Submitted URL: http://passport.i.ua/
Effective URL: https://passport.i.ua/
Submission Tags: 0xscam
Submission: On September 15 via api from US — Scanned from CA

Summary

This website contacted 7 IPs in 5 countries across 6 domains to perform 31 HTTP transactions. The main IP is 104.18.2.81, located in and belongs to CLOUDFLARENET, US. The main domain is passport.i.ua.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.
This is the only time passport.i.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 104.18.2.81 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 4 51.83.200.186 16276 (OVH)
1 2607:f8b0:400... 15169 (GOOGLE)
2 185.187.81.40 43332 (IDSTRATEG...)
1 146.59.30.96 16276 (OVH)
31 7
Apex Domain
Subdomains
Transfer
21 i.ua
passport.i.ua
i3.i.ua
i.i.ua
r.i.ua — Cisco Umbrella Rank: 375119
64 KB
5 gemius.pl
kpmediagaua.hit.gemius.pl
ls.hit.gemius.pl — Cisco Umbrella Rank: 28761
22 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
970 B
1 loadercdn.net
loadercdn.net
170 B
1 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 755937
24 KB
1 gstatic.com
www.gstatic.com
217 KB
31 6
Domain Requested by
15 i3.i.ua passport.i.ua
i3.i.ua
4 kpmediagaua.hit.gemius.pl 1 redirects passport.i.ua
kpmediagaua.hit.gemius.pl
4 passport.i.ua 1 redirects passport.i.ua
3 www.google.com passport.i.ua
www.gstatic.com
1 loadercdn.net passport.i.ua
1 ls.hit.gemius.pl kpmediagaua.hit.gemius.pl
1 s.zmctrack.net passport.i.ua
1 www.gstatic.com www.google.com
1 r.i.ua passport.i.ua
1 i.i.ua passport.i.ua
31 10

This site contains links to these domains. Also see Links.

Domain
www.i.ua
help.i.ua
Subject Issuer Validity Valid
passport.i.ua
WE1
2024-08-30 -
2024-11-28
3 months crt.sh
i3.i.ua
WE1
2024-08-30 -
2024-11-28
3 months crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
i.i.ua
WE1
2024-08-30 -
2024-11-28
3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2024-09-12 -
2025-09-25
a year crt.sh
r.i.ua
WE1
2024-08-30 -
2024-11-28
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA
2024-04-23 -
2025-04-26
a year crt.sh
loadercdn.net
E6
2024-07-09 -
2024-10-07
3 months crt.sh

This page contains 7 frames:

Primary Page: https://passport.i.ua/
Frame ID: 9AD9238EE22FEBA8F19E25A7325787A5
Requests: 24 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: AAED135BD08C319C44B9E550ECC99A3E
Requests: 1 HTTP requests in this frame

Frame: https://passport.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: CE11162FC48E9AB7744C0C04AFE9E862
Requests: 2 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: ADAF8A1DE5384B3E4A9618281FB8CE91
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchWycdAAAAAEDKnHV66qnQCc3HweIPLOZswEsV&co=aHR0cHM6Ly9wYXNzcG9ydC5pLnVhOjQ0Mw..&hl=uk&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=normal&cb=3yl6qil2ao31
Frame ID: 1B68F02F31A65463253118FEEF5AC496
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 74C8B322E75B353128EC0B1183E079DB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LchWycdAAAAAEDKnHV66qnQCc3HweIPLOZswEsV
Frame ID: 5BE883F206842A9AF9040AC5F2592EEA
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Паспорт - I.UA 

Page URL History Show full URLs

  1. http://passport.i.ua/ HTTP 307
    https://passport.i.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

