw-ka.goodsleep.fun/files/	47 KB 47 KB	948ms 944ms	Image image/webp	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/foto_2.webp Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 9773ddb2c56caa3ec1233cae2dfe76032c81e90a0fc46b6641a93d602043df0b Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:13 GMT server nginx etag "64e60625-bbc5" content-type image/webp accept-ranges bytes content-length 48069
GET H2	200	foto_3.webp poduw-ka.goodsleep.fun/files/	58 KB 58 KB	948ms 945ms	Image image/webp	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/foto_3.webp Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 5144559511a7f27d15c5c994ba7291a0706a96a570cde86a8f81b4bc85971a9c Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:13 GMT server nginx etag "64e60625-e7c6" content-type image/webp accept-ranges bytes content-length 59334
GET H2	200	ot_1.webp poduw-ka.goodsleep.fun/files/	71 KB 71 KB	947ms 945ms	Image image/webp	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/ot_1.webp Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 731b11e776c4a03da07222a542f4d9eff6ce24c9c65b323baf3515ddbae67d9f Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-11c97" content-type image/webp accept-ranges bytes content-length 72855
GET H2	200	ot_2.webp poduw-ka.goodsleep.fun/files/	52 KB 53 KB	947ms 946ms	Image image/webp	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/ot_2.webp Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash ea8269aa26b7a9ad4e4c39c1427459814b1609d47fe22be2a21a2578b0ebb9c0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-d1b5" content-type image/webp accept-ranges bytes content-length 53685
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	213 KB 57 KB	270ms 29ms	Script application/x-javascript	31.13.71.7 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-lga3.fbcdn.net Software / Resource Hash 4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jan 2024 20:07:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57022 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug Q4FscDURmOCnlnwvc79tY8QVFf3CKb867M6fbkwvw8O24TpHyoNV4vN0TkN/9q4O0Crn9B9bgNPU/sFWVmrPOw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET		Roboto-Light.ttf ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/	0 0
GET		Roboto-LightItalic.ttf ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/	0 0
GET		Roboto-Italic.ttf ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/	0 0
GET		Roboto-BoldItalic.ttf ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/	0 0
GET H2	200	ofr_bull.png poduw-ka.goodsleep.fun/files/	1 KB 2 KB	852ms 851ms	Image image/png	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/ofr_bull.png Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 453f1895d01d5bd080f2454f9ac0cb9b37413c1a801e164fd313009d7ad689ed Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/files/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-589" content-type image/png accept-ranges bytes content-length 1417
GET H2	200	Roboto-Regular.ttf poduw-ka.goodsleep.fun/files/	528 KB 528 KB	838ms 837ms	Font application/octet-stream	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://poduw-ka.goodsleep.fun/files/Roboto-Regular.ttf Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 0150f4bae4082bc57ef1211a2ba7481ddb04788f40c37d03ad0cb4ddd464aa0e Request headers Referer https://poduw-ka.goodsleep.fun/files/styles.css Origin https://poduw-ka.goodsleep.fun accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-83e40" content-type application/octet-stream accept-ranges bytes content-length 540224
GET DATA	200 OK	truncated /	164 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eaab1fc26ce948d70608b7adc50d1392f4077ccee819e07003273a8ca69d07e9 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	patt.png poduw-ka.goodsleep.fun/files/	100 KB 100 KB	834ms 832ms	Image image/png	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/patt.png Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 91af9528ed77dd67dcf40c90361cb648fec2642dc9cea742e9a4927e87ffeedc Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/files/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-18e6d" content-type image/png accept-ranges bytes content-length 101997
GET H2	200	order_icons.png poduw-ka.goodsleep.fun/files/	4 KB 4 KB	834ms 832ms	Image image/png	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Show image Full URL https://poduw-ka.goodsleep.fun/files/order_icons.png Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 409c1895ce7ff852f9c7691215a8e60683be93d5787ebfca71aa8b775bf91f7a Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/files/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-f98" content-type image/png accept-ranges bytes content-length 3992
