urlscan.io logo urlscan.io
SecurityTrails logo

adv2.expres.ua Open in urlscan Pro
88.80.191.215  Public Scan

Go To Rescan Add Verdict Report
URL: https://adv2.expres.ua/
Submission: On July 13 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 20 domains to perform 34 HTTP transactions. The main IP is 88.80.191.215, located in London, United Kingdom and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is adv2.expres.ua.
TLS certificate: Issued by R10 on July 3rd 2024. Valid for: 3 months.
This is the only time adv2.expres.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 88.80.191.215 63949 (AKAMAI-LI...)
4 172.67.195.159 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.20.95.138 13335 (CLOUDFLAR...)
1 149.56.240.130 16276 (OVH)
1 172.64.150.184 13335 (CLOUDFLAR...)
1 50.30.36.249 30083 (AS-30083-...)
1 209.126.100.76 30083 (AS-30083-...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 65.9.7.55 16509 (AMAZON-02)
1 2a04:4e42:8e::84 54113 (FASTLY)
1 2a02:fe80:101... 30148 (SUCURI-SEC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20d... 16509 (AMAZON-02)
10 2620:1ec:33:1... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
34 20
3    88.80.191.215 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 88-80-191-215.ip.linodeusercontent.com
adv2.expres.ua
4    172.67.195.159 (United States)

ASN13335 (CLOUDFLARENET, US)
ends.my.id
1    2606:4700:3038::6815:ebd6 (United States)

ASN13335 (CLOUDFLARENET, US)
icons.iconarchive.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.95.138 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
1    149.56.240.130 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534298.ip-149-56-240.net
sstatic1.histats.com
1    172.64.150.184 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.thekidstoothdoc.com
1    50.30.36.249 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: www.tide-forecast.com
www.tide-forecast.com
1    209.126.100.76 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: www.surf-forecast.com
www.surf-forecast.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
charitypaws.com
1    65.9.7.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-55.fra56.r.cloudfront.net
d2o50i5c2dr30a.cloudfront.net
1    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
i.pinimg.com
1    2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)
secureservercdn.net
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
1    2600:9000:20dc:7600:1:f3fc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.si.com
10    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tse1.mm.bing.net
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 bing.net
tse1.mm.bing.net — Cisco Umbrella Rank: 3175
15 KB
4 ends.my.id
ends.my.id
16 KB
3 expres.ua
adv2.expres.ua
5 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 19387
c.statcounter.com — Cisco Umbrella Rank: 12387
13 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2681
1 gstatic.com
fonts.gstatic.com
47 KB
1 si.com
www.si.com — Cisco Umbrella Rank: 36920
222 KB
1 googleusercontent.com
lh5.googleusercontent.com — Cisco Umbrella Rank: 229
416 KB
1 secureservercdn.net
secureservercdn.net — Cisco Umbrella Rank: 153155
589 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2640
32 KB
1 cloudfront.net
d2o50i5c2dr30a.cloudfront.net
53 KB
1 charitypaws.com
charitypaws.com
76 KB
1 surf-forecast.com
www.surf-forecast.com — Cisco Umbrella Rank: 288143
138 KB
1 tide-forecast.com
www.tide-forecast.com — Cisco Umbrella Rank: 538173
132 KB
1 thekidstoothdoc.com
www.thekidstoothdoc.com
655 KB
1 histats.com
sstatic1.histats.com — Cisco Umbrella Rank: 37484
163 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
102 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 428
34 KB
1 iconarchive.com
icons.iconarchive.com — Cisco Umbrella Rank: 142054
6 KB
0 meredithcorp.io Failed
imagesvc.meredithcorp.io Failed
34 20
Domain Requested by
10 tse1.mm.bing.net adv2.expres.ua
4 ends.my.id adv2.expres.ua
ends.my.id
3 adv2.expres.ua 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 c.statcounter.com www.statcounter.com
1 fonts.gstatic.com ends.my.id
1 www.si.com adv2.expres.ua
1 lh5.googleusercontent.com adv2.expres.ua
1 secureservercdn.net adv2.expres.ua
1 i.pinimg.com adv2.expres.ua
1 d2o50i5c2dr30a.cloudfront.net adv2.expres.ua
1 charitypaws.com adv2.expres.ua
1 www.surf-forecast.com adv2.expres.ua
1 www.tide-forecast.com adv2.expres.ua
1 www.thekidstoothdoc.com adv2.expres.ua
1 sstatic1.histats.com adv2.expres.ua
1 www.statcounter.com ends.my.id
1 www.googletagmanager.com ends.my.id
1 ajax.googleapis.com adv2.expres.ua
1 icons.iconarchive.com adv2.expres.ua
0 imagesvc.meredithcorp.io Failed adv2.expres.ua
34 21

