Submitted URL: http://blogs.korrespondent.net/
Effective URL: https://blogs.korrespondent.net/
Submission: On October 31 via manual from PL

Summary

This website contacted 31 IPs in 9 countries across 24 domains to perform 129 HTTP transactions. The main IP is 193.29.200.159, located in Ukraine and belongs to UMHAS, UA. The main domain is blogs.korrespondent.net.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on September 5th 2018. Valid for: a year.
This is the only time blogs.korrespondent.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 193.29.200.159 197203 (UMHAS)
24 193.29.200.151 197203 (UMHAS)
2 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.26 43405 (DIGITAL-V...)
23 193.29.200.157 197203 (UMHAS)
2 193.29.200.140 197203 (UMHAS)
1 3 88.212.196.75 39134 (UNITEDNET)
2 5 193.239.68.97 39468 (BIGMIR-IN...)
2 142.93.104.37 14061 (DIGITALOC...)
2 185.187.81.35 43332 (IDSTRATEG...)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 91.198.36.16 43405 (DIGITAL-V...)
2 194.247.175.23 196831 (BEMOBILE-AS)
1 194.247.175.22 196831 (BEMOBILE-AS)
10 91.198.36.35 43405 (DIGITAL-V...)
1 4 149.202.199.193 16276 (OVH)
1 108.177.15.155 15169 (GOOGLE)
3 188.40.118.169 24940 (HETZNER-AS)
1 188.40.114.5 24940 (HETZNER-AS)
10 212.8.250.83 49981 (WORLDSTREAM)
4 91.198.36.71 43405 (DIGITAL-V...)
1 1 37.18.16.16 205675 (HYBRID-AS)
1 35.176.104.254 16509 (AMAZON-02)
1 2 144.76.85.254 24940 (HETZNER-AS)
9 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.76 43405 (DIGITAL-V...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 91.198.36.60 43405 (DIGITAL-V...)
1 2a00:1450:400... 15169 (GOOGLE)
129 31
Domain Requested by
23 kor.ill.in.ua blogs.korrespondent.net
11 csskor.ill.in.ua blogs.korrespondent.net
jskor.ill.in.ua
10 ad.mediawayss.com h.holder.com.ua
ad.mediawayss.com
blogs.korrespondent.net
10 h.holder.com.ua i.holder.com.ua
9 jskor.ill.in.ua blogs.korrespondent.net
7 blogs.korrespondent.net 1 redirects blogs.korrespondent.net
jskor.ill.in.ua
5 pagead2.googlesyndication.com ad.mediawayss.com
pagead2.googlesyndication.com
5 c.bigmir.net 2 redirects blogs.korrespondent.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 imasdk.googleapis.com blogs.korrespondent.net
imasdk.googleapis.com
4 u.holder.com.ua blogs.korrespondent.net
4 tt.onthe.io cdn.onthe.io
4 gaua.hit.gemius.pl 1 redirects blogs.korrespondent.net
gaua.hit.gemius.pl
4 www.google-analytics.com www.googletagmanager.com
blogs.korrespondent.net
4 id.korrespondent.net blogs.korrespondent.net
jskor.ill.in.ua
id.korrespondent.net
3 r.i.ua 2 redirects blogs.korrespondent.net
3 counter.yadro.ru 1 redirects blogs.korrespondent.net
2 x01.aidata.io 1 redirects blogs.korrespondent.net
2 source.mmi.bemobile.ua blogs.korrespondent.net
h.holder.com.ua
2 cdn.onthe.io blogs.korrespondent.net
cdn.onthe.io
2 ui.ill.in.ua blogs.korrespondent.net
2 www.googletagmanager.com blogs.korrespondent.net
1 s0.2mdn.net imasdk.googleapis.com
1 t.holder.com.ua i.mediatraffic.com.ua
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 i.mediatraffic.com.ua i.holder.com.ua
1 pixel.quantserve.com blogs.korrespondent.net
1 dm.hybrid.ai 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 juke.mmi.bemobile.ua blogs.korrespondent.net
1 n7-r1d2.zmctrack.net blogs.korrespondent.net
1 s.zmctrack.net blogs.korrespondent.net
1 i.holder.com.ua blogs.korrespondent.net
0 pa.tns-ua.com Failed source.mmi.bemobile.ua
129 35
Subject Issuer Validity Valid
*.korrespondent.net
COMODO RSA Domain Validation Secure Server CA
2018-09-05 -
2019-09-12
a year crt.sh
*.ill.in.ua
COMODO RSA Domain Validation Secure Server CA
2018-09-05 -
2019-09-13
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
i.holder.com.ua
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
video.kp.ua
Let's Encrypt Authority X3
2018-09-11 -
2018-12-10
3 months crt.sh
counter.yadro.ru
COMODO ECC Domain Validation Secure Server CA
2018-04-09 -
2020-04-08
2 years crt.sh
c.bigmir.net
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
*.onthe.io
COMODO RSA Domain Validation Secure Server CA
2018-03-28 -
2019-03-28
a year crt.sh
*.zmctrack.net
COMODO RSA Domain Validation Secure Server CA
2018-05-17 -
2019-05-17
a year crt.sh
i.ua
Let's Encrypt Authority X3
2018-08-30 -
2018-11-28
3 months crt.sh
*.mmi.bemobile.ua
COMODO RSA Domain Validation Secure Server CA
2017-02-22 -
2020-02-22
3 years crt.sh
h.holder.com.ua
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
*.hit.gemius.pl
COMODO ECC Domain Validation Secure Server CA
2017-09-25 -
2019-09-25
2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-10-09 -
2019-01-01
3 months crt.sh
ad.mox.tv
Let's Encrypt Authority X3
2018-08-25 -
2018-11-23
3 months crt.sh
u.holder.com.ua
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2018-10-16 -
2019-10-21
a year crt.sh
my.aidata.me
COMODO RSA Domain Validation Secure Server CA
2018-03-12 -
2019-03-18
a year crt.sh
mediatraffic.com.ua
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
*.googleapis.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh
t.holder.com.ua
Let's Encrypt Authority X3
2018-10-12 -
2019-01-10
3 months crt.sh
*.doubleclick.net
Google Internet Authority G3
2018-10-16 -
2019-01-08
3 months crt.sh

This page contains 10 frames:

Primary Page: https://blogs.korrespondent.net/
Frame ID: A365194B056B7D3A1D3A5DA172A38FD1
Requests: 121 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 213761A962F2520366EF6FA32F84F617
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Frame ID: 9982C0BDC1DE5B430D1299C6E075970C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/zrt_lookup.html
Frame ID: A16F426A6322AE2119710B50BA941724
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6864402317197092&output=html&h=600&slotname=2988931930%2F7652062349&adk=3518481253&adf=753349488&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&wgl=1&adsid=NT&dt=1540988455580&bpp=13&bdt=1237&fdt=74&idt=63&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&correlator=4448458882578&frm=20&pv=2&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=79&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=196&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=125609806&ifi=1&fsb=1&xpc=OKQJOesTJ1&p=https%3A//blogs.korrespondent.net&dtd=113
Frame ID: 0AFC8195C5C9538F162E7C9BA7BDCDD8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/zrt_lookup.html
Frame ID: 799111F696A4E6AFF0C126D9D8687563
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6864402317197092&output=html&h=250&slotname=2988931930&adk=2067130985&adf=2854619069&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1540988455594&bpp=5&bdt=1251&fdt=180&idt=49&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x600&correlator=4448458882578&frm=20&pv=1&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=1627&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2288425002&ifi=2&fsb=1&xpc=ulMrZeBv3K&p=https%3A//blogs.korrespondent.net&dtd=185
Frame ID: 0E8AEAB7EF1752C2836781DC94895580
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Frame ID: 47BA59A5F9FA49828BF9FC85472F6C06
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Frame ID: EB32BF9A3DA90F6071760873884E6927
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Frame ID: 982149E2460B12969AD6E9A768B794B4
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://blogs.korrespondent.net/ HTTP 301
    https://blogs.korrespondent.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /2mdn\.net/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • script /2mdn\.net/i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

129
Requests

98 %
HTTPS

23 %
IPv6

24
Domains

35
Subdomains

31
IPs

9
Countries

1065 kB
Transfer

2650 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blogs.korrespondent.net/ HTTP 301
    https://blogs.korrespondent.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054 HTTP 302
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054
Request Chain 91
  • https://gaua.hit.gemius.pl/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=o9gshnukx1cT9lCobrGA.9q.GHK5L1d1bxV9ETitdY7.J7&vis=1 HTTP 301
  • https://gaua.hit.gemius.pl/__/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=o9gshnukx1cT9lCobrGA.9q.GHK5L1d1bxV9ETitdY7.J7&vis=1
Request Chain 96
  • https://r.i.ua/c?uf86065195bd99e26&r0.48896395563340356 HTTP 302
  • https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Request Chain 97
  • https://c.bigmir.net/?zf86065195bd99e26&r0.9609471186150387 HTTP 302
  • https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26
Request Chain 99
  • https://dm.hybrid.ai/match?id=122&vid=514f52ba-2a67-4b73-8912-ece8cd1d18d0 HTTP 302
  • https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Request Chain 100
  • https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0&bounce=1
Request Chain 107
  • https://r.i.ua/c?uf86065195bd99e26&r0.13545165336328524 HTTP 302
  • https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Request Chain 108
  • https://c.bigmir.net/?zf86065195bd99e26&r0.5798939246519492 HTTP 302
  • https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26

