urlscan.io logo urlscan.io
SecurityTrails logo

mandrik.1001-lead.com.ua Open in urlscan Pro
2a01:4f8:161:9305::1  Public Scan

Go To Rescan Add Verdict Report
URL: https://mandrik.1001-lead.com.ua/
Submission Tags: falconsandbox
Submission: On November 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 36 HTTP transactions. The main IP is 2a01:4f8:161:9305::1, located in Ehingen, Germany and belongs to HETZNER-AS Hetzner Online GmbH, DE. The main domain is mandrik.1001-lead.com.ua.
TLS certificate: Issued by R10 on October 25th 2024. Valid for: 3 months.
This is the only time mandrik.1001-lead.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2a01:4f8:161:... 24940 (HETZNER-A...)
2 2a00:1450:400... 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 11 2a02:6b8::1:119 13238 (YANDEX YA...)
1 172.217.18.4 15169 (GOOGLE)
2 157.240.253.35 32934 (FACEBOOK)
36 9
14    2a01:4f8:161:9305::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
mandrik.1001-lead.com.ua
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
6    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
11    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
mc.yandex.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
14 1001-lead.com.ua
mandrik.1001-lead.com.ua
921 KB
8 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
4 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
12 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
77 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
78 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
99 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
36 8
Domain Requested by
14 mandrik.1001-lead.com.ua mandrik.1001-lead.com.ua
8 mc.yandex.com 3 redirects mandrik.1001-lead.com.ua
mc.yandex.ru
8 www.youtube.com mandrik.1001-lead.com.ua
www.youtube.com
3 mc.yandex.ru 1 redirects mandrik.1001-lead.com.ua
2 www.facebook.com mandrik.1001-lead.com.ua
2 connect.facebook.net mandrik.1001-lead.com.ua
connect.facebook.net
2 www.googletagmanager.com mandrik.1001-lead.com.ua
www.googletagmanager.com
1 www.google.com www.googletagmanager.com
36 8

This site contains no links.

Subject Issuer Validity Valid
mandrik.1001-lead.com.ua
R10		 2024-10-25 -
2025-01-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-28 -
2024-11-26		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh

This page contains 9 frames:

Primary Page: https://mandrik.1001-lead.com.ua/
Frame ID: 23AB8436B27A3B9341AC7C116E54A69B
Requests: 32 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Y1iHrLmFGkc?si=kFZVtzoMWxNyaWlx
Frame ID: 5F249D888B0308029AC7069B0F65468D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uGX_jiyaihg?si=H3Blv_IA51pLXCT6
Frame ID: E43E65084DB11E5ECDEB854EAC4F5942
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/n8VxQH7Kekg?si=0uJvvhrsh_vkB8r8
Frame ID: F3B36F18BA0553D9ECFEDB6498FC4172
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/bNyzAZlp5_Y?si=CGXgm9dlkZXnvRtR
Frame ID: A4A2067072DCA33B730A71EB0F56A14F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6zMXdtcYAWc?si=ehgCeReUaqbSaB6O
Frame ID: EFFDBC52A1D7D43679EC066864678085
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TscILEQrOQ0?si=8P-5K-mA22PS8Ru_
Frame ID: 897A0D98E6D4F8ED4FF9A0AB013DD712
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmandrik.1001-lead.com.ua
Frame ID: A0B51B7E06818752D60973F516B7AE60
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 53CEE59F959483635D10010F27E7981B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