This site contains no links.

Subject Issuer Validity Valid
adv2.expres.ua
R10		 2024-07-03 -
2024-10-01		 3 months crt.sh
ends.my.id
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
iconarchive.com
E1		 2024-06-01 -
2024-08-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2025-01-03		 a year crt.sh
histats.com
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
www.thekidstoothdoc.com
Cloudflare Inc ECC CA-3		 2023-09-10 -
2024-09-09		 a year crt.sh
tide-forecast.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
www.surf-forecast.com
R11		 2024-07-01 -
2024-09-29		 3 months crt.sh
charitypaws.com
GTS CA 1P5		 2024-05-18 -
2024-08-16		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
secureservercdn.net
Starfield Secure Certificate Authority - G2		 2024-03-28 -
2025-03-28		 a year crt.sh
*.googleusercontent.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
si-temp1.minutesvc.com
Amazon RSA 2048 M03		 2024-06-30 -
2025-07-29		 a year crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 03		 2024-05-02 -
2024-10-29		 6 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://adv2.expres.ua/
Frame ID: F64343CDFD813F559F9D19E3C9B51804
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bokeh.*\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

53 %
IPv6

20
Domains

21
Subdomains

20
IPs

6
Countries

2551 kB
Transfer

2935 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://adv2.expres.ua/favicon.ico HTTP 302
  • https://adv2.expres.ua/

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
adv2.expres.ua/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.80.191.215 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
88-80-191-215.ip.linodeusercontent.com
Software
Apache /
Resource Hash
c076ca9d71ab9cf96d65cb8dbf967cde27bde693da648cd8b6985dfba80c40cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4817
content-type
text/html
date
Sat, 13 Jul 2024 12:48:20 GMT
etag
"58d0-619be6dbf5400-gzip"
last-modified
Fri, 31 May 2024 11:38:56 GMT
server
Apache
vary
Accept-Encoding
head.js
ends.my.id/start/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ends.my.id/start/head.js
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e54d1b10b78453d3782d3787191eeed6f44a1d86e12839401cbcc139c68be586
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
75678
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 10:23:55 GMT
server
cloudflare
etag
W/"663f473b-621"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lqmKbq3hqWNHTUnueJQq09hcjZhzD90k2%2FKNnbXPamoa598gifDYWSnf5Yq2qwrTY%2FNSWRVpsdM7AYl6BBrHPlKMCOcHIbqWUlNMPmpAhuDjqhvUORv%2BaqaqHYH"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
8a29630618d363f5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-icon.png
icons.iconarchive.com/icons/bokehlicia/captiva/128/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://icons.iconarchive.com/icons/bokehlicia/captiva/128/rocket-icon.png
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a271602256c72ee1ee042ae2c90818107530c6b899c363e627eacaef389fa83