129 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blogs.korrespondent.net/
Redirect Chain
  • http://blogs.korrespondent.net/
  • https://blogs.korrespondent.net/
105 KB
30 KB
Document
General
Full URL
https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a77f56027b80197b669c7ffc7ab0411a9a147953f1e1cd3e8bcd2225f43f5eac

Request headers

:method
GET
:authority
blogs.korrespondent.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
cache-control
private
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
set-cookie
dcw=44; domain=.korrespondent.net; expires=Thu, 31-Oct-2019 12:20:54 GMT; path=/
x-powered-by
ASP.NET
date
Wed, 31 Oct 2018 12:20:53 GMT
content-length
30744

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://blogs.korrespondent.net/
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Date
Wed, 31 Oct 2018 12:20:53 GMT
Content-Length
223
index.min.css
csskor.ill.in.ua/css/
187 KB
30 KB
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e42e9b80c3498d277962ffe3c3d3f3ae462ea24633a070a11a7316bd1f0cd550

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"8028287d5270d41:0"
last-modified
Tue, 30 Oct 2018 13:14:29 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
30279
responsive.min.css
csskor.ill.in.ua/css/
28 KB
5 KB
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/responsive.min.css?v=1.1.2
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
20958d60ba94baade48dee467b74d121dc53b9cae769afa89066c8397b04ae8d

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"035445d5170d41:0"
last-modified
Tue, 30 Oct 2018 13:06:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5171
admin.css
csskor.ill.in.ua/css/
3 KB
936 B
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/admin.css?v=1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
855
adv.css
csskor.ill.in.ua/css/
2 KB
603 B
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/adv.css?v=1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0dce73f2e70cf1:0"
last-modified
Thu, 15 May 2014 11:10:16 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
560
jquery-ui-1.9.2.custom.css
csskor.ill.in.ua/css/jq/ui/smoothness/
31 KB
6 KB
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/jq/ui/smoothness/jquery-ui-1.9.2.custom.css
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"066d961b32cf1:0"
last-modified
Tue, 25 Feb 2014 11:20:28 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
6146
royalslider.min.css
csskor.ill.in.ua/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/royalslider.min.css?v=1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0b82a90356dd41:0"
last-modified
Fri, 26 Oct 2018 14:09:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2594
elections.css
csskor.ill.in.ua/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://csskor.ill.in.ua/css/elections.css
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0c5215929f2cf1:0"
last-modified
Mon, 27 Oct 2014 21:02:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2480
js
www.googletagmanager.com/gtag/
83 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
e1f197241b0d9bef34ee8467f60ce8ebdf5b13bf24985ce84db780ce31f1f1e2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
30178
x-xss-protection
1; mode=block
expires
Wed, 31 Oct 2018 12:20:54 GMT
jquery.min.js
jskor.ill.in.ua/js/jq/
125 KB
39 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/jq/jquery.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
39559
jquery.lazyload.mini.js
jskor.ill.in.ua/js/jq/
4 KB
943 B
Script
General
Full URL
https://jskor.ill.in.ua/js/jq/jquery.lazyload.mini.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
901
jquery.tmpl.min.js
jskor.ill.in.ua/js/jq/
6 KB
3 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/jq/jquery.tmpl.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2804
scrollable.js
jskor.ill.in.ua/js/jq/
5 KB
2 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/jq/scrollable.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0a5952db3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:46 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
2214
menu.js
jskor.ill.in.ua/js/modules/
9 KB
2 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/modules/menu.js?v=2
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1610
profile.js
id.korrespondent.net/js/
6 KB
2 KB
Script
General
Full URL
https://id.korrespondent.net/js/profile.js?v=3
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794

Request headers

:path
/js/profile.js?v=3
pragma
no-cache
cookie
dcw=44
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
id.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"805bc4c505fd41:0"
last-modified
Mon, 08 Oct 2018 21:45:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
accept-ranges
bytes
content-length
1803
common.min.js
jskor.ill.in.ua/js/
4 KB
1 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/common.min.js?v=1.3.4
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aa883b0e82d512ed03265228ed7b398c8f6f0c2cc2261bb66daf6f559dff1b1b

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"809742a0356dd41:0"
last-modified
Fri, 26 Oct 2018 14:10:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
1421
dropdown.min.js
jskor.ill.in.ua/js/
2 KB
942 B
Script
General
Full URL
https://jskor.ill.in.ua/js/dropdown.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"078642cb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:44 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
900
select.min.js
jskor.ill.in.ua/js/
14 KB
4 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/select.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
4138
jquery.royalslider.min.js
jskor.ill.in.ua/js/
50 KB
16 KB
Script
General
Full URL
https://jskor.ill.in.ua/js/jquery.royalslider.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
etag
"0d2c62eb3efcf1:0"
last-modified
Fri, 24 Oct 2014 17:51:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
16792
holder.js
i.holder.com.ua/t/
9 KB
4 KB
Script
General
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Thu, 31 Oct 2019 12:20:54 GMT
logo_reporter.png
blogs.korrespondent.net/i/
6 KB
6 KB
Image
General
Full URL
https://blogs.korrespondent.net/i/logo_reporter.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f9c37b174d2623fb31ea7f688f2c8205c2fd7c104c4d0daa270048a52e8c3413

Request headers

:path
/i/logo_reporter.png
pragma
no-cache
cookie
dcw=44
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blogs.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:53 GMT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"aaae948369dbd11:0"
content-type
image/png
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5904
2221621.jpg
kor.ill.in.ua/m/400x253/
36 KB
36 KB
Image
General
Full URL
https://kor.ill.in.ua/m/400x253/2221621.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8ca45353f62819e14bf59932d13b2b6307b654748bd2c42cfd7181b7cd783a6e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 31 Oct 2018 10:36:08 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
37068
expires
Wed, 31 Oct 2018 12:21:39 GMT
2148048.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/2148048.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
66131f9daf098d804c43a7b58c5979e263e752c426280513aad3ca4db2168322

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 07 May 2018 14:13:36 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2213
expires
Wed, 31 Oct 2018 12:21:39 GMT
2221567.jpg
kor.ill.in.ua/m/190x120/
10 KB
10 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2221567.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d39119e60d9d2b6c6033d75e27ede343201ebc66ea1af181c13f757e32ff886d

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 31 Oct 2018 08:43:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
10671
expires
Wed, 31 Oct 2018 12:21:39 GMT
2221322.jpg
kor.ill.in.ua/m/190x120/
15 KB
15 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2221322.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d94ecdbab1c769688e0fd828fceb10d42028798aa2107336136b362a2dea762a

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 30 Oct 2018 14:54:30 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
15449
expires
Wed, 31 Oct 2018 12:21:39 GMT
2221226.jpg
kor.ill.in.ua/m/190x120/
7 KB
7 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2221226.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1728d7dd6ce83992a13bc75b19c0b4fa9cc3a1a45a7ce636f63c073b33c7c77a

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 30 Oct 2018 12:36:34 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
7031
expires
Wed, 31 Oct 2018 12:21:39 GMT
2221165.jpg
kor.ill.in.ua/m/190x120/
8 KB
8 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2221165.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2d16d454b7613d55bdbdca8a19cc581ab3c145535e888e3f2761466acc82d42e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 30 Oct 2018 10:17:43 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
7937
expires
Wed, 31 Oct 2018 12:21:39 GMT
2220846.jpg
kor.ill.in.ua/m/190x120/
15 KB
15 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2220846.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2b73d84a49a4dd2d7caa6efb7c0f1bd4b650e6e1d9078e31df570717ee33f472

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 29 Oct 2018 14:26:20 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
15491
expires
Wed, 31 Oct 2018 12:21:39 GMT
2220689.jpg
kor.ill.in.ua/m/190x120/
10 KB
10 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2220689.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
45a1fd799e5c4912222696cc2e09dc1b8c7f41fcd8abe43610f2fc5dd158a8a0

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 29 Oct 2018 09:36:58 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
10500
expires
Wed, 31 Oct 2018 12:21:39 GMT
2220628.jpg
kor.ill.in.ua/m/190x120/
10 KB
10 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2220628.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b724fe620189e9f518d154fc4c8914a94f5e27da50c6499cc9a7803a27293abc

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 29 Oct 2018 07:28:15 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
10657
expires
Wed, 31 Oct 2018 12:21:39 GMT
2220447.jpg
kor.ill.in.ua/m/190x120/
13 KB
14 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2220447.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
61fc3e8c06dfd1b34729126d42997cc3e2d60cf2079f80d44fb37f690c1fd001

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Sun, 28 Oct 2018 12:14:34 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
13771
expires
Wed, 31 Oct 2018 12:21:39 GMT
2220054.jpg
kor.ill.in.ua/m/190x120/
12 KB
12 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2220054.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
12848c2b3d3d378239a3fe1666be847e6c2be24a254f8f6d3e6b6e8f9af0b28e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Sat, 27 Oct 2018 05:14:09 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
12683
expires
Wed, 31 Oct 2018 12:21:39 GMT
2219718.jpg
kor.ill.in.ua/m/190x120/
13 KB
13 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2219718.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f711400ad338ab74bb7db15e4775e6e78ecfa03175c6e2d1093c8df027dfdb87

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Fri, 26 Oct 2018 12:42:35 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
13328
expires
Wed, 31 Oct 2018 12:21:39 GMT
2219643.jpg
kor.ill.in.ua/m/190x120/
13 KB
13 KB
Image
General
Full URL
https://kor.ill.in.ua/m/190x120/2219643.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a6c00e19564e6ca3db0e80f4f3fcac3eee635edd0f928a74d9ecd2de9e199d51