31
Requests

90 %
HTTPS

33 %
IPv6

6
Domains

10
Subdomains

7
IPs

5
Countries

328 kB
Transfer

843 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://passport.i.ua/ HTTP 307
    https://passport.i.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://passport.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://passport.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Request Chain 27
  • https://kpmediagaua.hit.gemius.pl/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%2F%2Fpassport.i.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cBDKUJ4zc9VpqvNRCfqFl0.4.9fDWEkH3fqNLy_UAVr.H7kzj285X8HtRZcPR76XBdOCnetMzCYL8Gw8Fp1sVwiJ42Sq/DelJyyg2ZqOkB/&fpdata=3st17ai7NwGFEgcBhoDOAIWda0vTCc80PuAszNWmc43.n7%7C1726398267%7C2&ltime=2206&fr=1&ref=&inner=_ver%3D354%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C_title%3D%D0%9F%D0%B0%D1%81%D0%BF%D0%BE%D1%80%D1%82%20-%C2%A0I.UA%C2%A0&exid=66e6bf3b2e06353d&brts=1726398269&fpcap= HTTP 301
  • https://kpmediagaua.hit.gemius.pl/__/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%2F%2Fpassport.i.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cBDKUJ4zc9VpqvNRCfqFl0.4.9fDWEkH3fqNLy_UAVr.H7kzj285X8HtRZcPR76XBdOCnetMzCYL8Gw8Fp1sVwiJ42Sq/DelJyyg2ZqOkB/&fpdata=3st17ai7NwGFEgcBhoDOAIWda0vTCc80PuAszNWmc43.n7%7C1726398267%7C2&ltime=2206&fr=1&ref=&inner=_ver%3D354%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C_title%3D%D0%9F%D0%B0%D1%81%D0%BF%D0%BE%D1%80%D1%82%20-%C2%A0I.UA%C2%A0&exid=66e6bf3b2e06353d&brts=1726398269&fpcap=

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
passport.i.ua/
Redirect Chain
  • http://passport.i.ua/
  • https://passport.i.ua/
37 KB
14 KB
Document
General
Full URL
https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19609e767891c32c205f28c18354bd844542f3674ea1fbb7cfe5bae184fca668

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c3822ba3f84abeb-YYZ
content-encoding
br
content-type
text/html; charset=windows-1251
date
Sun, 15 Sep 2024 11:04:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://passport.i.ua/
Non-Authoritative-Reason
HttpsUpgrades
login.yf5077c54.css
i3.i.ua/css/i2/blue/
36 KB
8 KB
Stylesheet
General
Full URL
https://i3.i.ua/css/i2/blue/login.yf5077c54.css
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4f2ad1555c7b947c3f9076f8a3939b40b7ed3117a40e0fba8a66985fc54c58

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 05 Apr 2017 10:58:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
8c3822c42d7336c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sun, 15 Sep 2024 15:04:25 GMT
util.ya033ba43.js
i3.i.ua/js/
14 KB
5 KB
Script
General
Full URL
https://i3.i.ua/js/util.ya033ba43.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2016 10:16:54 GMT
server
cloudflare
age
17248786
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c43d7a36c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
JSHttpRequest.y989b751f.js
i3.i.ua/js/
13 KB
4 KB
Script
General
Full URL
https://i3.i.ua/js/JSHttpRequest.y989b751f.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2017 10:11:42 GMT
server
cloudflare
age
11926302
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c42d7936c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
global.y18bbae35.js
i3.i.ua/js/i/
25 KB
6 KB
Script
General
Full URL
https://i3.i.ua/js/i/global.y18bbae35.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 May 2018 09:28:34 GMT
server
cloudflare
age
17248786
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c43d8136c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
autoload.y718797e6.js
i3.i.ua/js/i/
13 KB
4 KB
Script
General
Full URL
https://i3.i.ua/js/i/autoload.y718797e6.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Apr 2024 23:41:39 GMT
server
cloudflare
age
11919038
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c43d8236c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
form.y5b5b4ba3.js
i3.i.ua/js/
12 KB
3 KB
Script
General
Full URL
https://i3.i.ua/js/form.y5b5b4ba3.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a316b68beaa0610dc79525d57913cadc3536fd4b3e2f896f86d418976fee70d

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 26 Aug 2012 10:37:44 GMT
server
cloudflare
age
11926302
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c43d7f36c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
form.yab1d854f.js
i3.i.ua/js/i/
2 KB
922 B
Script
General
Full URL
https://i3.i.ua/js/i/form.yab1d854f.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
627195335acbcbd797ec0ac9bcb53f017dffb8e4af4e3725e54e38a6312cf560

