0.blueselectorpage.com Open in urlscan Pro
2606:4700:3031::ac43:940a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukraine-index.top/
Effective URL:
https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3
Submission: On September 03 via manual (September 3rd 2024, 8:48:54 am UTC) from RU — Scanned from GB

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3031::ac43:940a, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0.blueselectorpage.com.
TLS certificate: Issued by WE1 on August 8th 2024. Valid for: 3 months.

This is the only time 0.blueselectorpage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a02:4780:a:5... 2a02:4780:a:543:0:1bd3:3135:a	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2606:4700:303... 2606:4700:3031::6815:2975	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	185.45.153.82 185.45.153.82	199790 (IPTELECOM...) (IPTELECOMBULGARIA-AS)
1 3	2606:4700:303... 2606:4700:3033::ac43:a717	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:2f86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3031::ac43:940a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	15

18 2a02:4780:a:543:0:1bd3:3135:a (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)

ukraine-index.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:2975 (United States)

ASN13335 (CLOUDFLARENET, US)

wave.rdntocdns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

flow.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gogo.recordsbluemountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

newrotatormarch23.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.45.153.82 (Bulgaria)

ASN199790 (IPTELECOMBULGARIA-AS, BG)
PTR: 82.153.45.185.fr.sipdc.net

zadarma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::ac43:a717 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

from.taskscompletedlists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
to.taskscompletedlists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:2f86 (United States)

ASN13335 (CLOUDFLARENET, US)

blueselectorpage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:940a (United States)

ASN13335 (CLOUDFLARENET, US)

0.blueselectorpage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ukraine-index.top ukraine-index.top	87 KB
7	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	6 KB
7	gstatic.com fonts.gstatic.com	314 KB
7	newrotatormarch23.bid newrotatormarch23.bid — Cisco Umbrella Rank: 287493	25 KB
4	blueselectorpage.com blueselectorpage.com 0.blueselectorpage.com	15 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	128 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	9 KB
3	taskscompletedlists.com from.taskscompletedlists.com Failed to.taskscompletedlists.com	2 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 20368	872 B
2	recordsbluemountain.com flow.recordsbluemountain.com gogo.recordsbluemountain.com	18 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	194 KB
1	zadarma.com zadarma.com — Cisco Umbrella Rank: 213623	16 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	82 KB
1	rdntocdns.com wave.rdntocdns.com	15 KB
60	14

	Domain	Requested by
18	ukraine-index.top	ukraine-index.top
7	mc.yandex.ru	3 redirects ukraine-index.top cdn.jsdelivr.net
7	fonts.gstatic.com	fonts.googleapis.com
7	newrotatormarch23.bid	ukraine-index.top newrotatormarch23.bid
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	fonts.googleapis.com	ukraine-index.top
2	0.blueselectorpage.com	ukraine-index.top
2	blueselectorpage.com
2	to.taskscompletedlists.com	gogo.recordsbluemountain.com
2	mc.webvisor.org	1 redirects
2	pagead2.googlesyndication.com	ukraine-index.top pagead2.googlesyndication.com
1	from.taskscompletedlists.com	gogo.recordsbluemountain.com
1	zadarma.com	ukraine-index.top
1	gogo.recordsbluemountain.com	flow.recordsbluemountain.com
1	cdn.jsdelivr.net	ukraine-index.top
1	flow.recordsbluemountain.com	wave.rdntocdns.com
1	wave.rdntocdns.com	ukraine-index.top
60	17

This site contains no links.

Subject Issuer	Validity	Valid
ukraine-index.top R10	`2024-07-30` - `2024-10-28`	3 months	crt.sh
rdntocdns.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
recordsbluemountain.com WE1	`2024-07-17` - `2024-10-15`	3 months	crt.sh
newrotatormarch23.bid R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.zadarma.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-22` - `2024-12-21`	a year	crt.sh
taskscompletedlists.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
blueselectorpage.com WE1	`2024-08-08` - `2024-11-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3
Frame ID: 8C96FF785D9006FCA61ED4075938603E
Requests: 62 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 47FB49DE87F5DA0FD1459E098D8F31B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser

Page URL History Show full URLs

http://ukraine-index.top/ HTTP 307
https://ukraine-index.top/ Page URL
https://from.taskscompletedlists.com/xV74Ky HTTP 302
https://to.taskscompletedlists.com/Qvr4Tm Page URL
https://blueselectorpage.com/go/gi2dqodfme5dcojuga2q?sub1=carlos&sub3=reppy3 Page URL
https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