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 07 Feb 2023 10:05:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63e22276-14d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRUnv3e8YMIKOBjcb1Tjwj5kWp1tTOi%2BJho7IOE8aohiyvSvjStAno3N%2BR4hx7Y0459PHDwK9eOmfQXULF4sl81duV2mwGQKYxpPzzuSj5yM0Xa54QOhNdqnsDA3CWPhijNBkNnm2psDDxrWatzuIh1djAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8a2963035d513861-LHR
alt-svc
h3=":443"; ma=86400
content-length
5337
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Jul 2024 13:54:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Jul 2025 13:54:47 GMT
body.js
ends.my.id/start/ 		481 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ends.my.id/start/body.js
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e79cbcbab17292979c3f022abb78e43ff0bd5af59177882526fbb435a826fb4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
967160
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 Apr 2024 14:20:41 GMT
server
cloudflare
etag
W/"66291539-1e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmQ0vDt69pTr0LV6xsDsLnWKmrqw65QNUf17znYdrAvTwbOELxu1l4yZfXvQcP6KSo8tQfAdAmcCI0PeYuauS9bX6ag0Lm%2Fc8xYt1%2FUOLOA%2FTYuG3bU392P1d962"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
8a29630618ce63f5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2GK21J8RGJ
Requested by
Host: ends.my.id
URL: https://ends.my.id/start/head.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de24a81f9e3fd1ff9b1accc980c0cf4924c37b8fd6dd4e6fa5db3ff33cb10f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103900
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 12:48:21 GMT
counter.js
www.statcounter.com/counter/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: ends.my.id
URL: https://ends.my.id/start/head.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 12 Jul 2024 13:53:05 GMT
server
cloudflare
age
37880
etag
W/"66913541-8c17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8a2963071e627774-LHR
expires
Sat, 13 Jul 2024 14:17:01 GMT
styles.css
ends.my.id/start/ 		79 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ends.my.id/start/styles.css
Requested by
Host: ends.my.id
URL: https://ends.my.id/start/head.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8603ff49be1c4de53a1d8ba654372a3cd6f44b243812d7890bc485e92177c38c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
967160
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 10:21:57 GMT
server
cloudflare
etag
W/"663f46c5-13a03"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0HfbhEuKnac5Rs9ryuxJ5zN2Rjobt8BfSk8sji%2FwPsREnOa%2FiUpmo9mNO44lC7LbZXR36HkQg1y4rv9najALWNPhyYp%2F2RPAqNXgr7iu69Y%2FhkRj%2FpF40ofVc1pq"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
cf-ray
8a296306897563f5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
sstatic1.histats.com/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstatic1.histats.com/0.gif?4804766&101
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.130 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534298.ip-149-56-240.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 12:48:35 GMT
Connection
close
Content-Length
43
Content-Type
image/gif
banner-loading.js
ends.my.id/ads/ 		1 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ends.my.id/ads/banner-loading.js
Requested by
Host: ends.my.id
URL: https://ends.my.id/start/body.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.195.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
855899
alt-svc
h3=":443"; ma=86400
content-length
1
last-modified
Tue, 02 Jul 2024 04:25:35 GMT
server
cloudflare
etag
"6683813f-1"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57o7QS19zoV2Ci2LuBVRUcb2NWZ5lbIeqDpbWmmqLhjaUJn1HyCigpmj87MdcfM%2FuEhfHlM%2FWmtwd2zwEB8hsJOp%2FqTil8dRB7JMJygGElMgrWHutj4TtB%2BGxVVB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a2963074a6863f5-LHR
expires
Thu, 31 Dec 2037 23:55:55 GMT
Tooth-Eruption.png
www.thekidstoothdoc.com/files/2020/12/ 		655 KB
655 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thekidstoothdoc.com/files/2020/12/Tooth-Eruption.png
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.150.184 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32102fd388adbc5a105b0304fdd0a60139a6598b299b7d4c30f7c6650502f479

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-tags
network:1,site:3659,www.thekidstoothdoc.com-html,stylesheet:Template2120,template:Template2120,theme:2122-template,Template2120-html,resource:files,site:3659-resource:files
date
Sat, 13 Jul 2024 12:48:21 GMT
cf-cache-status
HIT
age
9779004
cf-polished
origFmt=png, origSize=1220850
x-cache
miss
alt-svc
h3=":443"; ma=86400
x-rq
dfw8 123 243 443
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Dec 2022 00:05:26 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
public, max-age=60
x-server
hosting
cf-ray
8a296309098763ef-LHR
expires
Sat, 13 Jul 2024 12:49:21 GMT
Los-Angeles-California.png
www.tide-forecast.com/tides/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tide-forecast.com/tides/Los-Angeles-California.png
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
50.30.36.249 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
www.tide-forecast.com
Software
nginx /
Resource Hash
9a42eb0eab85145e76fad886a84227c6d2f2ac28eead6db37211ac647476f3b6