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 11:51:16 GMT
server
cloudflare
age
21335636
vary
Accept-Encoding
content-type
application/x-javascript; charset=windows-1251
cache-control
public, max-age=31536000
cf-ray
8c3822c43d7b36c3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Mon, 15 Sep 2025 11:04:25 GMT
logo_new.png
i3.i.ua/v2/logo/
4 KB
5 KB
Image
General
Full URL
https://i3.i.ua/v2/logo/logo_new.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b70b139bc628cbcad9a4341ad86179ab9cd63f3bc029b2ded1747c8bd0dd8f

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2011 13:02:52 GMT
server
cloudflare
age
73246
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c5be6c36c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
4529
expires
Mon, 15 Sep 2025 11:04:25 GMT
share_gmail_24.png
i3.i.ua/v2/ico/share/
1 KB
1 KB
Image
General
Full URL
https://i3.i.ua/v2/ico/share/share_gmail_24.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c53599111aad679316ed338ab5358b4c091565f53745d7ea3096e36b8990335e

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Mon, 07 May 2012 08:05:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c5be6d36c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
1033
expires
Mon, 15 Sep 2025 11:04:25 GMT
share_email_24.png
i3.i.ua/v2/ico/share/
836 B
1013 B
Image
General
Full URL
https://i3.i.ua/v2/ico/share/share_email_24.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efe83a8ed088a44f515ddb843d972790774a466354cbf5ca3ffa058cf331f848

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Mon, 07 May 2012 10:08:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c7bf8f36c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
836
expires
Mon, 15 Sep 2025 11:04:25 GMT
share_facebook_24.png
i3.i.ua/v2/ico/share/
847 B
1 KB
Image
General
Full URL
https://i3.i.ua/v2/ico/share/share_facebook_24.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735e9705354bd44176cda74f5f7bf61870d1e918dd4d00ff5b55244d9bf0e812

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Jul 2010 13:06:54 GMT
server
cloudflare
age
31488
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c7bf9036c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
847
expires
Mon, 15 Sep 2025 11:04:25 GMT
share_twitter_24.png
i3.i.ua/v2/ico/share/
1002 B
1 KB
Image
General
Full URL
https://i3.i.ua/v2/ico/share/share_twitter_24.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dd0f9a151da02076bed69c4fd0846a22f7be11109377fd401c28933963c4b5e

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Fri, 16 Jul 2010 13:06:44 GMT
server
cloudflare
age
31488
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c8581536c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
1002
expires
Mon, 15 Sep 2025 11:04:25 GMT
share_googleplus_24.png
i3.i.ua/v2/ico/share/
1 KB
2 KB
Image
General
Full URL
https://i3.i.ua/v2/ico/share/share_googleplus_24.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385adf6fbb621b7391ee50d5dbe190c93bb64af4495f3f40b05ab0baa3fc4f12

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Mar 2012 09:48:06 GMT
server
cloudflare
age
31488
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c8b85436c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
1433
expires
Mon, 15 Sep 2025 11:04:25 GMT
api.js
www.google.com/recaptcha/
1 KB
970 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?hl=uk
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
123ed5ddd621b21752a04184c91fe4bcb9db4aaaddc821e6cdb330608d54c221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires
Sun, 15 Sep 2024 11:04:26 GMT
3_1_2.png
i.i.ua/r/
2 KB
2 KB
Image
General
Full URL
https://i.i.ua/r/3_1_2.png
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:26 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Sep 2006 16:33:08 GMT
server
cloudflare
age
17242127
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822caac5b5437-YYZ
alt-svc
h3=":443"; ma=86400
content-length
2196
expires
Mon, 15 Sep 2025 11:04:26 GMT
xgemius.js
kpmediagaua.hit.gemius.pl/
70 KB
20 KB
Script
General
Full URL
https://kpmediagaua.hit.gemius.pl/xgemius.js
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
d5268577c0d9f3f55057623bd0875e2c40886a637b9652e7f11e083ade74b30c