коптильні Мандрик онлайн

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

36
Requests

94 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

1189 kB
Transfer

2542 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10558.52U6P3nge5iL9XGgWAkXhut9gpxeY2GRVjNiPWyxkeBlBVFUv--awZwqOV2qqfnp.YCZ3J0o4gKYZXdPtBCLWr-zsyC0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10558.z6we6sAGvD0i397W700_1OSICBiAsa0Jy2-gZoBgnSl7wdcXfP75clTuuHA4-_Wcc3uPs7rl5bZQoljlA4eb1HU-f0Yg8vM9XZrYbr6bBghicZYfsUqVhOFf2oeHTmkXwTD1j6bmFd9EyRxdpGLkCcQbr8_nP8RNM7_JM4shLOnV5LUoZoHAlLv8iMynncZIYkJy7KhGZjpizSmGavyFVQdW22mtw67Z18Aodz-f9Kg%2C.k-_BOx03omOuMQ_NNImntGAchfM%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10558.TG6n0cSHgoHJ_LKmvFqAs18qhR37gMLyOy6UezUZBXg0vkCzhPMwFqKXACDrT_2SGZdVwj_Dcqb5cLNMp9tB2oyMuQfQ-oe6gw-D_i4L_edBWW7ab4f9oluShtgjylwkpe7nrCm947tjkG_JjOtTxIUJ_NEWkTAjWa8aAqIg_s21hwIBnCXA_fP0e-kxZuDI1b9QI6a7rHQc6NnI3GC6DQ%2C%2C.ZAdkkLlgFM3PhnnhGTGOpBZDj2U%2C
Request Chain 35
  • https://mc.yandex.com/watch/88814121?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1522%3Acn%3A1%3Adp%3A0%3Als%3A938469377197%3Ahid%3A405480361%3Az%3A60%3Ai%3A20241119143323%3Aet%3A1732023204%3Ac%3A1%3Arn%3A641100217%3Arqn%3A1%3Au%3A173202320445691881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A329%3Awv%3A2%3Ads%3A196%2C24%2C22%2C6%2C0%2C0%2C%2C67%2C6%2C%2C%2C%2C392%3Aco%3A0%3Acpf%3A1%3Ans%3A1732023202853%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732023204%3At%3A%D0%BA%D0%BE%D0%BF%D1%82%D0%B8%D0%BB%D1%8C%D0%BD%D1%96%20%D0%9C%D0%B0%D0%BD%D0%B4%D1%80%D0%B8%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
  • https://mc.yandex.com/watch/88814121/1?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1522%3Acn%3A1%3Adp%3A0%3Als%3A938469377197%3Ahid%3A405480361%3Az%3A60%3Ai%3A20241119143323%3Aet%3A1732023204%3Ac%3A1%3Arn%3A641100217%3Arqn%3A1%3Au%3A173202320445691881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A329%3Awv%3A2%3Ads%3A196%2C24%2C22%2C6%2C0%2C0%2C%2C67%2C6%2C%2C%2C%2C392%3Aco%3A0%3Acpf%3A1%3Ans%3A1732023202853%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732023204%3At%3A%D0%BA%D0%BE%D0%BF%D1%82%D0%B8%D0%BB%D1%8C%D0%BD%D1%96%20%D0%9C%D0%B0%D0%BD%D0%B4%D1%80%D0%B8%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mandrik.1001-lead.com.ua/ 		104 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e02797942fb54acab62b94b86346f672ac1dfe286c72bc347fd6b419febf3644