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Fri, 26 Oct 2018 10:39:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
12872
expires
Wed, 31 Oct 2018 12:21:39 GMT
blank.gif
blogs.korrespondent.net/i/
45 B
85 B
Image
General
Full URL
https://blogs.korrespondent.net/i/blank.gif
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831

Request headers

:path
/i/blank.gif
pragma
no-cache
cookie
dcw=44
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blogs.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f5e98f8369dbd11:0"
content-type
image/gif
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
45
ajax.gif
blogs.korrespondent.net/i/
5 KB
5 KB
Image
General
Full URL
https://blogs.korrespondent.net/i/ajax.gif
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4

Request headers

:path
/i/ajax.gif
pragma
no-cache
cookie
dcw=44
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blogs.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"f5e98f8369dbd11:0"
content-type
image/gif
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
5483
2156379.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/2156379.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
332f43e473358e7de6cc9782387c642f5a3035ab5752257f233253c42c856061

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Fri, 21 Sep 2018 21:07:37 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2378
expires
Wed, 31 Oct 2018 12:21:39 GMT
2064017.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/2064017.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ad462eddcccc7cbafe8273736430bf510d374f46fd375bef22648872e9b010ec

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Fri, 23 Feb 2018 21:31:22 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2315
expires
Wed, 31 Oct 2018 12:21:39 GMT
2093673.png
kor.ill.in.ua/m/50x50/
6 KB
6 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/2093673.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
39003dfb375df483b7b0fe29a158da0badd046ee000083ea23a0bb8dd2f6f58d

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 13 Aug 2018 19:26:35 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/png
status
200
cache-control
public
content-length
6089
expires
Wed, 31 Oct 2018 12:21:39 GMT
833568.jpg
kor.ill.in.ua/m/50x50/
2 KB
3 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/833568.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1bbc88bc5a2f85068de34d0a9e01ad9f4239e4d5f273c4c3ad2eca084a9499d

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 17 Apr 2018 09:16:14 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2499
expires
Wed, 31 Oct 2018 12:21:39 GMT
2075140.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/2075140.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7f73686ff6c8114dc05894b4d88ca7a2f21e0f958636ec25c652705620a4a021

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 31 Oct 2017 13:24:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
1633
expires
Wed, 31 Oct 2018 12:21:39 GMT
834637.png
kor.ill.in.ua/m/50x50/
7 KB
7 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/834637.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
56edf6dc437d8c8712d4ac9a101dad5e1caa6c6f5bfc962533a6991621feb524

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Sat, 26 Oct 2013 18:08:43 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/png
status
200
cache-control
public
content-length
7013
expires
Wed, 31 Oct 2018 12:21:39 GMT
1958436.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/1958436.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e381f2dab671d40e9cdabf802fed460b42105a0ea5d273d80321d392c1dcb5ed

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 26 Jul 2017 07:58:52 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
1917
expires
Wed, 31 Oct 2018 12:21:39 GMT
1912582.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/1912582.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3a52399b04575c63bcd7c2b32c03bd42021fec776be4e29d7edc874d0392733e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Thu, 17 Aug 2017 08:54:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2465
expires
Wed, 31 Oct 2018 12:20:56 GMT
1447487.jpg
kor.ill.in.ua/m/50x50/
2 KB
2 KB
Image
General
Full URL
https://kor.ill.in.ua/m/50x50/1447487.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ea55eb40046339083542cdf078df2d2e1abaf7ff90e639ebdecf735bfea0f6bc

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Tue, 17 Jun 2014 15:32:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
2479
expires
Wed, 31 Oct 2018 12:21:39 GMT
groupsites.js
ui.ill.in.ua/s/
5 KB
2 KB
Script
General
Full URL
https://ui.ill.in.ua/s/groupsites.js?site=korrespondent.net
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
193.29.200.140 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
00af1375775e2ad4d46890b35fa39c974750a582b2839dd686210e0e0958b7e8

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:53 GMT
Content-Encoding
gzip
ETag
"da4e60d3e41d41:0"
Last-Modified
Fri, 31 Aug 2018 15:19:46 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public, max-age=31536
Accept-Ranges
bytes
Content-Length
1957
2219011.jpg
kor.ill.in.ua/m/86x115/
8 KB
8 KB
Image
General
Full URL
https://kor.ill.in.ua/m/86x115/2219011.jpg
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.157 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
21926e8d3c76d9f5d443831870af9165b9a75e511b0dd64a7003582e3ae2e320

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 29 Oct 2018 14:11:49 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-type
image/jpeg
status
200
cache-control
public
content-length
7989
expires
Wed, 31 Oct 2018 12:21:09 GMT
logo
counter.yadro.ru/
111 B
342 B
Image
General
Full URL
https://counter.yadro.ru/logo?26.6
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.196.75 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host45.rax.ru
Software
nginx/1.11.1 /
Resource Hash
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:54 GMT
Server
nginx/1.11.1
Content-Type
image/gif
Cache-control
no-cache
Connection
keep-alive
Content-Length
111
Expires
Mon, 30 Oct 2017 21:00:00 GMT
/
c.bigmir.net/
367 B
622 B
Image
General
Full URL
https://c.bigmir.net/?s50&t38&l1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
f2851894b41d9efb652f26f2b1c888f458a11c872134a98cb0c7a3347d976412

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
io.js
cdn.onthe.io/
143 KB
44 KB
Script
General
Full URL
https://cdn.onthe.io/io.js?cDAoQ1NjFMsC
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.104.37 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7055b4d2b922c37cd1d4e92641c3c752abbdb2a6a0f5d2c949f16e3fc5b0b8e9

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Aug 2018 09:02:16 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5b83be18-23a19"
Transfer-Encoding
chunked
X-Hostname
cdn-eu-3
Content-Type
text/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Expires
Thu, 01 Nov 2018 09:05:34 GMT
z
s.zmctrack.net/ Frame 2137
656 B
903 B
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
8dd1202f5b8a426e5cc4946492e0423eb9814d0996de98f7836af83c3a26ed70

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://blogs.korrespondent.net
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
server
nginx
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check
cache-control
no-cache, no-store
x-check
493088207912ed01661af40af0a0570
content-length
656
expires
Thu, 01 Jan 1970 00:00:01 GMT
/
c.bigmir.net/
130 B
421 B
Script
General
Full URL
https://c.bigmir.net/?o1&v1610&s50&t6&c1&n271810&w0&y0&d24&r1600
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
8676a957846f00e2f7de93f37b4302de3df4b1881fb6e960814b98f3258491f1

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:54 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
analytics.js
www.google-analytics.com/
42 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1609229-9
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
7112
date
Wed, 31 Oct 2018 10:22:22 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17301
expires
Wed, 31 Oct 2018 12:22:22 GMT
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1779993300&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=926122580&gjid=1605631200&cid=226396790.1540988455&tid=UA-1609229-9&_gid=1847086915.1540988455&_r=1&gtm=2ouam0&z=725320536
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Oct 2018 12:20:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1779993300&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUAB~&jid=245935289&gjid=1410771824&cid=226396790.1540988455&tid=UA-1609229-29&_gid=1847086915.1540988455&_r=1&gtm=2ouam0&z=363151637
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Oct 2018 12:20:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa44NmICV1JUAQECAwdXUgBUWwZXUlIHAwNXB1ZXW1BbBAMCVAAebxkUD1MWXg1SQAxAUQdCPVcQUQ1Y-QBpAUgNCAxRYTUBVDVsPXxYUWBRQUgNVVlQHAFUDBgZUBAdTVwZRB1VUV1RTA1YOUFMBAwYEVQVaAlIPQBpAREAMVUsfVFUCUQEDBVFXWwVbD1U-PUAF...
n7-r1d2.zmctrack.net/ Frame 2137
134 KB
54 KB
XHR
General
Full URL
https://n7-r1d2.zmctrack.net/fa44NmICV1JUAQECAwdXUgBUWwZXUlIHAwNXB1ZXW1BbBAMCVAAebxkUD1MWXg1SQAxAUQdCPVcQUQ1Y-QBpAUgNCAxRYTUBVDVsPXxYUWBRQUgNVVlQHAFUDBgZUBAdTVwZRB1VUV1RTA1YOUFMBAwYEVQVaAlIPQBpAREAMVUsfVFUCUQEDBVFXWwVbD1U-PUAFaBAMOBFcGUFNSBgdSUgQGU1AGB1JSBwYBU1pVBA5SUFIGAAZaVAQOVFADAABXVgBVV1FUAwJRAVsFW1dVBVAPWg8DAQQEBg5TVwZQUlIEB1NSBgZSUAcHAVJaBgRTUlVSDgBQWgYEBlRUAw4AUFYAVVdRAANXUVRbAlsBVQVQV1oFAw8EDwYBUwQ
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.187.81.35 , Ukraine, ASN43332 (IDSTRATEGY-AS ---------- UPSTREAMS ----------, UA),
Reverse DNS
Software
nginx /
Resource Hash
7db528fd24c0dde9b9aa153c93923bbf710247957a6c1a3bfe3c4da28964519c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://blogs.korrespondent.net

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Oct 2018 12:38:44 GMT
server
nginx
etag
"5bd6ff54-d556"
status
200
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
max-age=31536000
x-meta-data
{"method":"get_argon","data":{"commit":"2dac4be675d062ee50317b5b15482ec5d2738409","r":7}}
x-check
2557e35616f58787f6afcd9c35206e65
x-meta-controller-version
Argon controller (commit: 8421bc52)
content-length
54614
expires
Thu, 31 Oct 2019 12:20:54 GMT
icon-sprite.png
csskor.ill.in.ua/i/
29 KB
29 KB
Image
General
Full URL
https://csskor.ill.in.ua/i/icon-sprite.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d