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:27 GMT
content-encoding
gzip
last-modified
Wed, 11 Sep 2024 12:16:21 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
20438
expires
Sun, 15 Sep 2024 23:04:27 GMT
s
r.i.ua/
43 B
383 B
Image
General
Full URL
https://r.i.ua/s?u1&p0&n0.4964947694415647&c1&d24&w1600&h1200&rpassport.i.ua/
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 11:04:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
p3p
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
no-cache, must-revalidate
cf-ray
8c3822ca795a36af-YYZ
alt-svc
h3=":443"; ma=86400
expires
0
top_gradient_bg_blue.png
i3.i.ua/v2/gamma/
155 B
339 B
Image
General
Full URL
https://i3.i.ua/v2/gamma/top_gradient_bg_blue.png?r
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/login.yf5077c54.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2

Request headers

Referer
https://i3.i.ua/css/i2/blue/login.yf5077c54.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Dec 2010 12:45:48 GMT
server
cloudflare
age
2624026
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c9187736c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
155
expires
Mon, 15 Sep 2025 11:04:25 GMT
screamer_orange_16.png
i3.i.ua/v2/control/
201 B
383 B
Image
General
Full URL
https://i3.i.ua/v2/control/screamer_orange_16.png?r
Requested by
Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/login.yf5077c54.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f84f0192e0f11fabe16dc847c385079b7ec5cf41adc4b00d0d3a380cca5e9d

Request headers

Referer
https://i3.i.ua/css/i2/blue/login.yf5077c54.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:25 GMT
cf-cache-status
HIT
last-modified
Fri, 29 Oct 2010 09:24:58 GMT
server
cloudflare
age
73975
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8c3822c9187836c3-YYZ
alt-svc
h3=":443"; ma=86400
content-length
201
expires
Mon, 15 Sep 2025 11:04:25 GMT
recaptcha__uk.js
www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/
544 KB
217 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__uk.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df289157cbbb74010dc3db74c486e5c216391d7b963613ad4c566192693447d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://passport.i.ua/
Origin
https://passport.i.ua
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 13 Sep 2024 18:14:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147000
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221121
x-xss-protection
0
last-modified
Mon, 26 Aug 2024 04:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 13 Sep 2025 18:14:27 GMT
z
s.zmctrack.net/ Frame AAED
55 KB
24 KB
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
f24aa95a0322d313989f138cfc6118a30297477586b2db8ed85ee3a6e6fe966b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 15 Sep 2024 11:04:28 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
24464
expires
Thu, 01 Jan 1970 00:00:01 GMT
main.js
passport.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame CE11
Redirect Chain
  • https://passport.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://passport.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB
Script
General
Full URL
https://passport.i.ua/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H3
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0327feac38b7cb0fe9981118fa4d9571f67ecf390292dfcda4b3458af4dfbf8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c3822d9ab62abeb-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 15 Sep 2024 11:04:27 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c3822d41872abeb-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
fpdata.js
kpmediagaua.hit.gemius.pl/
275 B
390 B
Script
General
Full URL
https://kpmediagaua.hit.gemius.pl/fpdata.js?href=passport.i.ua
Requested by
Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
51.83.200.186 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
d9e1e19b6aa05d59158577f0668ebd3ad93bd1f6d8d3b6e3206caab826b0fdb3

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 15 Sep 2024 11:04:27 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
275
expires
Tue, 15 Oct 2024 11:04:27 GMT
lsget.html
ls.hit.gemius.pl/ Frame ADAF
0
0
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-146-59-30.eu
Software
GHC /
Resource Hash