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 19 Nov 2024 13:33:23 GMT
server
nginx
vary
Accept-Encoding
style.css
mandrik.1001-lead.com.ua/css/ 		278 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/css/style.css
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
6921652fdcc7e6b7c6e3d510977ab399eb5c5ac11db1ecf551f529db72047de9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f6-45848"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
text/css
last-modified
Fri, 25 Oct 2024 05:47:34 GMT
server
nginx
vary
Accept-Encoding
jquery-1.11.0.js
mandrik.1001-lead.com.ua/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/js/jquery-1.11.0.js
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f8-1787f"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 05:47:36 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		289 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-16768009538
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f029d4a9c9df5dbec0ff1acffd97516216c8feff706a5a931190391e0f087700
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 19 Nov 2024 13:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 19 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101077
x-xss-protection
0
server
Google Tag Manager
manager.png
mandrik.1001-lead.com.ua/img/ 		590 KB
590 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandrik.1001-lead.com.ua/img/manager.png
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d263bd8caf4a2ee1fa862a04226b4ac866f2ab970f68c872ef44d81af513a2ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b3102-93754"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:47:46 GMT
server
nginx
vary
Accept-Encoding
lazyload.min.js
mandrik.1001-lead.com.ua/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/js/lazyload.min.js
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f8-2063"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 05:47:36 GMT
server
nginx
vary
Accept-Encoding
quiz.js
mandrik.1001-lead.com.ua/js/ 		255 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/js/quiz.js
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
05b46193f7cf7e0009ba702046799b1a21c96cb071c532bc25c13d254a7b5ceb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f9-3fd47"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 05:47:37 GMT
server
nginx
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OGIX1tn9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-OGIX1tn9' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4434, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
4KFxr6NgJGSlcQhR2bEkqAyHdXTOeOcnboROLg5tdiQB4Uj8SMilBq0xIA735rkQ6rE+i+z4VmL0+LHAuANw4A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62152
x-xss-protection
0
origin-agent-cluster
?1
Y1iHrLmFGkc
www.youtube.com/embed/ Frame 5F24 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/Y1iHrLmFGkc?si=kFZVtzoMWxNyaWlx
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
uGX_jiyaihg
www.youtube.com/embed/ Frame E43E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/uGX_jiyaihg?si=H3Blv_IA51pLXCT6
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
n8VxQH7Kekg
www.youtube.com/embed/ Frame F3B3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/n8VxQH7Kekg?si=0uJvvhrsh_vkB8r8
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
bNyzAZlp5_Y
www.youtube.com/embed/ Frame A4A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/bNyzAZlp5_Y?si=CGXgm9dlkZXnvRtR
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
6zMXdtcYAWc
www.youtube.com/embed/ Frame EFFD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/6zMXdtcYAWc?si=ehgCeReUaqbSaB6O
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
TscILEQrOQ0
www.youtube.com/embed/ Frame 897A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/TscILEQrOQ0?si=8P-5K-mA22PS8Ru_
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 13:33:23 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f87bcf540d08f276f55e69e6b7e89d53e1c6c6e146b9ade57e48a3270708170d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
br
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
x-content-type-options
nosniff
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
expires
Tue, 19 Nov 2024 13:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-security-policy
require-trusted-types-for 'script'
cache-control
private, max-age=0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
x-xss-protection
0
server
ESF
quiz-bg.png
mandrik.1001-lead.com.ua/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandrik.1001-lead.com.ua/img/quiz-bg.png
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
1419283ba190f83d15945517829000534ff3166e64e98084c7bc2d2142c5e590

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b3104-c0ac"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:47:48 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7404383899bb524ccf8b0c1fb42f6298bbb67d82c8d852dbbaa028587d4ad6df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
lines.png
mandrik.1001-lead.com.ua/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandrik.1001-lead.com.ua/img/lines.png
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d4694f3f0ce68cc7a1ea9fe86db649af1d8755b2d169bd4e84e225b2a100d3e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30ff-7d5"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:47:43 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		602 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67a050ef8a9f8111583d0dc36b60d0aaa2177c1cd33ba1a4135f53d1e241380f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		818 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83ef80f40a66e88c1a2901a38026f56bbe08df72b642f7af2c82f55c4b55432b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
arrow.png
mandrik.1001-lead.com.ua/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mandrik.1001-lead.com.ua/img/arrow.png
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
49852267d95d85a26ea96e45a4b18b8dd96b276eb239716c3522aaee6eeedbbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30fa-6a5"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/png
last-modified
Fri, 25 Oct 2024 05:47:38 GMT
server
nginx
vary
Accept-Encoding
Stolzl-Bold.ttf
mandrik.1001-lead.com.ua/fonts/ 		71 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/fonts/Stolzl-Bold.ttf
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
ca1479a1e86f7d0095b9282c4f420afb2b94e00ceb81b5bebb1d682d483b6fc2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mandrik.1001-lead.com.ua
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f7-11bcc"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/octet-stream
last-modified
Fri, 25 Oct 2024 05:47:35 GMT
server
nginx
vary
Accept-Encoding
Stolzl-Regular.ttf
mandrik.1001-lead.com.ua/fonts/ 		74 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/fonts/Stolzl-Regular.ttf
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
5423e91647f0d9a845cd9cfe08fa77e77ceb18c1772126649e46a7f26e322dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mandrik.1001-lead.com.ua
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f9-127a0"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/octet-stream
last-modified
Fri, 25 Oct 2024 05:47:37 GMT
server
nginx
vary
Accept-Encoding
Stolzl-Light.ttf
mandrik.1001-lead.com.ua/fonts/ 		75 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/fonts/Stolzl-Light.ttf
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c7b18236adaa4a4cdd5ef3352ab72688ff27fb0b607620312592038290fc8d01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mandrik.1001-lead.com.ua
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f8-12d50"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/octet-stream
last-modified
Fri, 25 Oct 2024 05:47:36 GMT
server
nginx
vary
Accept-Encoding
Stolzl-Medium.ttf
mandrik.1001-lead.com.ua/fonts/ 		74 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/fonts/Stolzl-Medium.ttf
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
830e71cc0bf99f155e220781bce58e3344a9ba69d60fa56e70c51c1bb7855b27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mandrik.1001-lead.com.ua
Referer
https://mandrik.1001-lead.com.ua/css/style.css