GET H2	200	Intro.otf poduw-ka.goodsleep.fun/files/	22 KB 22 KB	833ms 832ms	Font application/octet-stream	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://poduw-ka.goodsleep.fun/files/Intro.otf Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 2f49b3642c285ad16682098737f9f951bb6bba97ddd3be57cce6f7e7970d0e2b Request headers Referer https://poduw-ka.goodsleep.fun/files/styles.css Origin https://poduw-ka.goodsleep.fun accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.000/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:13 GMT server nginx etag "64e60625-569c" content-type application/octet-stream accept-ranges bytes content-length 22172
GET H2	200	Roboto-Bold.ttf poduw-ka.goodsleep.fun/files/	527 KB 528 KB	833ms 832ms	Font application/octet-stream	185.68.16.130 UKRAINE-AS
General Check archive.org Show headers Download Go to Full URL https://poduw-ka.goodsleep.fun/files/Roboto-Bold.ttf Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/files/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.68.16.130 , Ukraine, ASN200000 (UKRAINE-AS, UA), Reverse DNS web478.default-host.net Software nginx / Resource Hash 7275da55338c740a1ca60552a4d72f533ad04a977e5d9552b5e5d4cb80649a97 Request headers Referer https://poduw-ka.goodsleep.fun/files/styles.css Origin https://poduw-ka.goodsleep.fun accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Fri, 26 Jan 2024 20:07:55 GMT x-ray wnp32838:0.010/wn32838:0.000/ last-modified Wed, 23 Aug 2023 13:14:12 GMT server nginx etag "64e60624-83d30" content-type application/octet-stream accept-ranges bytes content-length 539952
GET H2	200	700437328574701 Show response connect.facebook.net/signals/config/	53 KB 11 KB	142ms 140ms	Script application/x-javascript	31.13.71.7 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/700437328574701?v=2.9.142&r=stable&domain=poduw-ka.goodsleep.fun&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-lga3.fbcdn.net Software / Resource Hash 165b0e909e537ff7a3462ee3f1dd72429b1523c4aaee587d98fc4c7879954c37 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 26 Jan 2024 20:07:55 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0" pragma public x-fb-debug Gl0fPp3gfxq94WVf5TTqez10QCHDKFYjoHUe5glic3g6mg0xUGmXfHLcZmzw4pBemrg/8A9rmxYZCnJRRiNB2Q== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11481461150/	2 KB 2 KB	110ms 45ms	Script text/javascript	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11481461150/?random=1706299675949&cv=11&fst=1706299675949&bg=ffffff&guid=ON&async=1&gtm=45be41o0v9176032681&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoduw-ka.goodsleep.fun%2F&hn=www.googleadservices.com&frm=0&tiba=%D0%95%D0%9A%D0%A1%D0%9A%D0%9B%D0%AE%D0%97%D0%98%D0%92%D0%9D%D0%90%20%D0%9F%D0%9E%D0%94%D0%A3%D0%A8%D0%9A%D0%90%20%C2%AB%D0%95%D0%9A%D0%9E%C2%BB%20%D0%97%20%D0%A7%D0%9E%D0%A5%D0%9B%D0%9E%D0%9C%20%D0%97%D0%86%20100%25%20%D0%91%D0%90%D0%92%D0%9E%D0%92%D0%9D&pscdl=noapi&auid=51959736.1706299676&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-11481461150 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software cafe / Resource Hash c4dd01038cdc86af102cce4d43f79036922c40d6fa117d2902c226d99e4ff104 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Fri, 26 Jan 2024 20:07:56 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1331 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	92ms 24ms	Image text/plain	31.13.71.36 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=700437328574701&ev=PageView&dl=https%3A%2F%2Fpoduw-ka.goodsleep.fun%2F&rl=&if=false&ts=1706299676061&sw=1600&sh=1200&v=2.9.142&r=stable&ec=0&o=4126&fbp=fb.1.1706299676057.286086943&ler=empty&it=1706299675804&coo=false&exp=d3&rqm=GET Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-lga3.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 26 Jan 2024 20:07:56 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.google.com/pagead/1p-user-list/11481461150/	42 B 455 B	122ms 59ms	Image image/gif	142.250.80.4 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11481461150/?random=1706299675949&cv=11&fst=1706299200000&bg=ffffff&guid=ON&async=1&gtm=45be41o0v9176032681&u_w=1600&u_h=1200&url=https%3A%2F%2Fpoduw-ka.goodsleep.fun%2F&frm=0&tiba=%D0%95%D0%9A%D0%A1%D0%9A%D0%9B%D0%AE%D0%97%D0%98%D0%92%D0%9D%D0%90%20%D0%9F%D0%9E%D0%94%D0%A3%D0%A8%D0%9A%D0%90%20%C2%AB%D0%95%D0%9A%D0%9E%C2%BB%20%D0%97%20%D0%A7%D0%9E%D0%A5%D0%9B%D0%9E%D0%9C%20%D0%97%D0%86%20100%25%20%D0%91%D0%90%D0%92%D0%9E%D0%92%D0%9D&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_28ogfUVzJjMu_zii3JiqpbtoozApfQ&random=3625228578&rmt_tld=0&ipr=y Requested by Host: poduw-ka.goodsleep.fun URL: https://poduw-ka.goodsleep.fun/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.80.4 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s33-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://poduw-ka.goodsleep.fun/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Fri, 26 Jan 2024 20:07:56 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ledlent.xcartpro.com