60
Requests

92 %
HTTPS

86 %
IPv6

14
Domains

17
Subdomains

15
IPs

6
Countries

908 kB
Transfer

2282 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukraine-index.top/ HTTP 307
https://ukraine-index.top/ Page URL
https://from.taskscompletedlists.com/xV74Ky HTTP 302
https://to.taskscompletedlists.com/Qvr4Tm Page URL
https://blueselectorpage.com/go/gi2dqodfme5dcojuga2q?sub1=carlos&sub3=reppy3 Page URL
https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ukraine-index.top/ HTTP 307
https://ukraine-index.top/

Request Chain 32

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A2%3Adp%3A0%3Als%3A74598322432%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A811617839%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Ast%3A1725353327&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A2%3Adp%3A0%3Als%3A74598322432%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A811617839%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Ast%3A1725353327&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1

Request Chain 34

https://mc.yandex.ru/watch/93828671?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A532219650786%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A376029535%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Arqnl%3A1%3Ast%3A1725353327%3At%3A%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20-%20%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21038596)ti(1) HTTP 302
https://mc.yandex.ru/watch/93828671/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A532219650786%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A376029535%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Arqnl%3A1%3Ast%3A1725353327%3At%3A%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20-%20%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29&redirnss=1

Request Chain 42

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10481.9knR6mg85bh17m5NaJ5_OAqAFitZrwKb2rRDf4DmBSHRB8jotaNxdHyoIlHRcCjJ._osy4-S3woMbCHqIHKPNoFX8JCQ%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10481.-uNVQR5MD1ZZ6gM73c6yFupAjv6d3reKENbBv117jLIJylB3BzTV-nqjEBAqFQ6i_sTeeL8_ReB2s91bpAYynkm9DESujIWnlas67KpfddpPEpmqFcs_ZlUOLIWetvjsgwmszDRp38Bn2tARt7LqYVPEKPgmq2dRBcff3dDADxPL1Slap1UA93hrCfO8xOVjX9UOJqosMS1H1KT-VR9yArhcz1Wz-YQ4RcV1QyOf4rc%2C.TZqBRCaBzQMADLbcfTSQJ-AdNBI%2C

Request Chain 49

https://from.taskscompletedlists.com/xV74Ky HTTP 302
https://to.taskscompletedlists.com/Qvr4Tm

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ukraine-index.top/
Redirect Chain

http://ukraine-index.top/
https://ukraine-index.top/

41 KB
14 KB

381ms
74ms

Document
text/html

2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

3fa7c3bf3d2fa4ddc931adb6e693d158742480ae491a6c73950f9a2b14f4f7dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 03 Sep 2024 08:48:46 GMT
panel: hpanel
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

Location: https://ukraine-index.top/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 inputs.js Show response
wave.rdntocdns.com/rps/ 37 KB
15 KB 143ms
37ms Script
application/javascript 2606:4700:3031::6815:2975
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.rdntocdns.com/rps/inputs.js
Requested by: Host: ukraine-index.top
URL: https://ukraine-index.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2975 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 02 Aug 2024 14:19:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1006007
etag: W/"66aceaf2-931f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQ5Mfp3qVmZfVnRqBX8zDCETdibrYUockljWIbxknt9ZhxM%2F6I3UrnFYWBERP9Kk0ERDCHwCfT5jVJMYjgHG7ow0N%2FkdoVHEB0sImpdINcT3WQqIaTXeXJ8J%2F6jbylEkeNHiAXVTWVtk2wFZxdEDtIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 8bd47b91ff7893ec-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
2 KB 200ms
68ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&subset=latin,cyrillic

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 08:42:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Sep 2024 08:48:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
740 B 200ms
69ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19ec2571387a93f601d2b7ba570dcfaa8e60d9c1d343b4954830cda458d05357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 08:20:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Sep 2024 08:48:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
613 B 202ms
71ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Marmelad&subset=latin,cyrillic

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8a85bcf1c1ae571af4e18934dc623a920e8ef3c865db39503cc817d2b1f6240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 08:48:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Sep 2024 08:48:46 GMT