Response headers

cache-control
max-age=2592000
content-encoding
gzip
etag
W/"671b30f8-12608"
expires
Thu, 19 Dec 2024 13:33:23 GMT
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/octet-stream
last-modified
Fri, 25 Oct 2024 05:47:36 GMT
server
nginx
vary
Accept-Encoding
402679482623081
connect.facebook.net/signals/config/ 		84 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/402679482623081?v=2.9.177&r=stable&domain=mandrik.1001-lead.com.ua&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
06e3b4c89a96a8f701af87ae008f9ead9360a5811f1e233514544e81c09086bd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JEkVI2x8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JEkVI2x8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=77, mss=1232, tbw=70990, tp=68, tpl=0, uplat=146, ullat=0
pragma
public
x-fb-debug
cknjNJXBRMF2nuoUinJHieDmfSfHfNBmZy9jGpGLyjYIrcvIEhJWVW5p1j8mSi6BqBkMXRbtH2skM5xM9lgCAw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
tag.js
mc.yandex.ru/metrika/ 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/js/quiz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
0cd15e35de32820b7c93a0c671f4ae5a5b728a07b2fcabcfbc64589ad2fd7d17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"673c65a8-12b5a"
expires
Tue, 19 Nov 2024 14:33:23 GMT
access-control-allow-origin
*
content-length
76634
date
Tue, 19 Nov 2024 13:33:23 GMT
last-modified
Tue, 19 Nov 2024 10:17:12 GMT
content-type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/2d24ba15/www-widgetapi.vflset/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/2d24ba15/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
br
age
1676
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 13:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 13:05:27 GMT
last-modified
Thu, 14 Nov 2024 05:14:16 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
10165
x-xss-protection
0
server
sffe
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1116961394.1732023203&auid=1610422563.1732023203&npa=1&gtm=45be4be0v9199503285za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&tft=1732023203407&tfd=554&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16768009538
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=402679482623081&ev=PageView&dl=https%3A%2F%2Fmandrik.1001-lead.com.ua&rl=&if=false&ts=1732023203442&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.2.1732023203439.358639737403473967&pm=1&hrl=adf27f&ler=empty&cdl=API_unavailable&it=1732023203210&coo=false&cs_cc=1&cas=7766940953343980%2C7491985494170591&rqm=GET
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4510, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=402679482623081&ev=PageView&dl=https%3A%2F%2Fmandrik.1001-lead.com.ua&rl=&if=false&ts=1732023203442&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=12318&fbp=fb.2.1732023203439.358639737403473967&pm=1&hrl=adf27f&ler=empty&cdl=API_unavailable&it=1732023203210&coo=false&cs_cc=1&cas=7766940953343980%2C7491985494170591&rqm=FGET
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7438983014507373373"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7438983014507373373", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
3B8drDa+rwg9FZmsfUm2ZcSnkS2zbfPtIGU4hgOtKmXeKPs3TZc6Kxry4W00iF7JPDmvHIosoc3bmWLL/72Ebg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4878, tp=13, tpl=0, uplat=162, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame A0B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmandrik.1001-lead.com.ua
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16768009538
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
20458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 07:52:25 GMT
expires
Wed, 19 Nov 2025 07:52:25 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10558.52U6P3nge5iL9XGgWAkXhut9gpxeY2GRVjNiPWyxkeBlBVFUv--awZwqOV2qqfnp.YCZ3J0o4gKYZXdPtBCLWr-zsyC0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10558.z6we6sAGvD0i397W700_1OSICBiAsa0Jy2-gZoBgnSl7wdcXfP75clTuuHA4-_Wcc3uPs7rl5bZQoljlA4eb1HU-f0Yg8vM9XZrYbr6bBghicZYfsUqVhOFf2oeHTmkXwTD1j6bmFd...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10558.TG6n0cSHgoHJ_LKmvFqAs18qhR37gMLyOy6UezUZBXg0vkCzhPMwFqKXACDrT_2SGZdVwj_Dcqb5cLNMp9tB2oyMuQfQ-oe6gw-D_i4L_edBW...