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 12:48:21 GMT
last-modified
Tue, 03 Oct 2023 02:50:44 GMT
server
nginx
etag
"651b8184-20fc8"
content-type
image/png
cache-control
no-cache, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
135112
expires
Wed, 04 Oct 2023 02:50:44 GMT
image
imagesvc.meredithcorp.io/v3/mm/ 		0
0
Clearwater-Beach-Florida.png
www.surf-forecast.com/tides/ 		138 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.surf-forecast.com/tides/Clearwater-Beach-Florida.png
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
209.126.100.76 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS
www.surf-forecast.com
Software
nginx /
Resource Hash
e5dd55e0e648e6658b78b8535ff671faf692d8f4064d927f0663bdee6a529b00

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Sat, 13 Jul 2024 12:48:21 GMT
last-modified
Tue, 25 Oct 2022 01:44:31 GMT
server
nginx
etag
"63573f7f-2267f"
content-type
image/png
cache-control
no-cache, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
140927
expires
Wed, 26 Oct 2022 01:44:31 GMT
dog-vomit-color-chart-700x700.jpg
charitypaws.com/wp-content/uploads/2021/11/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://charitypaws.com/wp-content/uploads/2021/11/dog-vomit-color-chart-700x700.jpg
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0007b96dbeb8db7847fa973a9351666a201db0c2c37fc0b77c89a41d6594142a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
76984
x-xss-protection
1; mode=block
pre-cognitive-push
Enabled
quantum-flux-capacity
Omega
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 18 Jan 2022 20:40:12 GMT
server
cloudflare
etag
"61e725ac-12cb8"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOe4tvD2fks1AVTX%2FLrlzJMFJBTxFwIG9iU%2FEuTc%2F7gF255ATwtF1%2BTYeN54maN8ENyFdU%2FOOgDc5ctVOxsXBFXw9M%2BS1Yvvzr3kDYWlN%2FOQyvMFchahUi1fYsVgeSy1HrY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a29630898fd7708-LHR
e384c710-ce20-4eee-abdd-6a302771cb03.jpg
d2o50i5c2dr30a.cloudfront.net/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2o50i5c2dr30a.cloudfront.net/e384c710-ce20-4eee-abdd-6a302771cb03.jpg
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
848fc9321459feed3f6fe66e77c62177ed55239fa9a75e0a09bb7d54d63e6035

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 12:48:23 GMT
Via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
Last-Modified
Sat, 11 Dec 2010 16:16:05 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
ETag
"43b7fad857f112040835231b9cec489f"
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53451
X-Amz-Cf-Id
wNGn84OtA6_qPYW4vH_w9Bb03pQXThkr8vJ0jooJRarMk3ChWdrd0A==
7f213b53b34a408c0ff3f919835bff56--buckle-jeans-jeans-shorts.jpg
i.pinimg.com/736x/7f/21/3b/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/736x/7f/21/3b/7f213b53b34a408c0ff3f919835bff56--buckle-jeans-jeans-shorts.jpg
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5442ced2cf21dbfdf8e5296ec960d08e40b25085ec6e9d1cd94bd519f88f9277