Request headers

Referer
https://passport.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2809
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 11:04:29 GMT
etag
PRIVATE7520710249
expires
Tue, 15 Oct 2024 11:04:29 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
anchor
www.google.com/recaptcha/api2/ Frame 1B68
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LchWycdAAAAAEDKnHV66qnQCc3HweIPLOZswEsV&co=aHR0cHM6Ly9wYXNzcG9ydC5pLnVhOjQ0Mw..&hl=uk&v=WV-mUKO4xoWKy9M4ZzRyNrP_&size=normal&cb=3yl6qil2ao31
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__uk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WFfHOqq1pz_Pzngk3iUuLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://passport.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WFfHOqq1pz_Pzngk3iUuLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 11:04:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
/
loadercdn.net/
0
170 B
Image
General
Full URL
https://loadercdn.net/?r=1&u=e289255c0e490892&d=passport.i.ua
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 15 Sep 2024 11:04:30 GMT
server
openresty
8c3822ba3f84abeb
passport.i.ua/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CE11
0
629 B
XHR
General
Full URL
https://passport.i.ua/cdn-cgi/challenge-platform/h/b/jsd/r/8c3822ba3f84abeb
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 15 Sep 2024 11:04:30 GMT
server
cloudflare
cf-ray
8c3822e4091eabeb-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
rexdot.js
kpmediagaua.hit.gemius.pl/__/_1726398269984/
Redirect Chain
  • https://kpmediagaua.hit.gemius.pl/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%2F%...
  • https://kpmediagaua.hit.gemius.pl/__/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%...
169 B
659 B
Script
General
Full URL
https://kpmediagaua.hit.gemius.pl/__/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%2F%2Fpassport.i.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cBDKUJ4zc9VpqvNRCfqFl0.4.9fDWEkH3fqNLy_UAVr.H7kzj285X8HtRZcPR76XBdOCnetMzCYL8Gw8Fp1sVwiJ42Sq/DelJyyg2ZqOkB/&fpdata=3st17ai7NwGFEgcBhoDOAIWda0vTCc80PuAszNWmc43.n7%7C1726398267%7C2&ltime=2206&fr=1&ref=&inner=_ver%3D354%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C_title%3D%D0%9F%D0%B0%D1%81%D0%BF%D0%BE%D1%80%D1%82%20-%C2%A0I.UA%C2%A0&exid=66e6bf3b2e06353d&brts=1726398269&fpcap=
Requested by
Host: passport.i.ua
URL: https://passport.i.ua/
Protocol
H2
Server
51.83.200.186 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-83-200.eu
Software
GHC /
Resource Hash
abd23716e45ee87de6427c0f1b33b21634262bdf8246ac23226db20595fb3a58

Request headers

Referer
https://passport.i.ua/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Sep 2024 11:04:30 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
application/x-javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
169
expires
Sat, 14 Sep 2024 11:04:30 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Sep 2024 11:04:30 GMT
server
GHC
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1726398269984/rexdot.js?l=100&sendf=24&id=dwAwQktqZ0Xfjvs7CYfsBacT.M5ghpgjcuSMNYi5C57.G7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=420&fv=-&href=https%3A%2F%2Fpassport.i.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=cBDKUJ4zc9VpqvNRCfqFl0.4.9fDWEkH3fqNLy_UAVr.H7kzj285X8HtRZcPR76XBdOCnetMzCYL8Gw8Fp1sVwiJ42Sq/DelJyyg2ZqOkB/&fpdata=3st17ai7NwGFEgcBhoDOAIWda0vTCc80PuAszNWmc43.n7%7C1726398267%7C2&ltime=2206&fr=1&ref=&inner=_ver%3D354%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D%7C_title%3D%D0%9F%D0%B0%D1%81%D0%BF%D0%BE%D1%80%D1%82%20-%C2%A0I.UA%C2%A0&exid=66e6bf3b2e06353d&brts=1726398269&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 14 Sep 2024 11:04:30 GMT
z
s.zmctrack.net/ Frame 74C8
0
0

bframe
www.google.com/recaptcha/api2/ Frame 5BE8
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=uk&v=WV-mUKO4xoWKy9M4ZzRyNrP_&k=6LchWycdAAAAAEDKnHV66qnQCc3HweIPLOZswEsV
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/WV-mUKO4xoWKy9M4ZzRyNrP_/recaptcha__uk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nD0rkP7bb1vCaPs-BHiWEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://passport.i.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nD0rkP7bb1vCaPs-BHiWEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Sep 2024 11:04:33 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.zmctrack.net
URL
https://s.zmctrack.net/z