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10558.TG6n0cSHgoHJ_LKmvFqAs18qhR37gMLyOy6UezUZBXg0vkCzhPMwFqKXACDrT_2SGZdVwj_Dcqb5cLNMp9tB2oyMuQfQ-oe6gw-D_i4L_edBWW7ab4f9oluShtgjylwkpe7nrCm947tjkG_JjOtTxIUJ_NEWkTAjWa8aAqIg_s21hwIBnCXA_fP0e-kxZuDI1b9QI6a7rHQc6NnI3GC6DQ%2C%2C.ZAdkkLlgFM3PhnnhGTGOpBZDj2U%2C
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Tue, 19 Nov 2024 13:33:23 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10558.TG6n0cSHgoHJ_LKmvFqAs18qhR37gMLyOy6UezUZBXg0vkCzhPMwFqKXACDrT_2SGZdVwj_Dcqb5cLNMp9tB2oyMuQfQ-oe6gw-D_i4L_edBWW7ab4f9oluShtgjylwkpe7nrCm947tjkG_JjOtTxIUJ_NEWkTAjWa8aAqIg_s21hwIBnCXA_fP0e-kxZuDI1b9QI6a7rHQc6NnI3GC6DQ%2C%2C.ZAdkkLlgFM3PhnnhGTGOpBZDj2U%2C
date
Tue, 19 Nov 2024 13:33:23 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"673c65a8-2b"
expires
Tue, 19 Nov 2024 14:33:23 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Tue, 19 Nov 2024 13:33:23 GMT
last-modified
Tue, 19 Nov 2024 10:17:12 GMT
content-type
image/gif
metrika_match.html
mc.yandex.com/metrika/ Frame 53CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://mandrik.1001-lead.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1453
content-type
text/html
date
Tue, 19 Nov 2024 13:33:23 GMT
etag
"673c65a8-5ad"
expires
Tue, 19 Nov 2024 14:33:23 GMT
last-modified
Tue, 19 Nov 2024 10:17:12 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/88814121/
Redirect Chain
  • https://mc.yandex.com/watch/88814121?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.com/watch/88814121/1?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%...
603 B
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/88814121/1?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1522%3Acn%3A1%3Adp%3A0%3Als%3A938469377197%3Ahid%3A405480361%3Az%3A60%3Ai%3A20241119143323%3Aet%3A1732023204%3Ac%3A1%3Arn%3A641100217%3Arqn%3A1%3Au%3A173202320445691881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A329%3Awv%3A2%3Ads%3A196%2C24%2C22%2C6%2C0%2C0%2C%2C67%2C6%2C%2C%2C%2C392%3Aco%3A0%3Acpf%3A1%3Ans%3A1732023202853%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732023204%3At%3A%D0%BA%D0%BE%D0%BF%D1%82%D0%B8%D0%BB%D1%8C%D0%BD%D1%96%20%D0%9C%D0%B0%D0%BD%D0%B4%D1%80%D0%B8%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
Requested by
Host: mandrik.1001-lead.com.ua
URL: https://mandrik.1001-lead.com.ua/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
412a2bc81cfc25631c7715da983034b5d3d74822aef933f31fdab6cafadfb91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Tue, 19-Nov-2024 13:33:23 GMT
access-control-allow-origin
https://mandrik.1001-lead.com.ua
content-length
603
x-xss-protection
1; mode=block
date
Tue, 19 Nov 2024 13:33:23 GMT
last-modified
Tue, 19-Nov-2024 13:33:23 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/88814121/1?wmode=7&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1522%3Acn%3A1%3Adp%3A0%3Als%3A938469377197%3Ahid%3A405480361%3Az%3A60%3Ai%3A20241119143323%3Aet%3A1732023204%3Ac%3A1%3Arn%3A641100217%3Arqn%3A1%3Au%3A173202320445691881%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A329%3Awv%3A2%3Ads%3A196%2C24%2C22%2C6%2C0%2C0%2C%2C67%2C6%2C%2C%2C%2C392%3Aco%3A0%3Acpf%3A1%3Ans%3A1732023202853%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1732023204%3At%3A%D0%BA%D0%BE%D0%BF%D1%82%D0%B8%D0%BB%D1%8C%D0%BD%D1%96%20%D0%9C%D0%B0%D0%BD%D0%B4%D1%80%D0%B8%D0%BA%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 19-Nov-2024 13:33:23 GMT
access-control-allow-origin
https://mandrik.1001-lead.com.ua
date
Tue, 19 Nov 2024 13:33:23 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 19-Nov-2024 13:33:23 GMT
favicon.ico
mandrik.1001-lead.com.ua/img/05/ 		196 B
273 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mandrik.1001-lead.com.ua/img/05/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:161:9305::1 Ehingen, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mandrik.1001-lead.com.ua/