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
x-cdn
fastly
etag
"10e93284ebefd9e6af15d985872d6508"
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
32514
expires
Fri, 25 Dec 2037 23:59:59 GMT
ITZmYxn-1468x2048.png
secureservercdn.net/45.40.149.159/e6f.913.myftpupload.com/wp-content/uploads/2021/06/ 		588 KB
589 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureservercdn.net/45.40.149.159/e6f.913.myftpupload.com/wp-content/uploads/2021/06/ITZmYxn-1468x2048.png
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
6af0cec41033632755cb4bed4f114d56d66a2af931df44ac0d16ce7c45b7814f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
age
62623
x-cache
cached
x-sucuri-cache
MISS
x-cacheproxy-retries
0/2
content-length
601774
x-xss-protection
1; mode=block
last-modified
Tue, 15 Jun 2021 17:55:03 GMT
server
nginx
x-php-version
8.0
etag
"92eae-5c4d1ac65dc64"
content-type
image/png
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
15016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
VaZ1iksHWezIkDLbiURJp1GusEy0WfUrUFpCLr2FmmyXAF3n557Hq7BCpRUxP5VXsJOGts3PzoD6o_0AI27NhGlDe_BanKUzMUr4nhKeE2thcBbkyxCQ9nWcPrqvR0SyBC8=s0-d
lh5.googleusercontent.com/proxy/ 		416 KB
416 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/proxy/VaZ1iksHWezIkDLbiURJp1GusEy0WfUrUFpCLr2FmmyXAF3n557Hq7BCpRUxP5VXsJOGts3PzoD6o_0AI27NhGlDe_BanKUzMUr4nhKeE2thcBbkyxCQ9nWcPrqvR0SyBC8=s0-d
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c2073171734e0587bce36b62919efa220754e704ce16475c23d8acd8e6a7a4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:22 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
cross-origin-resource-policy
cross-origin
content-disposition
attachment;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
425472
x-xss-protection
0
expires
Sun, 14 Jul 2024 12:48:22 GMT
img_2210.jpg
www.si.com/.image/t_share/MTkxOTU5NDY0NTUzNzUyMDUw/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.si.com/.image/t_share/MTkxOTU5NDY0NTUzNzUyMDUw/img_2210.jpg
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20dc:7600:1:f3fc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f6f2634bc0de948b01fa59bf22f99e2376e34e58a4c27598e9c4d49dc80de9ff

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:22 GMT
via
1.1 75eaed1e8c4b311f3b5fb4f439d6e696.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C1
x-amzn-requestid
b69ecb99-44b9-40d2-a693-f333b93a89c8
x-amzn-trace-id
root=1-66927796-55cc4a466746c07332a159e1;parent=753e38533754dd01;sampled=0;lineage=553ebb7c:0
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-mm-im
B
content-length
226945
x-amz-cf-id
8RS4AN_I5Xk-JhBbBgD_4hMlE4baLnWmTQ_HoqE_Knb7_xNvTbewSA==
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Wrestling%20Singlet%20Size%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02e6763756349aea80a12755b0a4c0db5a1cd8d1b701ec9501e2c9b3d8acb94b

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5500463E96BF42C5BDAAC198355DC390 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1397
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Kids%20Ski%20Size%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
65cac843bc1d6f7db5169ef8cc6d6a178681cb08ea27b6e932b17f3697822d24

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3660581DFCFA4F9AB6EAA5544D5B82AD Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1554
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Bar%20Harbor%20Me%20Tide%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9d96d232baec326a124e564da75c9c008f0a5fea8ce13f0b374a90fad7583ed9

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7223022D3EE54EC08655386B33010E56 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1487
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Demi%20Lovato%20Birth%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8993b7d533b708912478f212d41c07932829022c982140f04cdfc902c542243f

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B46EE64AD93349E8B5EF8AF494F7A195 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1351
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Bed%20Sheet%20Measurements%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2370d5ef63b4097d96488e9709c625fb4cb99e5f90ffa4a7bdf49f224dbfd6f

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 39ED85BD9DF440A79CB6C41066E01992 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1304
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Smart%20Money%20Vs%20Dumb%20Money%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
faebef8629c5de3c00da16bffab926a0869b9ae11bb9b68271c4a79ddaf6e0cd

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B0E5146968A24C7DA900A8DA62483724 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1511
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Metronidazole%20For%20Dogs%20Dosage%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
574492de7b3be817e27c2ca635b08c17f6b853e269524096f0eef878ea30d70d