Request headers

Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
status
200
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
29852
opensans-condbold-webfont.woff
csskor.ill.in.ua/fonts/
49 KB
49 KB
Font
General
Full URL
https://csskor.ill.in.ua/fonts/opensans-condbold-webfont.woff
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
Origin
https://blogs.korrespondent.net

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 18 Dec 2013 10:08:55 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7499fa28d9fbce1:0"
status
200
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
49816
preloader.gif
csskor.ill.in.ua/i/
6 KB
6 KB
Image
General
Full URL
https://csskor.ill.in.ua/i/preloader.gif
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab

Request headers

Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/gif
status
200
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
6154
682381dd-5462-4c04-b7d4-2f299a48a42d
https://blogs.korrespondent.net/
134 KB
0
Script
General
Full URL
blob:https://blogs.korrespondent.net/682381dd-5462-4c04-b7d4-2f299a48a42d
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca54cc2f566c7dbb0af25ae0c9882ca705c3eef6a9e48e1355682c94e46e7734

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
137668
Content-Type
application/javascript;charset=utf-8
/
c.bigmir.net/
130 B
421 B
Script
General
Full URL
https://c.bigmir.net/?o1&v1610&s50&t6&c1&n699648&w0&y0&d24&r1600
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
0924513398d52bc7f14a8f060a0de79768110e7059fc0dbce39dfe820bbe0c23

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
dropdown_arrows1.png
ui.ill.in.ua/i/
3 KB
3 KB
Image
General
Full URL
https://ui.ill.in.ua/i/dropdown_arrows1.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.0, RSA, AES_128_CBC
Server
193.29.200.140 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/7.0 / ASP.NET
Resource Hash
6b05c089e7dcc747b10a33063b8e0670afee5c1134aeb5c4f3f78a3f738a6f48

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:54 GMT
Last-Modified
Sun, 16 Jun 2013 22:18:02 GMT
Server
Microsoft-IIS/7.0
X-Powered-By
ASP.NET
ETag
"fdd4205edf6ace1:0"
Content-Type
image/png
Cache-Control
public, max-age=31536
Accept-Ranges
bytes
Content-Length
2872
subscribe.png
csskor.ill.in.ua/i/
4 KB
4 KB
Image
General
Full URL
https://csskor.ill.in.ua/i/subscribe.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2

Request headers

Referer
https://csskor.ill.in.ua/css/index.min.css?v=3.1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
last-modified
Wed, 07 May 2014 14:11:34 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0ef6440fe69cf1:0"
content-type
image/png
status
200
cache-control
public, max-age=31536
accept-ranges
bytes
content-length
4138
s
r.i.ua/
837 B
1 KB
Image
General
Full URL
https://r.i.ua/s?u1647&p4&n0.9035413947308615&c1&d24&w1600&h1200&r/blogs.korrespondent.net/
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
r.i.ua
Software
nginx /
Resource Hash
95d943e46ae9e5f9840150ca43e851e6f96224a76fe1e58f58bf4294c458db28

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/png
Expires
0
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054
  • https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054
43 B
421 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.196.75 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host45.rax.ru
Software
nginx/1.11.1 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 30 Oct 2017 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx/1.11.1
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//blogs.korrespondent.net/;0.9605894962939054
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 30 Oct 2017 21:00:00 GMT
cm.js
source.mmi.bemobile.ua/cm/
50 KB
19 KB
Script
General
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
8e8915553a51d4edca28ba5a36f77aee861d59f63be105a59c26e50c4cb509d8

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Thu, 26 Jul 2018 09:33:39 GMT
server
nginx/1.13.0
etag
W/"5b599573-c64f"
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
expires
Fri, 27 Jul 2018 09:33:39 GMT
pic.gif
juke.mmi.bemobile.ua/bug/
56 B
138 B
Image
General
Full URL
https://juke.mmi.bemobile.ua/bug/pic.gif?siteid=korrespondent.net&j=1&nocache=0.09561765739831651
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.22 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 31 Oct 2018 12:20:55 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
-1
gtm.js
www.googletagmanager.com/
70 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7KPL8
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d14f93873ae91de94c6ab97e0bc6e439a502829c192fa875234ed308bbad28bf
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
25386
x-xss-protection
1; mode=block
expires
Wed, 31 Oct 2018 12:20:55 GMT
s
h.holder.com.ua/
1 KB
2 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b2230&c1&r20180060&dholder_2230_blogs&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
22c42a262ac69627e62d457b2aa7e0e29e5edf6537215c9f104fa6e0bb43896f

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
1036
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xgemius.js
gaua.hit.gemius.pl/
32 KB
9 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
e3d3395c3817a4d5b70efb8acdfafe2a2863d1c1c6b09a939dfe82b86bd9d738

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Tue, 11 Sep 2018 11:45:14 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
max-age=43200
accept-ranges
none
content-type
application/x-javascript
content-length
8942
expires
Thu, 01 Nov 2018 00:20:55 GMT
user.hnd
id.korrespondent.net/aut/
9 B
248 B
Script
General
Full URL
https://id.korrespondent.net/aut/user.hnd?_1540988455249=
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331

Request headers

:path
/aut/user.hnd?_1540988455249=
pragma
no-cache
cookie
dcw=44; _ga=GA1.2.226396790.1540988455; _gid=GA1.2.1847086915.1540988455; _gat_gtag_UA_1609229_9=1; _gat_gtag_UA_1609229_29=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
id.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
private
weather.hnd
blogs.korrespondent.net/widget/
2 KB
964 B
XHR
General
Full URL
https://blogs.korrespondent.net/widget/weather.hnd
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
97c40b4abe7248d73d9f655ce28267f9e5a17779775001cd124295bc0ca167e7

Request headers

:path
/widget/weather.hnd
pragma
no-cache
cookie
dcw=44; b=b; _ga=GA1.2.226396790.1540988455; _gid=GA1.2.1847086915.1540988455; _gat_gtag_UA_1609229_9=1; _gat_gtag_UA_1609229_29=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blogs.korrespondent.net
x-requested-with
XMLHttpRequest
:scheme
https
referer
https://blogs.korrespondent.net/
:method
GET
Accept
*/*
Referer
https://blogs.korrespondent.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
private
set-cookie
city=40371; domain=.korrespondent.net; expires=Thu, 31-Oct-2019 12:20:55 GMT; path=/
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b3285&c1&r20180060&dholder_300x60_85&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b3286&c1&r20180060&dholder_300x60_86&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b3300&c1&r20180060&dholder_300x60_0&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b7718&c1&r20180060&dholder_300x60_18&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b7719&c1&r20180060&dholder_300x60_19&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
1 KB
2 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b2207&c1&r20180060&dholder_2207_premium_blogs&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
5b33ffc3292c4d58a592ecd5fc33aa838d584cdf7aba6cd739f91602d3c167c1

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
1191
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b2890&c1&r20180060&dholder_2890_ros&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
s
h.holder.com.ua/
874 B
1 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b5774&c1&r20180060&dholder_960x218_74&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
ee455728bea7b826a88ac81260cd360aa592d83c59c61293e73550eecc6a0df4

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
874
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b4035&c1&r20180060&dholder_320x100_35&hhttps%3A//blogs.korrespondent.net/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
RFtCvdd2LPQA
cdn.onthe.io/io.js/
61 KB
19 KB
Script
General
Full URL
https://cdn.onthe.io/io.js/RFtCvdd2LPQA
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js?cDAoQ1NjFMsC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.104.37 North York, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7a1bb8344f147e7c41890356386d79cfa6080feea264c28caff05d5d7d683d78

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Sep 2018 11:47:36 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5b9113d8-f247"
Transfer-Encoding
chunked
X-Hostname
cdn-eu-3
Content-Type
text/javascript
Cache-Control
max-age=86400, public
Connection
keep-alive
Expires
Thu, 01 Nov 2018 12:03:43 GMT
69.png
blogs.korrespondent.net/i/weather/icon/
676 B
733 B
Image
General
Full URL
https://blogs.korrespondent.net/i/weather/icon/69.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.159 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
63add88accb4a26a90c122e75cf30deeeaba2918d0b48c740dd6056df125fd9c

Request headers

:path
/i/weather/icon/69.png
pragma
no-cache
cookie
dcw=44; b=b; _ga=GA1.2.226396790.1540988455; _gid=GA1.2.1847086915.1540988455; _gat_gtag_UA_1609229_9=1; _gat_gtag_UA_1609229_29=1; city=40371
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blogs.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:54 GMT
last-modified
Mon, 11 Jul 2016 11:43:59 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"6294c28369dbd11:0"
content-type
image/png
status
200
cache-control
no-cache,public, max-age=31536
accept-ranges
bytes
content-length
676
login.js
id.korrespondent.net/js/
27 KB
5 KB
Script
General
Full URL
https://id.korrespondent.net/js/login.js?v=4
Requested by
Host: id.korrespondent.net
URL: https://id.korrespondent.net/js/profile.js?v=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7034a8463718fa08f8564daf5c80aca4d2d34e66664f1e44fb331cc01a0246f2