Response headers

content-length
196
date
Tue, 19 Nov 2024 13:33:24 GMT
content-type
text/html; charset=iso-8859-1
server
nginx
88814121
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/88814121?wv-part=1&wv-type=7&wmode=0&wv-hit=405480361&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&rn=248549249&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1732023207%3Aw%3A1600x1200%3Av%3A1522%3Az%3A60%3Ai%3A20241119143326%3Au%3A173202320445691881%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1732023207&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 19-Nov-2024 13:33:26 GMT
access-control-allow-origin
https://mandrik.1001-lead.com.ua
content-length
43
x-xss-protection
1; mode=block
date
Tue, 19 Nov 2024 13:33:26 GMT
last-modified
Tue, 19-Nov-2024 13:33:26 GMT
content-type
image/gif
88814121
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/88814121?wv-part=1&wv-type=7&wmode=0&wv-hit=405480361&page-url=https%3A%2F%2Fmandrik.1001-lead.com.ua%2F&rn=477818173&browser-info=we%3A1%3Aet%3A1732023207%3Aw%3A1600x1200%3Av%3A1522%3Az%3A60%3Ai%3A20241119143326%3Au%3A173202320445691881%3Avf%3A14pwap7gbnl70a58u0m6s2b47zyz%3Ast%3A1732023207&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mandrik.1001-lead.com.ua/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
access-control-allow-credentials
true
expires
Tue, 19-Nov-2024 13:33:26 GMT
access-control-allow-origin
https://mandrik.1001-lead.com.ua
content-length
43
date
Tue, 19 Nov 2024 13:33:26 GMT
x-xss-protection
1; mode=block
last-modified
Tue, 19-Nov-2024 13:33:26 GMT
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| myajaxua function| gtag object| dataLayer function| fbq function| _fbq object| tag object| firstScriptTag object| player function| onYouTubeIframeAPIReady function| onPlayerReady function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| lazyLoadOptions function| $ function| jQuery function| LazyLoad function| get_cookie function| answ_track number| curId function| WOW function| ym function| Carousel function| Fancybox function| Panzoom object| images object| iframes boolean| is_iframe object| rocket_lazy object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data object| Ya object| yaCounter88814121