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3A657047897C45789A160949FEED965E Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1109
th
tse1.mm.bing.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Park%20Mgm%20Seating%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2904274efd5c5e727695967df596ea6d2538d466db1507978c1b5e0c0c1ec375

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DD0305EC858846DFA502D5990EDB3C2F Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1905
th
tse1.mm.bing.net/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Honest%20Diaper%20Size%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
851066f8d6940b770a0c7df007224021ce2066208bf763236a800943e899f2a0

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A4E29813D7B14A2293FA92CE2164463D Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1241
th
tse1.mm.bing.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tse1.mm.bing.net/th?q=Garmin%20Transducer%20Compatibility%20Chart&w=50&h=50&c=7
Requested by
Host: adv2.expres.ua
URL: https://adv2.expres.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
20aa5b3505fb9e9222c1d875fafabe3b432aa414e975202774f05bf8c6b45cc4

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E2B6198800974CF6AD682FAF2DFA2439 Ref B: FRA31EDGE0605 Ref C: 2024-07-13T12:48:21Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
1129
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: ends.my.id
URL: https://ends.my.id/start/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ends.my.id/
Origin
https://adv2.expres.ua
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:48:47 GMT
x-content-type-options
nosniff
age
356374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47272
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:48:47 GMT
t.php
c.statcounter.com/ 		192 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12923534&u1=99435B92A2BF4F55BBB9107EE504780D&java=1&security=e500f9d6&sc_snum=1&sess=99b877&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//adv2.expres.ua/&t=Meal%20Planning%20Chart&invisible=1&sc_rum_e_s=1072&sc_rum_e_e=1074&sc_rum_f_s=0&sc_rum_f_e=1070&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.95.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:21 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://adv2.expres.ua
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
8a2963078eca7774-LHR
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2GK21J8RGJ&gtm=45je4790v9167132037za200&_p=1720874901495&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2135281287.1720874902&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720874901&sct=1&seg=0&dl=https%3A%2F%2Fadv2.expres.ua%2F&dt=Meal%20Planning%20Chart&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1266&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2GK21J8RGJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 12:48:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://adv2.expres.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adv2.expres.ua/
Redirect Chain
  • https://adv2.expres.ua/favicon.ico
  • https://adv2.expres.ua/
22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://adv2.expres.ua/
Protocol
H2
Server
88.80.191.215 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
88-80-191-215.ip.linodeusercontent.com
Software
Apache /
Resource Hash
c076ca9d71ab9cf96d65cb8dbf967cde27bde693da648cd8b6985dfba80c40cb

Request headers

Referer
https://adv2.expres.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 12:48:20 GMT
content-encoding
gzip
last-modified
Fri, 31 May 2024 11:38:56 GMT
server
Apache
etag
"58d0-619be6dbf5400-gzip"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
4817

Redirect headers

location
https://adv2.expres.ua/
date
Sat, 13 Jul 2024 12:48:23 GMT
server
Apache
content-length
272
content-type
text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imagesvc.meredithcorp.io
URL
https://imagesvc.meredithcorp.io/v3/mm/image?url=https://static.onecms.io/wp-content/uploads/sites/23/2020/07/23/how-to-measure-bra-size-chart-band-cup-volume-finder-2000.jpg

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag number| sc_project number| sc_invisible string| sc_security string| ars object| dataLayer string| noThumbnail function| $ function| jQuery function| _statcounter object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
.adv2.expres.ua/ Name: sc_is_visitor_unique
Value: rx12923534.1720874902.99435B92A2BF4F55BBB9107EE504780D.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12923534.1720874901.0
.statcounter.com/ Name: is_visitor_unique
Value: 1720874901125038741
.expres.ua/ Name: _ga_2GK21J8RGJ
Value: GS1.1.1720874901.1.0.1720874901.0.0.0
.expres.ua/ Name: _ga
Value: GA1.1.2135281287.1720874902