Request headers

:path
/js/login.js?v=4
pragma
no-cache
cookie
dcw=44; _ga=GA1.2.226396790.1540988455; _gid=GA1.2.1847086915.1540988455; _gat_gtag_UA_1609229_9=1; _gat_gtag_UA_1609229_29=1; city=40371
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
id.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
etag
"0cdc6cd4f5fd41:0"
last-modified
Mon, 08 Oct 2018 21:42:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-cache
accept-ranges
bytes
content-length
4893
fpdata.js
gaua.hit.gemius.pl/
275 B
388 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=blogs.korrespondent.net
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
fa12c1d4b4327f30f11f57012bb8604c1aa343e5c5409afa5cf92392ce6bbdc5

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
275
expires
Fri, 30 Nov 2018 12:20:55 GMT
collect
stats.g.doubleclick.net/j/
1 B
129 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j71&tid=UA-1609229-30&cid=226396790.1540988455&jid=445073090&gjid=885923269&_gid=1847086915.1540988455&_u=aGDAgcABAAAAAE~&z=1429646743
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
108.177.15.155 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wr-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 31 Oct 2018 12:20:55 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://blogs.korrespondent.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j71&a=1779993300&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.korrespondent.net%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgUAB~&jid=445073090&gjid=885923269&cid=226396790.1540988455&tid=UA-1609229-30&_gid=1847086915.1540988455&gtm=2wgam0P7KPL8&z=174199851
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Oct 2018 19:31:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2134171
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
login_ru.js
id.korrespondent.net/js/lang/
4 KB
2 KB
Script
General
Full URL
https://id.korrespondent.net/js/lang/login_ru.js
Requested by
Host: jskor.ill.in.ua
URL: https://jskor.ill.in.ua/js/jq/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.29.200.151 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5d98508b439fcb46ceb1ac820d5fa1eba8c297a509a340f5b3b5555e55b1f55d

Request headers

:path
/js/lang/login_ru.js
pragma
no-cache
cookie
dcw=44; _ga=GA1.2.226396790.1540988455; _gid=GA1.2.1847086915.1540988455; _gat_gtag_UA_1609229_9=1; _gat_gtag_UA_1609229_29=1; city=40371
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
id.korrespondent.net
referer
https://blogs.korrespondent.net/
:scheme
https
:method
GET
Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
expires
Wed, 31 Oct 2018 22:20:55 GMT
/
tt.onthe.io/
0
287 B
Other
General
Full URL
https://tt.onthe.io/?k[]=41665:error_script[title:Cannot%20read%20property%20%27setAttribute%27%20of%20null%0A%0ATypeError%3A%20Cannot%20read%20property%20%27setAttribute%27%20of%20null%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A60632%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A60920%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A62018)%0A%20%20%20%20at%20i%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A110)%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A517%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FRFtCvdd2LPQA%3A1%3A526,href:https%3A%2F%2Fblogs.korrespondent.net%2F,url:%2F,domain:blogs.korrespondent.net,page:%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,cdn_version:31]&s=a8d5d758387ee58925382ab64044549f&1540988455360
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/RFtCvdd2LPQA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
Other
General
Full URL
https://tt.onthe.io/?k[]=41665:uniques_instantly[domain:blogs.korrespondent.net,url:%2F,page:%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net,language:ru,user_access:Holy,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:7de34c0d8.4dafbd816_1540988455365,cdn_version:31]&s=a8d5d758387ee58925382ab64044549f&1540988455370
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/RFtCvdd2LPQA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
Other
General
Full URL
https://tt.onthe.io/?k[]=41665:visits_instantly[domain:blogs.korrespondent.net,url:%2F,page:%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net,language:ru,user_access:Holy,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:7de34c0d8.4dafbd816_1540988455365,cdn_version:31]&s=a8d5d758387ee58925382ab64044549f&__io=7de34c0d8.4dafbd816_1540988455365&1540988455373
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/RFtCvdd2LPQA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.118.169 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.169.118.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
Other
General
Full URL
https://tt.onthe.io/?k[]=41665:pageviews[domain:blogs.korrespondent.net,url:%2F,page:%D0%9F%D0%BE%D1%81%D0%BB%D0%B5%D0%B4%D0%BD%D0%B8%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%7C%20%D0%AF-%D0%9A%D0%BE%D1%80%D0%B5%D1%81%D0%BF%D0%BE%D0%BD%D0%B4%D0%B5%D0%BD%D1%82%20-%20Korrespondent.net,language:ru,user_access:Holy,user_agent:Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36,device:desktop,browser_version:Other%2067,browser:Other,depth:1,user_type:new,user_id:7de34c0d8.4dafbd816_1540988455365,cdn_version:31]&s=a8d5d758387ee58925382ab64044549f&1540988455375
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/RFtCvdd2LPQA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.5 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.5.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1540988455383/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.korres...
  • https://gaua.hit.gemius.pl/__/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.kor...
169 B
392 B
Script
General
Full URL
https://gaua.hit.gemius.pl/__/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=o9gshnukx1cT9lCobrGA.9q.GHK5L1d1bxV9ETitdY7.J7&vis=1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
51be3973d913abe73405d1d8a93efaa9388f327b38a3cc42095708786a4505ff

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Oct 2018 12:20:55 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Tue, 30 Oct 2018 12:20:55 GMT

Redirect headers

pragma
no-cache
date
Wed, 31 Oct 2018 12:20:55 GMT
server
GHC
status
301
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1540988455383/rexdot.js?l=90&id=baBKWA_5z2BvV4NtLrzYfLRI78vWsQMOQj6o7ToN00P.47&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fblogs.korrespondent.net%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=o9gshnukx1cT9lCobrGA.9q.GHK5L1d1bxV9ETitdY7.J7&vis=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Tue, 30 Oct 2018 12:20:55 GMT
mwayss_invocation.min.js
ad.mediawayss.com/ad/
13 KB
5 KB
Script
General
Full URL
https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=775&height=250&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2230&c1&r20180060&dholder_2230_blogs&hhttps%3A//blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
790b7470b043d2ca2ac698232bda7c59e095eaf5cdb626423f715fcb4cb5443e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Oct 2018 10:41:26 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"5bb34b56-3514"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 31 Oct 2018 13:20:55 GMT
cmeter_an.js
source.mmi.bemobile.ua/cm/
10 KB
4 KB
Script
General
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2230&c1&r20180060&dholder_2230_blogs&hhttps%3A//blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
93d6126e1f2d299b4a9edfe242cb264e919673acf6b5c9c8b64cd7c0cc606185

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Thu, 26 Jul 2018 09:33:39 GMT
server
nginx/1.13.0
etag
W/"5b599573-2645"
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
expires
Fri, 27 Jul 2018 09:33:39 GMT
get_cookie
pa.tns-ua.com/bug/
0
0

mwayss_invocation.min.js
ad.mediawayss.com/ad/
13 KB
5 KB
Script
General
Full URL
https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b2207&c1&r20180060&dholder_2207_premium_blogs&hhttps%3A//blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
790b7470b043d2ca2ac698232bda7c59e095eaf5cdb626423f715fcb4cb5443e

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Oct 2018 10:41:26 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"5bb34b56-3514"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 31 Oct 2018 13:20:55 GMT
u
u.holder.com.ua/
Redirect Chain
  • https://r.i.ua/c?uf86065195bd99e26&r0.48896395563340356
  • https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
43 B
286 B
Image
General
Full URL
https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
91.198.36.71 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
close
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
u
u.holder.com.ua/
Redirect Chain
  • https://c.bigmir.net/?zf86065195bd99e26&r0.9609471186150387
  • https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26
43 B
286 B
Image
General
Full URL
https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
91.198.36.71 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
close
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//u.holder.com.ua/u?tb&i0&uf86065195bd99e26
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
impress
ad.mediawayss.com/delivery/
42 KB
12 KB
XHR
General
Full URL
https://ad.mediawayss.com/delivery/impress?ctype=div&pzoneid=775&height=250&width=300&tld=korrespondent.net&ch=korrespondent.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=blogs.korrespondent.net&top_url=https%3A%2F%2Fblogs.korrespondent.net%2F&parent_domain=blogs.korrespondent.net&parent_url=https%3A%2F%2Fblogs.korrespondent.net%2F&domain=blogs.korrespondent.net&url=https%3A%2F%2Fblogs.korrespondent.net%2F&referrer=&async=1&user_uuid=514f52ba-2a67-4b73-8912-ece8cd1d18d0&id=7107785596
Requested by
Host: ad.mediawayss.com
URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=775&height=250&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
dfc47bbea4d1fbe1405e57f49a50e36e325f2e0ee93b0bc3518915272f904b6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://blogs.korrespondent.net
access-control-allow-credentials
true
x-upstream
172.16.18.51:80
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/
Redirect Chain
  • https://dm.hybrid.ai/match?id=122&vid=514f52ba-2a67-4b73-8912-ece8cd1d18d0
  • https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
35 B
479 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.104.254 London, United Kingdom, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-176-104-254.eu-west-2.compute.amazonaws.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
Hybrid Web Server
Location
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
P3P
CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC'
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
X-Mode
121
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0
  • https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0&bounce=1
0
542 B
Image
General
Full URL
https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0&bounce=1
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
144.76.85.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.254.85.76.144.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Last-Modified
Wed, 31 Oct 2018 12:20:54 GMT
Server
nginx
P3P
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Wed, 31 Oct 2018 12:20:54 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Last-Modified
Wed, 31 Oct 2018 12:20:54 GMT
Server
nginx
P3P
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location
https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=514f52ba-2a67-4b73-8912-ece8cd1d18d0&bounce=1
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
0
Expires
Wed, 31 Oct 2018 12:20:54 GMT
impress
ad.mediawayss.com/delivery/
3 KB
3 KB
XHR
General
Full URL
https://ad.mediawayss.com/delivery/impress?ctype=div&pzoneid=784&height=600&width=300&tld=korrespondent.net&ch=korrespondent.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=blogs.korrespondent.net&top_url=https%3A%2F%2Fblogs.korrespondent.net%2F&parent_domain=blogs.korrespondent.net&parent_url=https%3A%2F%2Fblogs.korrespondent.net%2F&domain=blogs.korrespondent.net&url=https%3A%2F%2Fblogs.korrespondent.net%2F&referrer=&async=1&user_uuid=514f52ba-2a67-4b73-8912-ece8cd1d18d0&id=9877851419
Requested by
Host: ad.mediawayss.com
URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c221c57265946bef36e900741c0b349f484b67e659ed36e72e09ad112a42aaf2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/
Origin
https://blogs.korrespondent.net