GET
H2 200 style.css
ukraine-index.top/theme/Lucid/css/ 10 KB
2 KB 39ms
36ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/style.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

8ab6ee67897aa39db5f9892dbfae67fbc7ba185e9f9162a788bc257ddd216ba0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Tue, 20 Jun 2023 15:46:28 GMT
server: LiteSpeed
panel: hpanel
etag: "26e2-6491c9d4-9b739c75897fdab9;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 2124
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 mobile.css
ukraine-index.top/theme/Lucid/css/ 1 KB
420 B 35ms
33ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/mobile.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

eee4c425589c8e5beb4e737e9700d41bfa040bfd497c70e97fb7edd1739c9ef7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "44a-647b4765-e298c0a2bf1f785e;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 333
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 fontello.css
ukraine-index.top/theme/Lucid/css/ 3 KB
1 KB 43ms
41ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/fontello.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

4c05931877a0be5f6da4e84e69a82389d9a80def2795c6203e1ffdf5f42dd1ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "c67-647b4765-7b09192f4e0da1de;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 965
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 responsive.css
ukraine-index.top/theme/Lucid/css/ 28 KB
11 KB 61ms
60ms Stylesheet
text/html 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/responsive.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

5b1cfd04c40f5e611c29bf79a7d7be649f7235dd73994ec1bed9311b222d1e5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
panel: hpanel
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
platform: hostinger

GET
H2 200 slider.css
ukraine-index.top/theme/Lucid/css/ 7 KB
1 KB 43ms
42ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/slider.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

65abb0a4bcdce7b2a2e4036ad8b76a997d2e3ee7d6ef5eed4f193a00a82906be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "1b21-647b4765-93e26a9e5c570afe;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1449
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 modernizr.js Show response
ukraine-index.top/theme/Lucid/js/ 7 KB
3 KB 47ms
45ms Script
application/x-javascript 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/js/modernizr.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

3b7836315c2e130ff0e5c07db69fdbe77fc369cf89c7a1c33124b683019a5f10

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "1d61-647b4765-922f22158b3f8b29;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 3105
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 jquery-1.8.3.min.js Show response
ukraine-index.top/theme/Lucid/js/ 91 KB
31 KB 47ms
46ms Script
application/x-javascript 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/js/jquery-1.8.3.min.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "16dc5-647b4765-4ada9cc57b000a4e;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 32161
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 bookmark.js Show response
ukraine-index.top/theme/Lucid/js/ 804 B
387 B 59ms
58ms Script
application/x-javascript 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/js/bookmark.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

59f7ebe1102328c3c995e789a1cb9f44071d5578f306afc6c1c291e13188b358

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "324-647b4765-46521610716aaf35;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 323
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
51 KB 204ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1361939897900402

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e513092401c9f91e2cf236aa350d1920f85fddd44f6d41c66b06bc59682e3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52382
x-xss-protection: 0
server: cafe
etag: 11976983496386834194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 03 Sep 2024 08:48:46 GMT

GET
H2 200 logo.png
ukraine-index.top/data/uploads/ 11 KB
11 KB 59ms
58ms Image
image/png 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukraine-index.top/data/uploads/logo.png

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

624a9c265ad912c8c51611f90b38f757207925e5490e7a19f46e7cc1407e0e4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "2ad2-647b4765-303a7d3e049ebb57;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 10962
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 getsimple20x20.png
ukraine-index.top/theme/Lucid/logos/ 1 KB
1 KB 59ms
58ms Image
image/png 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukraine-index.top/theme/Lucid/logos/getsimple20x20.png

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

d7782f5f0f7063bd304580f16649d6039d846ecdbb2d930b89841c81e5b01d6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "49a-647b4765-2fd02751d70673bf;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1178
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 bws20x20.png
ukraine-index.top/theme/Lucid/logos/ 1 KB
1 KB 35ms
34ms Image
image/png 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukraine-index.top/theme/Lucid/logos/bws20x20.png

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

06dd9cd58a5c84eb4d5c7f03cbf595ad5ff1f508844d5917662750a985345c0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "57d-647b4765-80a208353ef5c6fc;;;"
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1405
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 jquery.mobilemenu.js Show response
ukraine-index.top/theme/Lucid/js/ 2 KB
875 B 33ms
33ms Script
application/x-javascript 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/js/jquery.mobilemenu.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0014df47a31225758700ebd08c6e98631e2dfda4543e405603b59ec00deb5283