26 Cookies

Domain/Path Name / Value
.1001-lead.com.ua/ Name: _gcl_au
Value: 1.1.1610422563.1732023203
.youtube.com/ Name: YSC
Value: 0a9HQPKWF84
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: PgXxahp21_k
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgSg%3D%3D
.1001-lead.com.ua/ Name: _fbp
Value: fb.2.1732023203439.358639737403473967
.yandex.ru/ Name: yashr
Value: 5312807661732023203
.1001-lead.com.ua/ Name: _ym_uid
Value: 173202320445691881
.1001-lead.com.ua/ Name: _ym_d
Value: 1732023204
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 4208476885fake
.yandex.com/ Name: i
Value: FG3j4QYvr/IlDJFToXn9C/FmYwFMHFVwD9SOCVAJNDqld6BoaWjSlcfEJt3sDWwDr21iK+tuCv6Awr++KkGFSIkEhJU=
.yandex.com/ Name: yandexuid
Value: 2885238091732023203
.yandex.com/ Name: yashr
Value: 1394520981732023203
.1001-lead.com.ua/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1614083533fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 2885238091732023203
.yandex.ru/ Name: yuidss
Value: 2885238091732023203
.yandex.ru/ Name: i
Value: FG3j4QYvr/IlDJFToXn9C/FmYwFMHFVwD9SOCVAJNDqld6BoaWjSlcfEJt3sDWwDr21iK+tuCv6Awr++KkGFSIkEhJU=
.yandex.ru/ Name: yp
Value: 1732109603.yu.2908320731732023203
.yandex.ru/ Name: ymex
Value: 1734615203.oyu.2908320731732023203
mc.yandex.com/ Name: yabs-sid
Value: 195742691732023203
.yandex.com/ Name: yuidss
Value: 2885238091732023203
.yandex.com/ Name: ymex
Value: 1763559203.yrts.1732023203
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCjp/K5Bg==
.1001-lead.com.ua/ Name: _ym_visorc
Value: w

2 Console Messages

Source Level URL
Text
other warning URL: https://mandrik.1001-lead.com.ua/(Line 442)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://mandrik.1001-lead.com.ua/img/05/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
mandrik.1001-lead.com.ua
mc.yandex.com
mc.yandex.ru
www.facebook.com
www.google.com
www.googletagmanager.com
www.youtube.com
157.240.253.1
157.240.253.35
172.217.18.4
2a00:1450:4001:800::200e
2a00:1450:4001:802::200e
2a00:1450:4001:81c::2008
2a01:4f8:161:9305::1
2a02:6b8::1:119
05b46193f7cf7e0009ba702046799b1a21c96cb071c532bc25c13d254a7b5ceb
06e3b4c89a96a8f701af87ae008f9ead9360a5811f1e233514544e81c09086bd
0cd15e35de32820b7c93a0c671f4ae5a5b728a07b2fcabcfbc64589ad2fd7d17
1419283ba190f83d15945517829000534ff3166e64e98084c7bc2d2142c5e590
14939503c8a97bef459ce94218f0e65933ab569f7b1d726bcb0b3c1031ebccf9
412a2bc81cfc25631c7715da983034b5d3d74822aef933f31fdab6cafadfb91d
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
49852267d95d85a26ea96e45a4b18b8dd96b276eb239716c3522aaee6eeedbbf
5423e91647f0d9a845cd9cfe08fa77e77ceb18c1772126649e46a7f26e322dd3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
67a050ef8a9f8111583d0dc36b60d0aaa2177c1cd33ba1a4135f53d1e241380f
6921652fdcc7e6b7c6e3d510977ab399eb5c5ac11db1ecf551f529db72047de9
7404383899bb524ccf8b0c1fb42f6298bbb67d82c8d852dbbaa028587d4ad6df
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
830e71cc0bf99f155e220781bce58e3344a9ba69d60fa56e70c51c1bb7855b27
83ef80f40a66e88c1a2901a38026f56bbe08df72b642f7af2c82f55c4b55432b
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af2419dd15e09ea913cfe94d130f9870486732e57764e0f02ea3846f204146ee
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c7b18236adaa4a4cdd5ef3352ab72688ff27fb0b607620312592038290fc8d01
ca1479a1e86f7d0095b9282c4f420afb2b94e00ceb81b5bebb1d682d483b6fc2
d263bd8caf4a2ee1fa862a04226b4ac866f2ab970f68c872ef44d81af513a2ba
d4694f3f0ce68cc7a1ea9fe86db649af1d8755b2d169bd4e84e225b2a100d3e7
e02797942fb54acab62b94b86346f672ac1dfe286c72bc347fd6b419febf3644
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f029d4a9c9df5dbec0ff1acffd97516216c8feff706a5a931190391e0f087700
f87bcf540d08f276f55e69e6b7e89d53e1c6c6e146b9ade57e48a3270708170d