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://blogs.korrespondent.net
access-control-allow-credentials
true
x-upstream
172.16.18.56:80
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
74 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad.mediawayss.com
URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
9f2f0533b970a29e320c0d46b4d2b50ec58d2fba41397b92a57a19a08e3b79a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28015
x-xss-protection
1; mode=block
server
cafe
etag
13925230685652762048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 31 Oct 2018 12:20:55 GMT
mwayss_invocation.min.css
ad.mediawayss.com/ad/
3 KB
937 B
Stylesheet
General
Full URL
https://ad.mediawayss.com/ad/mwayss_invocation.min.css
Requested by
Host: ad.mediawayss.com
URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=784&height=600&width=300&tld=korrespondent.net&ctype=div&ch=korrespondent.net
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
554cfa2bee53a679eac7f1afff8cf199543cbff3ae0f3397b70b85e0979616ba

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Tue, 04 Jul 2017 08:24:12 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"595b50ac-a26"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 31 Oct 2018 13:20:55 GMT
tracking
ad.mediawayss.com/delivery/
0
130 B
Image
General
Full URL
https://ad.mediawayss.com/delivery/tracking?hash=K3lqRDA2UzZQa1VWaGU5NzNFMGgvQkVpZ2hURzFaYzFCazlQRXlDYnlxekZMbm1NQnFhYXdYTDUvNmlPK3JldFVBcVBEWVpEUGVzaG9wYUQ4UGVuRFRyRTAvRXNGOXF4NXNmL2hMdEVYa0dBeSs1Sk5XblRGTWYwazE5N3ltWG05Z0J3dDhYcTMwdDhKTVdMMVZCL2JvSDl0MDdwVkcvaTRRQXF3bTZtbzVFd0M3c3AzSW1kRGtWS2RyU2xhQmhLTTgvNG9SK1RraU1VaDUzT21Sbm1VT1hUSGd6cnp4UDRneWl2WFRFS1QwRWw5UHF6QVRzYVVRczRaMFVrbDB1N1NLakdCeHZrcTFHUDNTMjIvZktzdUQ2aU5sblB0bmJ2K0dOSURnanB1YlVGWk40c2tKcExhNy9jR3EyR3M3SU92YkExc2hkUzAya014MWo5a3g0WWhaS3NqbVNZNWI3bUhkTFI1OUYxM1FCYU5sRWV4Z3ZNYndlWExHVmNsakZPSzRPNHNwclY1OE1jd1JuU2lSeUQxYVV1YXF6a3VTZ0xqTVF6Nld0Z01lRWljdk9GOG14LzZoSUozSXkwK05mUUlVTWhEN25BNEFIQVNLeTdRamxiVGluQU5KUWN5NElDOGhqZlQ2S2tIRXp2cUJEamhMQVhycFRla1Y0K3BRZC8yYTNSaEwyaHFPaE50clRrTGRORmtTNXJUQUdDcnZOcDEwZUplL243dVd4dGpmLzNLMHZEOVNDOU9BU3o2Tzdab2piOStzNDhhblZoTG1HOWFUV2NvRkMyb3NyL1RJT2I2ajM0L2FiUUpkaS9RYURERnFFdEhXSWhVMkU0LzhsRVFjNmZGbTdaYVUrUGE4dTFKNlp6ZjBZb1Qyd0hWS0dtdlpXQmZmYjdlci8rdHJWVnBURDV5MWRNRGpqZHg2MDVIeUhzZTZHTjZXdU1vOVpTTFlMUXlaL1I1MVI2Vk1JWFViTkFqT2ZIUjlZNzRFRmpLMDlqWExvQUtyeEs4SzRRS3VBZXdhV0hicjQwcEFsUlJvWDdPQldReStUUWR0SjhSNng3eW5wc21WTT0%3D&token=TzU4YmpxZ1VUbG1McVB4M1B3cXJiQT09
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 31 Oct 2018 12:20:55 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-length
0
x-upstream
172.16.18.52:80
content-type
text/html; charset=UTF-8
favicon-16px.png
ad.mediawayss.com/images/
900 B
1 KB
Image
General
Full URL
https://ad.mediawayss.com/images/favicon-16px.png
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
last-modified
Tue, 04 Jul 2017 08:24:14 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"595b50ae-384"
content-type
image/png
status
200
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Wed, 07 Nov 2018 12:20:55 GMT
mt20_3.js
i.mediatraffic.com.ua/js/uho/
13 KB
13 KB
Script
General
Full URL
https://i.mediatraffic.com.ua/js/uho/mt20_3.js
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.76 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
72494433d46144ae637e90223fab2bd87fedfa08e778114e71178ae049c5fa27

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 31 Oct 2018 12:20:55 GMT
Last-Modified
Thu, 18 Aug 2016 14:51:12 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=7200
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
13456
Expires
Wed, 31 Oct 2018 14:20:55 GMT
u
u.holder.com.ua/
Redirect Chain
  • https://r.i.ua/c?uf86065195bd99e26&r0.13545165336328524
  • https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
43 B
286 B
Image
General
Full URL
https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
91.198.36.71 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
close
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u.holder.com.ua/u?ti&i9cb89f55bd99e27&uf86065195bd99e26
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
u
u.holder.com.ua/
Redirect Chain
  • https://c.bigmir.net/?zf86065195bd99e26&r0.5798939246519492
  • https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26
43 B
286 B
Image
General
Full URL
https://u.holder.com.ua/u?tb&i0&uf86065195bd99e26
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
91.198.36.71 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
close
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
//u.holder.com.ua/u?tb&i0&uf86065195bd99e26
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/
239 KB
82 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d3b6106b34b5c5ff977d9e5133694d4de097d137d8e2bb9420562fdb01bf64b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
83784
x-xss-protection
1; mode=block
expires
Wed, 31 Oct 2018 12:20:55 GMT
inView.min.js
ad.mediawayss.com/ad/
5 KB
2 KB
Script
General
Full URL
https://ad.mediawayss.com/ad/inView.min.js
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7a78c3bd4755f13b7b28f838f4d76d3c5a06fe8a91e6bce3bad65b2c56d9b30a

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
last-modified
Tue, 04 Jul 2017 08:24:12 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"595b50ac-14c0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600, public, max-age=3600
expires
Wed, 31 Oct 2018 13:20:55 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=blogs.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:811::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=blogs.korrespondent.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/
201 KB
75 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
181124d1788d7083ab1de6fbeb87f524e1a3c9658ccdf54c4f49ab523df2253c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
76196
x-xss-protection
1; mode=block
server
cafe
etag
4706987710021974220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Oct 2018 12:20:55 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/ Frame 9982
201 KB
75 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
181124d1788d7083ab1de6fbeb87f524e1a3c9658ccdf54c4f49ab523df2253c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
76196
x-xss-protection
1; mode=block
server
cafe
etag
4706987710021974220
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Oct 2018 12:20:55 GMT
ca-pub-6864402317197092.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
243 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-6864402317197092.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 10:42:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Oct 2018 21:23:28 GMT
server
sffe
age
5913
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Wed, 31 Oct 2018 22:42:22 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/ Frame A16F
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20181024/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 25 Oct 2018 05:45:53 GMT
expires
Thu, 08 Nov 2018 05:45:53 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
542102
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame 0AFC
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6864402317197092&output=html&h=600&slotname=2988931930%2F7652062349&adk=3518481253&adf=753349488&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&wgl=1&adsid=NT&dt=1540988455580&bpp=13&bdt=1237&fdt=74&idt=63&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&correlator=4448458882578&frm=20&pv=2&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=79&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=196&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=125609806&ifi=1&fsb=1&xpc=OKQJOesTJ1&p=https%3A//blogs.korrespondent.net&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6864402317197092&output=html&h=600&slotname=2988931930%2F7652062349&adk=3518481253&adf=753349488&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&wgl=1&adsid=NT&dt=1540988455580&bpp=13&bdt=1237&fdt=74&idt=63&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&correlator=4448458882578&frm=20&pv=2&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=79&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=196&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=125609806&ifi=1&fsb=1&xpc=OKQJOesTJ1&p=https%3A//blogs.korrespondent.net&dtd=113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 31 Oct 2018 12:20:55 GMT
server
cafe
cache-control
private
content-length
82
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 31-Oct-2018 12:35:55 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Wed, 31 Oct 2018 12:20:55 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/
73 KB
27 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
cce5c991fc672328e8eb7e5f9026496acd4fa608d26d0df95c54b7f16a8e5cc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 25 Oct 2018 04:46:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27406
x-xss-protection
1; mode=block
server
cafe
etag
6345757217691752979
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Nov 2018 04:46:48 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/ Frame 7991
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20181024/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20181024/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 25 Oct 2018 05:45:53 GMT
expires
Thu, 08 Nov 2018 05:45:53 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
542102
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
ads
googleads.g.doubleclick.net/pagead/ Frame 0E8A
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6864402317197092&output=html&h=250&slotname=2988931930&adk=2067130985&adf=2854619069&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1540988455594&bpp=5&bdt=1251&fdt=180&idt=49&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x600&correlator=4448458882578&frm=20&pv=1&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=1627&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2288425002&ifi=2&fsb=1&xpc=ulMrZeBv3K&p=https%3A//blogs.korrespondent.net&dtd=185
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181024/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6864402317197092&output=html&h=250&slotname=2988931930&adk=2067130985&adf=2854619069&w=300&lmt=1540988455&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fblogs.korrespondent.net%2F&flash=0&avail_w=0&wgl=1&adsid=NT&dt=1540988455594&bpp=5&bdt=1251&fdt=180&idt=49&shv=r20181024&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=300x600&correlator=4448458882578&frm=20&pv=1&ga_vid=226396790.1540988455&ga_sid=1540988456&ga_hid=1779993300&ga_fc=0&iag=0&icsg=2662400&dssz=80&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=963&ady=1627&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=2288425002&ifi=2&fsb=1&xpc=ulMrZeBv3K&p=https%3A//blogs.korrespondent.net&dtd=185
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 31 Oct 2018 12:20:55 GMT
server
cafe
cache-control
private
content-length
82
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Wed, 31-Oct-2018 12:35:55 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Wed, 31 Oct 2018 12:20:55 GMT
s
t.holder.com.ua/
1 KB
2 KB
Script
General
Full URL
https://t.holder.com.ua/s?v3&s9&pbottom&r16470160&c1
Requested by
Host: i.mediatraffic.com.ua
URL: https://i.mediatraffic.com.ua/js/uho/mt20_3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.198.36.60 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
7b40424cf8af641c5dcf386588d6495df36bc30978b9a1f80ba443febc5e95de