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "73e-647b4765-9368420750f153aa;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 812
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 custom.js Show response
ukraine-index.top/theme/Lucid/js/ 481 B
283 B 34ms
34ms Script
application/x-javascript 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/js/custom.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

34c5a65898e36fcd60e427878d27869feadd319949b852c374a7d3f0c59e5bb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "1e1-647b4765-736c4e05efeb00;br"
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 222
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 reset.css
ukraine-index.top/theme/Lucid/css/ 2 KB
952 B 33ms
31ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/reset.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/theme/Lucid/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

0c63b75aea3c73cc070b03360aaf997b2e2d192d4268a455fdf7247400e2ec4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/theme/Lucid/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "884-647b4765-8090c5a3a041b2d9;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 888
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 layout.css
ukraine-index.top/theme/Lucid/css/ 3 KB
913 B 44ms
43ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/layout.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/theme/Lucid/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

5f32042969f2ab5558e48ca655e35dc993f85a72d8ceeb2f45d05d7f36f2c0d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/theme/Lucid/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "bc8-647b4765-4f5bf719e5ab7a06;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 849
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H2 200 menu.css
ukraine-index.top/theme/Lucid/css/ 5 KB
1 KB 43ms
43ms Stylesheet
text/css 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://ukraine-index.top/theme/Lucid/css/menu.css

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/theme/Lucid/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

86535f74c4a3ccbd834c4ec30503a8235743686194a278f5772284dfea2932ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/theme/Lucid/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 03 Jun 2023 14:00:05 GMT
server: LiteSpeed
panel: hpanel
etag: "14b3-647b4765-7142fae770d5fab3;br"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 1126
expires: Tue, 10 Sep 2024 08:48:46 GMT

GET
H3 200 8YkzBStf Show response
flow.recordsbluemountain.com/ 29 KB
13 KB 487ms
355ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flow.recordsbluemountain.com/8YkzBStf?q=ukraine-index.top
Requested by: Host: wave.rdntocdns.com
URL: https://wave.rdntocdns.com/rps/inputs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6Nn%2B7eP1Bb2yZM5WSDvYEn8H8f9wN1S9n1YRPzH%2BuV4CReR7iinIk7c%2BYOP0ytqFq8JVfFSKuFh%2FsRcThMTp8y3aUT6i9%2B32pKIOzmj4r8BtBKbraeFylk06NXDWt73Sizi37rxWRr0%2B7s2hh5Q9VMoWhgEhchnITBk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8bd47b940d5976bd-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Sep 2024 08:48:46 GMT

GET
H2 200 5lt5.min.js Show response
newrotatormarch23.bid/ 75 KB
23 KB 300ms
106ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.min.js?9818993

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

2252dc738f3d60792791ade721f6af3aa97406077c4e9ee3fcf960c134ec9608

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
duration: 1458518
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Tue, 03-Sep-2024 11:53:46 EEST

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 217 KB
82 KB 131ms
27ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

80094dc19a3946b6688df1e8b4ae5fe45ba1b7abbe4a540ffa8de87710ce18a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 03 Sep 2024 08:48:46 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36039
x-jsd-version: 1.336.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 83476
x-served-by: cache-fra-eddf8230100-FRA, cache-lcy-eglc8600054-LCY
x-jsd-version-type: version
etag: W/"36353-Z9uCr5HLrKB0y4xd0JNbGcpRrm8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 chruch.png
ukraine-index.top/theme/Lucid/images/ 5 KB
5 KB 37ms
33ms Image
text/html 2a02:4780:a:543:0:1bd3:3135:a
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukraine-index.top/theme/Lucid/images/chruch.png

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/theme/Lucid/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:a:543:0:1bd3:3135:a Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://ukraine-index.top/theme/Lucid/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:46 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
server: LiteSpeed
panel: hpanel
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
platform: hostinger
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 Qw3eZQdSHj_jK2e-8uFIEec8Cw.woff2
fonts.gstatic.com/s/marmelad/v18/ 15 KB
15 KB 217ms
84ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/marmelad/v18/Qw3eZQdSHj_jK2e-8uFIEec8Cw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Marmelad&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38229a8d2e5abca804cb46e8904fc89e7f40bfa0404fe3697c2a773b162c5122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 12:58:52 GMT
x-content-type-options: nosniff
age: 244194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:02:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 12:58:52 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 28 KB
28 KB 214ms
81ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 21:50:57 GMT
x-content-type-options: nosniff
age: 212269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28696
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 21:50:57 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
50 KB 222ms
89ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 23:11:46 GMT
x-content-type-options: nosniff
age: 293820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 23:11:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 26 KB
26 KB 230ms
97ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 09:53:52 GMT
x-content-type-options: nosniff
age: 255294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26736
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 09:53:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 183ms
50ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 22:01:20 GMT
x-content-type-options: nosniff
age: 211646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 22:01:20 GMT