3 Console Messages

Source Level URL
Text
javascript warning URL: https://ends.my.id/start/body.js(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ends.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ends.my.id/start/body.js(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ends.my.id/ads/banner-loading.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning URL: https://adv2.expres.ua/
Message:
Mixed Content: The page at 'https://adv2.expres.ua/' was loaded over HTTPS, but requested an insecure element 'http://www.tide-forecast.com/tides/Los-Angeles-California.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adv2.expres.ua
ajax.googleapis.com
c.statcounter.com
charitypaws.com
d2o50i5c2dr30a.cloudfront.net
ends.my.id
fonts.gstatic.com
i.pinimg.com
icons.iconarchive.com
imagesvc.meredithcorp.io
lh5.googleusercontent.com
region1.google-analytics.com
secureservercdn.net
sstatic1.histats.com
tse1.mm.bing.net
www.googletagmanager.com
www.si.com
www.statcounter.com
www.surf-forecast.com
www.thekidstoothdoc.com
www.tide-forecast.com
imagesvc.meredithcorp.io
104.20.95.138
149.56.240.130
172.64.150.184
172.67.195.159
188.114.97.3
2001:4860:4802:32::36
209.126.100.76
2600:9000:20dc:7600:1:f3fc:4700:93a1
2606:4700:3038::6815:ebd6
2620:1ec:33:1::10
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a02:fe80:1010::16
2a04:4e42:8e::84
50.30.36.249
65.9.7.55
88.80.191.215
0007b96dbeb8db7847fa973a9351666a201db0c2c37fc0b77c89a41d6594142a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02e6763756349aea80a12755b0a4c0db5a1cd8d1b701ec9501e2c9b3d8acb94b
0a271602256c72ee1ee042ae2c90818107530c6b899c363e627eacaef389fa83
0c2073171734e0587bce36b62919efa220754e704ce16475c23d8acd8e6a7a4e
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
20aa5b3505fb9e9222c1d875fafabe3b432aa414e975202774f05bf8c6b45cc4
2904274efd5c5e727695967df596ea6d2538d466db1507978c1b5e0c0c1ec375
32102fd388adbc5a105b0304fdd0a60139a6598b299b7d4c30f7c6650502f479
5442ced2cf21dbfdf8e5296ec960d08e40b25085ec6e9d1cd94bd519f88f9277
574492de7b3be817e27c2ca635b08c17f6b853e269524096f0eef878ea30d70d
65cac843bc1d6f7db5169ef8cc6d6a178681cb08ea27b6e932b17f3697822d24
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6af0cec41033632755cb4bed4f114d56d66a2af931df44ac0d16ce7c45b7814f
848fc9321459feed3f6fe66e77c62177ed55239fa9a75e0a09bb7d54d63e6035
851066f8d6940b770a0c7df007224021ce2066208bf763236a800943e899f2a0
8603ff49be1c4de53a1d8ba654372a3cd6f44b243812d7890bc485e92177c38c
8993b7d533b708912478f212d41c07932829022c982140f04cdfc902c542243f
9a42eb0eab85145e76fad886a84227c6d2f2ac28eead6db37211ac647476f3b6
9d96d232baec326a124e564da75c9c008f0a5fea8ce13f0b374a90fad7583ed9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
c076ca9d71ab9cf96d65cb8dbf967cde27bde693da648cd8b6985dfba80c40cb
de24a81f9e3fd1ff9b1accc980c0cf4924c37b8fd6dd4e6fa5db3ff33cb10f21
e54d1b10b78453d3782d3787191eeed6f44a1d86e12839401cbcc139c68be586
e5dd55e0e648e6658b78b8535ff671faf692d8f4064d927f0663bdee6a529b00
e79cbcbab17292979c3f022abb78e43ff0bd5af59177882526fbb435a826fb4e
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f2370d5ef63b4097d96488e9709c625fb4cb99e5f90ffa4a7bdf49f224dbfd6f
f6f2634bc0de948b01fa59bf22f99e2376e34e58a4c27598e9c4d49dc80de9ff
faebef8629c5de3c00da16bffab926a0869b9ae11bb9b68271c4a79ddaf6e0cd