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 31 Oct 2018 12:20:55 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
truncated
/
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
bridge3.250.3_en.html
imasdk.googleapis.com/js/core/ Frame 47BA
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.250.3_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
173878
date
Tue, 30 Oct 2018 03:53:13 GMT
expires
Wed, 30 Oct 2019 03:53:13 GMT
last-modified
Tue, 30 Oct 2018 03:48:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
116862
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
client.js
s0.2mdn.net/instream/video/
26 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2006 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10523
x-xss-protection
1; mode=block
expires
Wed, 31 Oct 2018 12:20:55 GMT
bridge3.250.3_en.html
imasdk.googleapis.com/js/core/ Frame EB32
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.250.3_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
173878
date
Tue, 30 Oct 2018 03:53:13 GMT
expires
Wed, 30 Oct 2019 03:53:13 GMT
last-modified
Tue, 30 Oct 2018 03:48:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
116862
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
bridge3.250.3_en.html
imasdk.googleapis.com/js/core/ Frame 9821
0
0
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.250.3_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.250.3_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://blogs.korrespondent.net/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://blogs.korrespondent.net/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
173878
date
Tue, 30 Oct 2018 03:53:13 GMT
expires
Wed, 30 Oct 2019 03:53:13 GMT
last-modified
Tue, 30 Oct 2018 03:48:48 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
116862
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
tracking
ad.mediawayss.com/delivery/
0
130 B
Image
General
Full URL
https://ad.mediawayss.com/delivery/tracking?hash=RkNBczBLTEVHVTFKUkFiVjBNVzgwMjY4WkFYS0NyVy9Hb1prdHdnbXRRLzhicTVCb3JIR1pWWk92U2Vkb3VvSlQ3dlp2eVR3VWFzTDFJNFY3UXF5VzZISk1ad3hLa0JZSEpuSDJ5bnNtSFdKLzN0TVpvTVhQd29pdzVqcmdseW8wUjdzaHA4Um9DVklIOVpNeFRDWmRpQVRScFh0M2o3OCtaVm9TUC9sWDZkRzZWWnRienFxOEVaMHNLdDkwbDhwc05EdVZEY3RsM0NaMjRPTFBkaXJNQnRVRGk5WFhxTFNvR0dJQWlENFJnei9kOHhjYi8vZUVSaGVhNDdwUGZuUk5rcjFicjRkOEtnd3BVUGFRWWhnSWYzdGppR0Nsb1BuZjRLaXNnbUpSS2NUcUJhbE5LRkF6d2N1V2orUlE3aS9nU0xXMnV3NTIxSGxpUnB1SnNrWDR0eXMwR0dBSjk5RjVYYnNRdmVlMlQ2cjY3WlJvNllwZ0R0OXErRFBCdWt1L2dXZ1pXVHNKSFoxZnZGdUY1R0NvM1p5QysyTFh2S284dTRTd3EwNjZOQXQyWkRsT2svTkdla2dvQVdLYXNNMzlMKzFScHh1ZG05dU5lV2ZRWFZ2MFFCbVBaTVU4cDExWFVlQit3S2cxK2lOZVZUaGRrWUZkdGRHK2gzaWdHUWgwVDhOdEpaRVF6U205ajBIR3c0K052amkwOWJmOUJlM0RobEppS1RCRnNjcmU0WE9PQ09lWHBOVDFqZWZFZEY2Y0tyajc0aEs1YWhRMjZaQmp3RTBodjc3WFJWeWpWVWF5NXFvQVZDVHlqeHF0MTlKVnphYlQyc1dSbVVrS3dOelJhUzAyMFJzVXVsWFVZajE3b1lYNlpyY3ZkY3ZjT3FkWWZSOW81ZEhvL2FyRVpIZ0dOaVRCeWp1dytSdWR5a2hZR3gyL2FXQW9ROCtRcXg4Q3prQXVMNmtIckJIUldaZHJMd21vRURjMG1ZVUxqTVNIbGRrYTFkd2RkUTltM3d1a245bnJncHJVcUlMNFV1Z3p0OUFjOHlwYzdxVlB0SHFTdzFPZzhHWm9UUT0%3D&token=TzU4YmpxZ1VUbG1McVB4M1B3cXJiQT09&params=c3hkaEpCTGRkZXJXbTJweWJUdVlCQT09
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Referer
https://blogs.korrespondent.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Wed, 31 Oct 2018 12:20:55 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-origin
*
content-length
0
x-upstream
172.16.18.54:80
content-type
text/html; charset=UTF-8
blank.mp4
ad.mediawayss.com/video/
19 KB
19 KB
Media
General
Full URL
https://ad.mediawayss.com/video/blank.mp4
Requested by
Host: blogs.korrespondent.net
URL: https://blogs.korrespondent.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
baacd79c48771b1a2e1e7d12713d4c4a5e768949f33fb8a6ff2d2ab13c58a78b

Request headers

Referer
https://blogs.korrespondent.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

date
Wed, 31 Oct 2018 12:20:55 GMT
last-modified
Tue, 04 Jul 2017 08:24:15 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"595b50af-4aba"
status
206
content-type
video/mp4
Content-Range
bytes 0-19129/19130
cache-control
max-age=604800, public, max-age=604800
Content-Length
19130
expires
Wed, 07 Nov 2018 12:20:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pa.tns-ua.com
URL
http://pa.tns-ua.com/bug/get_cookie

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| Domain object| korr function| $ function| jQuery function| movePremiumBeforeTagOnMobile function| changeClass1 function| changeClass2 function| foundMistake function| FormDefaultButton object| jQuery19105638098134201244 object| selection number| H_DEV object| holderPlaces function| holder number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData string| k string| v object| BM_STAT function| loadWeather number| t3899167487 string| iS object| iD string| iT string| iH number| iI number| tns_already object| tnscm_adn function| UserNotification function| loginWithFB function| ajaxNews701 string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| _jqjsp function| _io_init_async object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| _io_config object| __io object| s object| p function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| cm_events string| tnscm_pak object| mwayss object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars function| inView function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| MeTr function| MTr function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| closure_lm_25258 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| j undefined| row object| style object| closure_lm_809644