GET
H2 200 Qw3eZQdSHj_jK2e-8uFMEec.woff2
fonts.gstatic.com/s/marmelad/v18/ 21 KB
21 KB 204ms
72ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/marmelad/v18/Qw3eZQdSHj_jK2e-8uFMEec.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Marmelad&subset=latin,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60c84204cd2559187cc0b14e3d7c5350247ba296c83160f8dca017db7c904aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 22:25:20 GMT
x-content-type-options: nosniff
age: 296606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 22:25:20 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3A...

440 B
477 B

130ms
129ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A2%3Adp%3A0%3Als%3A74598322432%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A811617839%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Ast%3A1725353327&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1a940ecca9607df8314f99d0a038470a7a596420548138ca74cd6e438ce24509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03-Sep-2024 08:48:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukraine-index.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 440
x-xss-protection: 1; mode=block
expires: Tue, 03-Sep-2024 08:48:47 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:47 GMT
last-modified: Tue, 03-Sep-2024 08:48:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A2%3Adp%3A0%3Als%3A74598322432%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A811617839%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Ast%3A1725353327&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
access-control-allow-origin: https://ukraine-index.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 03-Sep-2024 08:48:47 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
915 B 321ms
120ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Aug 2024 08:43:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66cee31c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 03 Sep 2024 09:48:47 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/93828671/
Redirect Chain

https://mc.yandex.ru/watch/93828671?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/93828671/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3A...

611 B
1 KB

94ms
93ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/93828671/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A532219650786%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A376029535%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Arqnl%3A1%3Ast%3A1725353327%3At%3A%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20-%20%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29&redirnss=1

Requested by

Host: ukraine-index.top
URL: https://ukraine-index.top/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

68966cded5b9c39e4db90bcaa79e1402d2ed2e079e23358f8ac6de190e6bd44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 03-Sep-2024 08:48:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukraine-index.top
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 611
x-xss-protection: 1; mode=block
expires: Tue, 03-Sep-2024 08:48:47 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:47 GMT
last-modified: Tue, 03-Sep-2024 08:48:47 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://ukraine-index.top
location: /watch/93828671/1?wmode=7&page-url=https%3A%2F%2Fukraine-index.top%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpczyib8nfqqomnpp0afz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-GB%3Av%3A1420%3Acn%3A1%3Adp%3A0%3Als%3A532219650786%3Ahid%3A709584288%3Az%3A60%3Ai%3A20240903094846%3Aet%3A1725353327%3Ac%3A1%3Arn%3A376029535%3Arqn%3A1%3Au%3A1725353327919132726%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A809%3Awv%3A2%3Ads%3A184%2C123%2C74%2C145%2C2%2C0%2C%2C245%2C2%2C%2C%2C%2C774%3Aco%3A0%3Acpf%3A1%3Ans%3A1725353325838%3Arqnl%3A1%3Ast%3A1725353327%3At%3A%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B%20-%20%D0%9F%D0%BE%D1%87%D1%82%D0%BE%D0%B2%D1%8B%D0%B5%20%D0%B8%D0%BD%D0%B4%D0%B5%D0%BA%D1%81%D1%8B%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29&redirnss=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 03-Sep-2024 08:48:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/ 429 KB
143 KB 220ms
83ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1361939897900402&plah=ukraine-index.top

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1361939897900402

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484f360a2ab850bbf681094db9d2c359261dd1dbf89a2bbec475af14b580f1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146442
x-xss-protection: 0
server: cafe
etag: 9374571618184333621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 03 Sep 2024 08:48:47 GMT

POST
H2 200 5lt5.json Show response
newrotatormarch23.bid/ 59 B
261 B 258ms
90ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

aee7d931cad05974e5d29c61fb6f5440aa882b65dfa524a5875d2cde702c250a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 5lt5.json Show response
newrotatormarch23.bid/ 3 KB
899 B 256ms
89ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