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 number| lmJsVersion string| lmJsPath number| JS_LANG_ID boolean| I_VER2 boolean| I_SSL string| JS_ERROR_NOTIFY function| browseIt object| b function| trim function| stripTags function| checkAll function| checkDate function| frPr object| toggleDisplay_hiddenObj function| toggleDisplay function| dce function| dct function| dge function| getItemIndex function| arrayPos function| peUtilClearContainer function| strCmp function| striCmp function| DBG function| nalert function| formatStToSafeGET function| inputLimit function| getPosition function| getPosition2 function| getOffsetRect function| mouseCoords function| getWindowInfo function| itemSpelling function| addToBody function| util_htmlspecialchars function| sprintf function| utilSetCookie function| utilGetCookie function| hrefSSG object| UtilLite boolean| UTIL_LOADED boolean| UTIL_READY function| Subsys_JsHttpRequest_Js function| i_showFloat function| i_showFloat2 function| i_showFloat3 function| i_lForm2 function| i_lForm function| i_blinkM string| i_chkEmlUrl function| i_checkNewMail function| i_checkNewMailResponse number| i_checkInterval function| i_updateSCode function| i_removeDefVal function| i_keypress function| i_showSections function| i_showPeopleOnline function| i_showPeopleOnline2 function| i_poSetLoading function| i_poSetLoading2 function| i_poHideBadObjects function| i_poReady function| i_closePeopleOnline function| i_closePeopleOnline2 function| i_getBottomPos function| i_s function| bannerInternalFooterJS function| i_checkOpenstat function| i_closeDisclaimer object| poToggledObjects object| Autoload function| formManagerLog function| validateStr function| validateVal function| validateImg function| validateFile number| FV_TYPE_STRING number| FV_TYPE_INTEGER number| FV_TYPE_BOOL number| FV_TYPE_FLOAT number| FV_TYPE_ARRAY number| FV_E_EMPTY number| FV_E_TYPE number| FV_E_MIN number| FV_E_MAX number| FV_E_ARRAY number| FV_E_PATTERN number| FV_E_CUSTOM string| FV_FIELD object| FV_E_TEXT function| FV_choiseJSLanguage function| setOptionsLeave function| setOptions function| disableSubmit function| doRegenerateRndImage function| regenerateRndImage function| PROJ_clearError function| PROJ_showVarError function| PROJ_showFormError function| ILoadScript string| pp_gemius_identifier function| gemius_pending object| _gaq string| iS object| iD string| iH string| bmQ object| bmD object| bmS function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| chType function| disp function| doLoad function| escapeHtml function| doLoadUp function| doLoad2 function| doLoadUp2 function| socialClick function| receiveFromSocial function| rform_extended_validate function| rform_validate object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| names object| name246now object| gemius_init_pageview object| gemius_cmpclient object| gemius_cookie function| GemiusHitcolConnector object| gemius_hcconn function| gemius_cmd function| pp_gemius_cmd function| gemius_init function| pp_gemius_init function| gemius_close number| pp_gemius_cnt object| recaptcha object| closure_lm_774902