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log (Line 78)
Message:
[object Object]
console-api log (Line 78)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mediawayss.com
adservice.google.com
adservice.google.de
blogs.korrespondent.net
c.bigmir.net
cdn.onthe.io
counter.yadro.ru
csskor.ill.in.ua
dm.hybrid.ai
gaua.hit.gemius.pl
googleads.g.doubleclick.net
h.holder.com.ua
i.holder.com.ua
i.mediatraffic.com.ua
id.korrespondent.net
imasdk.googleapis.com
jskor.ill.in.ua
juke.mmi.bemobile.ua
kor.ill.in.ua
n7-r1d2.zmctrack.net
pa.tns-ua.com
pagead2.googlesyndication.com
pixel.quantserve.com
r.i.ua
s.zmctrack.net
s0.2mdn.net
source.mmi.bemobile.ua
stats.g.doubleclick.net
t.holder.com.ua
tt.onthe.io
u.holder.com.ua
ui.ill.in.ua
www.google-analytics.com
www.googletagmanager.com
x01.aidata.io
pa.tns-ua.com
108.177.15.155
142.93.104.37
144.76.85.254
149.202.199.193
185.187.81.35
188.40.114.5
188.40.118.169
193.239.68.97
193.29.200.140
193.29.200.151
193.29.200.157
193.29.200.159
194.247.175.22
194.247.175.23
212.8.250.83
2a00:1450:4001:811::2002
2a00:1450:4001:816::2006
2a00:1450:4001:816::2008
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:81b::2002
2a00:1450:4001:81f::2002
35.176.104.254
37.18.16.16
88.212.196.75
91.198.36.16
91.198.36.26
91.198.36.35
91.198.36.60
91.198.36.71
91.198.36.76
00af1375775e2ad4d46890b35fa39c974750a582b2839dd686210e0e0958b7e8
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0924513398d52bc7f14a8f060a0de79768110e7059fc0dbce39dfe820bbe0c23
12848c2b3d3d378239a3fe1666be847e6c2be24a254f8f6d3e6b6e8f9af0b28e
1728d7dd6ce83992a13bc75b19c0b4fa9cc3a1a45a7ce636f63c073b33c7c77a
181124d1788d7083ab1de6fbeb87f524e1a3c9658ccdf54c4f49ab523df2253c
1885450c0476075437b5f7356ec5dc33fa5179e850cc4dbf59c29f37744818f5
20958d60ba94baade48dee467b74d121dc53b9cae769afa89066c8397b04ae8d
214227a16b4ff571023cbfabe1a74a46b33fb30abbcd8d1a722ae12e3afeb794
21926e8d3c76d9f5d443831870af9165b9a75e511b0dd64a7003582e3ae2e320
22c42a262ac69627e62d457b2aa7e0e29e5edf6537215c9f104fa6e0bb43896f
26dc9aca8f2ab8bbb58b5e9e5918988475e42f7cffad974698a71b2addc6ec5b
2791dcb76821658dce3165022548a9d1032f4c99efe7acfaafdd6327cbd88129
2b73d84a49a4dd2d7caa6efb7c0f1bd4b650e6e1d9078e31df570717ee33f472
2d16d454b7613d55bdbdca8a19cc581ab3c145535e888e3f2761466acc82d42e
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3224cd51f4161d44547a1f5a57a5566582c3d6a690d2212af8a0a8739d0c8e0e
332f43e473358e7de6cc9782387c642f5a3035ab5752257f233253c42c856061
39003dfb375df483b7b0fe29a158da0badd046ee000083ea23a0bb8dd2f6f58d
3a52399b04575c63bcd7c2b32c03bd42021fec776be4e29d7edc874d0392733e
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
45a1fd799e5c4912222696cc2e09dc1b8c7f41fcd8abe43610f2fc5dd158a8a0
51be3973d913abe73405d1d8a93efaa9388f327b38a3cc42095708786a4505ff
554cfa2bee53a679eac7f1afff8cf199543cbff3ae0f3397b70b85e0979616ba
56edf6dc437d8c8712d4ac9a101dad5e1caa6c6f5bfc962533a6991621feb524
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b33ffc3292c4d58a592ecd5fc33aa838d584cdf7aba6cd739f91602d3c167c1
5d98508b439fcb46ceb1ac820d5fa1eba8c297a509a340f5b3b5555e55b1f55d
61fc3e8c06dfd1b34729126d42997cc3e2d60cf2079f80d44fb37f690c1fd001
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63add88accb4a26a90c122e75cf30deeeaba2918d0b48c740dd6056df125fd9c
66131f9daf098d804c43a7b58c5979e263e752c426280513aad3ca4db2168322
6b05c089e7dcc747b10a33063b8e0670afee5c1134aeb5c4f3f78a3f738a6f48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7034a8463718fa08f8564daf5c80aca4d2d34e66664f1e44fb331cc01a0246f2
7055b4d2b922c37cd1d4e92641c3c752abbdb2a6a0f5d2c949f16e3fc5b0b8e9
72494433d46144ae637e90223fab2bd87fedfa08e778114e71178ae049c5fa27
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
790b7470b043d2ca2ac698232bda7c59e095eaf5cdb626423f715fcb4cb5443e
7a1bb8344f147e7c41890356386d79cfa6080feea264c28caff05d5d7d683d78
7a78c3bd4755f13b7b28f838f4d76d3c5a06fe8a91e6bce3bad65b2c56d9b30a
7b40424cf8af641c5dcf386588d6495df36bc30978b9a1f80ba443febc5e95de
7db528fd24c0dde9b9aa153c93923bbf710247957a6c1a3bfe3c4da28964519c
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7f73686ff6c8114dc05894b4d88ca7a2f21e0f958636ec25c652705620a4a021
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ab5047e820c4c9edf0823374a8a31e0119fae38f345a88caa81b46184dfe5d
84510fffe17fea544ae340bc9373b62106bfccc148f93e8ac4bbed045c64e9a2
8676a957846f00e2f7de93f37b4302de3df4b1881fb6e960814b98f3258491f1
8ca45353f62819e14bf59932d13b2b6307b654748bd2c42cfd7181b7cd783a6e
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
8dd1202f5b8a426e5cc4946492e0423eb9814d0996de98f7836af83c3a26ed70
8e8915553a51d4edca28ba5a36f77aee861d59f63be105a59c26e50c4cb509d8
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90102a5b0d498a0928a1923216a5e922fa4dd138a5c7ecad85c6f5b6cdd6bdab
93d6126e1f2d299b4a9edfe242cb264e919673acf6b5c9c8b64cd7c0cc606185
95d943e46ae9e5f9840150ca43e851e6f96224a76fe1e58f58bf4294c458db28
97c40b4abe7248d73d9f655ce28267f9e5a17779775001cd124295bc0ca167e7
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ed325bb4e1bd9f76da8039c87602d63b91e6963d6bf830e62d938a1b90cd133
9f2f0533b970a29e320c0d46b4d2b50ec58d2fba41397b92a57a19a08e3b79a1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a58c45b495338481a91c73729bf3916ce6c7d8e9f0566c0e731a7a3da7dba81c
a6c00e19564e6ca3db0e80f4f3fcac3eee635edd0f928a74d9ecd2de9e199d51
a77f56027b80197b669c7ffc7ab0411a9a147953f1e1cd3e8bcd2225f43f5eac
aa883b0e82d512ed03265228ed7b398c8f6f0c2cc2261bb66daf6f559dff1b1b
ad462eddcccc7cbafe8273736430bf510d374f46fd375bef22648872e9b010ec
af6592d435a34ae2cbc384c908b2000e3a33f3c3d7bace1a84ba7880a8a80d9e
b724fe620189e9f518d154fc4c8914a94f5e27da50c6499cc9a7803a27293abc
baacd79c48771b1a2e1e7d12713d4c4a5e768949f33fb8a6ff2d2ab13c58a78b
bc788950c34406808d0a6d40ee7d7a0a585a3cebcd266cb72b1a4a8a252f1331
bcab73e79e54f5f8b0cf77546f937aaf4aed60947fc1e4a7801813ed34728c4f
c221c57265946bef36e900741c0b349f484b67e659ed36e72e09ad112a42aaf2
c5cad78844631f748de4f5526652f08ae1504dce421b6e8dcd796af07e639ac5
ca54cc2f566c7dbb0af25ae0c9882ca705c3eef6a9e48e1355682c94e46e7734
cafe2ccc723f38d12406fdcc2b9777f7f89363a39bbd09c91bb75876f24141fe
cce5c991fc672328e8eb7e5f9026496acd4fa608d26d0df95c54b7f16a8e5cc4
cefac0898ee1d19ff1fc498113e6f7b81a0f5a6e63b3ae72106cde5d0454bc01
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14f93873ae91de94c6ab97e0bc6e439a502829c192fa875234ed308bbad28bf
d169a4b4bf7e00787e12931b5c2040d76f6995b3ba3f06050274b28644b47d86
d2fbad9636c1fb1ddc3e083984f2b5d3a955a32fdb6247876aabee203958e7dc
d39119e60d9d2b6c6033d75e27ede343201ebc66ea1af181c13f757e32ff886d
d3b6106b34b5c5ff977d9e5133694d4de097d137d8e2bb9420562fdb01bf64b5
d94ecdbab1c769688e0fd828fceb10d42028798aa2107336136b362a2dea762a
daa9c1c00563b973df8c5dad719b8670a599a9465ba9bbac4d222c586b538571
dd4fb84ef463207662efa03dbd05515afb3aee6a71fa7c5e56e7b0b13504a7b4
dfc47bbea4d1fbe1405e57f49a50e36e325f2e0ee93b0bc3518915272f904b6d
e1bbc88bc5a2f85068de34d0a9e01ad9f4239e4d5f273c4c3ad2eca084a9499d
e1f197241b0d9bef34ee8467f60ce8ebdf5b13bf24985ce84db780ce31f1f1e2
e381f2dab671d40e9cdabf802fed460b42105a0ea5d273d80321d392c1dcb5ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d3395c3817a4d5b70efb8acdfafe2a2863d1c1c6b09a939dfe82b86bd9d738
e42e9b80c3498d277962ffe3c3d3f3ae462ea24633a070a11a7316bd1f0cd550
ea55eb40046339083542cdf078df2d2e1abaf7ff90e639ebdecf735bfea0f6bc
ee455728bea7b826a88ac81260cd360aa592d83c59c61293e73550eecc6a0df4
f2688cfce6737668af724081900a94bfdcf6437cf8372189005178964e7d1831
f2851894b41d9efb652f26f2b1c888f458a11c872134a98cb0c7a3347d976412
f711400ad338ab74bb7db15e4775e6e78ecfa03175c6e2d1093c8df027dfdb87
f9c37b174d2623fb31ea7f688f2c8205c2fd7c104c4d0daa270048a52e8c3413
fa12c1d4b4327f30f11f57012bb8604c1aa343e5c5409afa5cf92392ce6bbdc5