URL

http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-Light.ttf

Domain

ledlent.xcartpro.com

URL

http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-LightItalic.ttf

Domain

ledlent.xcartpro.com

URL

http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-Italic.ttf

Domain

ledlent.xcartpro.com

URL

http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-BoldItalic.ttf

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| google_tag_data object| GooglebQhCsO

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			poduw-ka.goodsleep.fun/	1969-12-31 23:59:59	Name: PHPSESSID Value: 83309ae8e99b6befd60c2c908d90da33
			.goodsleep.fun/	1970-01-20 20:07:55	Name: _gcl_au Value: 1.1.51959736.1706299676
			.goodsleep.fun/	1970-01-20 20:07:55	Name: _fbp Value: fb.1.1706299676057.286086943
			.doubleclick.net/	1970-01-20 17:58:20	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://poduw-ka.goodsleep.fun/ Message: Mixed Content: The page at 'https://poduw-ka.goodsleep.fun/' was loaded over HTTPS, but requested an insecure font 'http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-Light.ttf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://poduw-ka.goodsleep.fun/ Message: Mixed Content: The page at 'https://poduw-ka.goodsleep.fun/' was loaded over HTTPS, but requested an insecure font 'http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-LightItalic.ttf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://poduw-ka.goodsleep.fun/ Message: Mixed Content: The page at 'https://poduw-ka.goodsleep.fun/' was loaded over HTTPS, but requested an insecure font 'http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-Italic.ttf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://poduw-ka.goodsleep.fun/ Message: Mixed Content: The page at 'https://poduw-ka.goodsleep.fun/' was loaded over HTTPS, but requested an insecure font 'http://ledlent.xcartpro.com/https@alt-trend.com.ua/LED_lenta/fonts/Roboto-BoldItalic.ttf'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://connect.facebook.net/signals/config/700437328574701?v=2.9.142&r=stable&domain=poduw-ka.goodsleep.fun&hme=e82209ddce2f5ef9f00773b102465283e977acad712d554991b839c35823b905&ex_m=62%2C103%2C91%2C95%2C53%2C3%2C87%2C61%2C14%2C85%2C78%2C44%2C46%2C145%2C148%2C159%2C155%2C156%2C158%2C25%2C88%2C45%2C68%2C157%2C140%2C143%2C152%2C153%2C160%2C112%2C13%2C43%2C164%2C163%2C114%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C82%2C15%2C12%2C84%2C81%2C80%2C92%2C94%2C31%2C93%2C26%2C22%2C141%2C144%2C121%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C89%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C79%2C72%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C83%2C75%2C2%2C30%2C55%2C34%2C90%2C38%2C70%2C60%2C40%2C39%2C96%2C52%2C51%2C27%2C86%2C50%2C47%2C42%2C69%2C64%2C97(Line 95) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
googleads.g.doubleclick.net
ledlent.xcartpro.com
poduw-ka.goodsleep.fun
www.facebook.com
www.google.com
www.googletagmanager.com
ledlent.xcartpro.com
142.250.72.104
142.250.80.34
142.250.80.4
185.68.16.130
31.13.71.36
31.13.71.7
0150f4bae4082bc57ef1211a2ba7481ddb04788f40c37d03ad0cb4ddd464aa0e
0950d4d29643cce7cc84a825276d33a34f63ad1a235cc20ac65835cc7304001b
139a967458c157451490c5360ac604b7a959ceab018255a2e2ce69375e0b6a1a
165b0e909e537ff7a3462ee3f1dd72429b1523c4aaee587d98fc4c7879954c37
170fd50389274f5d6398ca1c4951fa63dd33cb87475c4b7166223bca5d7589ac
28735f887e679f29652a710b6398a667f1d6cce4f92ef1777ec10a12f9b37773
2f49b3642c285ad16682098737f9f951bb6bba97ddd3be57cce6f7e7970d0e2b
409c1895ce7ff852f9c7691215a8e60683be93d5787ebfca71aa8b775bf91f7a
4101e4fa9bdc7ecb354caf1649d251f838a10b437009900ecc30321fe472b154
453f1895d01d5bd080f2454f9ac0cb9b37413c1a801e164fd313009d7ad689ed
5144559511a7f27d15c5c994ba7291a0706a96a570cde86a8f81b4bc85971a9c
53e16fe01cac99bb2112ffa683f2a885321f8efe00f842f6538dad1db3e78a26
7275da55338c740a1ca60552a4d72f533ad04a977e5d9552b5e5d4cb80649a97
731b11e776c4a03da07222a542f4d9eff6ce24c9c65b323baf3515ddbae67d9f
91af9528ed77dd67dcf40c90361cb648fec2642dc9cea742e9a4927e87ffeedc
9773ddb2c56caa3ec1233cae2dfe76032c81e90a0fc46b6641a93d602043df0b
c4dd01038cdc86af102cce4d43f79036922c40d6fa117d2902c226d99e4ff104
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8269aa26b7a9ad4e4c39c1427459814b1609d47fe22be2a21a2578b0ebb9c0
eaab1fc26ce948d70608b7adc50d1392f4077ccee819e07003273a8ca69d07e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629