10 Cookies

Domain/Path Name / Value
.i.ua/ Name: __cf_bm
Value: U8an34gcSZISSlFrPHg8wvKfF69L_Jls3dUAh5TK_e0-1726398264-1.0.1.1-Q2w2gNpgyYsiCqe.hT9FvnMK7oI59iR2wloADa02WjMGiklrpZ1bGcNU79XkhXrFTjHzZz3n2Z9aDxfMQCryIA
passport.i.ua/ Name: b
Value: b
.i.ua/ Name: __gfp_64b
Value: 3st17ai7NwGFEgcBhoDOAIWda0vTCc80PuAszNWmc43.n7|1726398267|2
passport.i.ua/ Name: cbtYmTName
Value: h/yl7uOlvaXitb++tbKy5Lfis763v761pfpj
.i.ua/ Name: cf_clearance
Value: nCsJ3vYBgMJftbWZz6oJJ0g5XyBEBlQk2mlMmBFzts8-1726398270-1.2.1.1-fp8gzFY3bc2ZoT2o2FkCZovmF5B01AaWyGaiFeL8ugWrdYv968ssRts0Jg7Bs.elyBMLKPOsDyIVLsG6sOHmNgWY4Q6OiqTRc6O2ZyFSUFo6aY6TI1n_GOCreQMmeq4tdbvcgRbeciwCYiBYmFQGEv2R_2x21aXYKEJtFkiUmTrV1lgLNNiu6CKBZHtJZD7S5T.qpHIz5UfdXmmXpnBnQu.3bz_0p9JdJghRvtVQdxfSYg0NkIciLr6E6VPHG_xntDzvSgOZzb2r_mLmiRMAh4X9gVM32HSKAJQ4tXDSB.gxsRCYSk1.iEPh9kMA5PSl5kb5BjCKNskuQ1WCYfbsOsshHTw35vQp4E4P0QTfqhsGa.RCOMOwX_a4qhV16jaT
.hit.gemius.pl/ Name: receive-cookie-deprecation
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlQSGMMGQMGGj4EoV-rbyTlUssGMXP8c25nSGm9JEnPIop1UsG..
.hit.gemius.pl/ Name: Gdyn
Value: KlSgNRMGQMGGj4EoV-rbyTlUssGMXP8c25nSGm9JEnPIopMUGsRPIQlGvGQpSFT8SmGT8SpGDlUUg69iaQG.
.hit.gemius.pl/ Name: Gdynp
Value: kMwrLGXO4MDwzUmhZkd.879SSYSKVB6zuqABTA0d9yz.H7
loadercdn.net/ Name: vui
Value: a3f5698809fd4e6b859a050d1488f7dc

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://passport.i.ua/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.i.ua
i3.i.ua
kpmediagaua.hit.gemius.pl
loadercdn.net
ls.hit.gemius.pl
passport.i.ua
r.i.ua
s.zmctrack.net
www.google.com
www.gstatic.com
s.zmctrack.net
104.18.2.81
146.59.30.96
185.187.81.40
2607:f8b0:4006:80e::2004
2607:f8b0:4006:817::2003
51.83.200.186
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36
123ed5ddd621b21752a04184c91fe4bcb9db4aaaddc821e6cdb330608d54c221
19609e767891c32c205f28c18354bd844542f3674ea1fbb7cfe5bae184fca668
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
385adf6fbb621b7391ee50d5dbe190c93bb64af4495f3f40b05ab0baa3fc4f12
38b70b139bc628cbcad9a4341ad86179ab9cd63f3bc029b2ded1747c8bd0dd8f
38f84f0192e0f11fabe16dc847c385079b7ec5cf41adc4b00d0d3a380cca5e9d
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1
4d4f2ad1555c7b947c3f9076f8a3939b40b7ed3117a40e0fba8a66985fc54c58
627195335acbcbd797ec0ac9bcb53f017dffb8e4af4e3725e54e38a6312cf560
6dd0f9a151da02076bed69c4fd0846a22f7be11109377fd401c28933963c4b5e
735e9705354bd44176cda74f5f7bf61870d1e918dd4d00ff5b55244d9bf0e812
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5
9a316b68beaa0610dc79525d57913cadc3536fd4b3e2f896f86d418976fee70d
abd23716e45ee87de6427c0f1b33b21634262bdf8246ac23226db20595fb3a58
c53599111aad679316ed338ab5358b4c091565f53745d7ea3096e36b8990335e
d5268577c0d9f3f55057623bd0875e2c40886a637b9652e7f11e083ade74b30c
d9e1e19b6aa05d59158577f0668ebd3ad93bd1f6d8d3b6e3206caab826b0fdb3
df289157cbbb74010dc3db74c486e5c216391d7b963613ad4c566192693447d5
e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efe83a8ed088a44f515ddb843d972790774a466354cbf5ca3ffa058cf331f848
f0327feac38b7cb0fe9981118fa4d9571f67ecf390292dfcda4b3458af4dfbf8
f24aa95a0322d313989f138cfc6118a30297477586b2db8ed85ee3a6e6fe966b