1e1670391d5c883edb9257797d2078b772bd887abc27091774bc159cf12454ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 zbLzKF
gogo.recordsbluemountain.com/ 11 KB
5 KB 369ms
357ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gogo.recordsbluemountain.com/zbLzKF
Requested by: Host: flow.recordsbluemountain.com
URL: https://flow.recordsbluemountain.com/8YkzBStf?q=ukraine-index.top
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pG9PzDwfV7vP9I%2Br8jzu8CfYUIKt9flZatztUEOpqeGUpeQMBmkv1NIT8So148MRuEg0S5R7l5jDOJ4XPwJhPfof6mMRoVk2G0agyAMRCT2NMl8rK6iM0rgWUFurOGDZ2zqLoDlqtghZOvMr%2BzGrqO9tGXZvdGV5RZ4%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8bd47b96af9a76bd-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 03 Sep 2024 08:48:47 GMT

POST
H2 200 5lt5.json Show response
newrotatormarch23.bid/ 59 B
260 B 189ms
187ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

5b73d39363ccd90a5e631b2341ca4151642b8d18771c86686352e3836c8893bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ca-pub-1361939897900402 Show response
fundingchoicesmessages.google.com/i/ 206 KB
68 KB 229ms
84ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-1361939897900402?href=https%3A%2F%2Fukraine-index.top&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1361939897900402&plah=ukraine-index.top

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee6744a8b5de21a9f5c4cb5c8be986bead104e3c3491afdced5ec805b7c29d87

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iAznT99e7-UCNXLF516LfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-iAznT99e7-UCNXLF516LfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBAL8XC8n3V7G5tAx6s7xxiVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsjMz1DIziCwwAEcBCFw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner02_w336_h280.svg
zadarma.com/images/content/invitefriends/banners/ru/ 38 KB
16 KB 212ms
61ms Image
image/svg+xml 185.45.153.82
IPTELECOMBULGARIA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zadarma.com/images/content/invitefriends/banners/ru/banner02_w336_h280.svg
Requested by: Host: ukraine-index.top
URL: https://ukraine-index.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.153.82 , Bulgaria, ASN199790 (IPTELECOMBULGARIA-AS, BG),
Reverse DNS: 82.153.45.185.fr.sipdc.net
Software: nginx /
Resource Hash: 732b7d45c73240c3434e6cf160e0e300293ba925ea3b243b09e074d8d9194754

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-encoding: gzip
last-modified: Thu, 29 Jun 2023 09:32:46 GMT
server: nginx
etag: W/"991e-5ff41620696a2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Wed, 03 Sep 2025 08:48:47 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10481.9knR6mg85bh17m5NaJ5_OAqAFitZrwKb2rRDf4DmBSHRB8jotaNxdHyoIlHRcCjJ._osy4-S3woMbCHqIHKPNoFX8JCQ%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10481.-uNVQR5MD1ZZ6gM73c6yFupAjv6d3reKENbBv117jLIJylB3BzTV-nqjEBAqFQ6i_sTeeL8_ReB2s91bpAYynkm9DESujIWnlas67KpfddpPEpmqFcs_ZlUOLIWetvjsgwmszDRp...

43 B
508 B

87ms
87ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10481.-uNVQR5MD1ZZ6gM73c6yFupAjv6d3reKENbBv117jLIJylB3BzTV-nqjEBAqFQ6i_sTeeL8_ReB2s91bpAYynkm9DESujIWnlas67KpfddpPEpmqFcs_ZlUOLIWetvjsgwmszDRp38Bn2tARt7LqYVPEKPgmq2dRBcff3dDADxPL1Slap1UA93hrCfO8xOVjX9UOJqosMS1H1KT-VR9yArhcz1Wz-YQ4RcV1QyOf4rc%2C.TZqBRCaBzQMADLbcfTSQJ-AdNBI%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:47 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10481.-uNVQR5MD1ZZ6gM73c6yFupAjv6d3reKENbBv117jLIJylB3BzTV-nqjEBAqFQ6i_sTeeL8_ReB2s91bpAYynkm9DESujIWnlas67KpfddpPEpmqFcs_ZlUOLIWetvjsgwmszDRp38Bn2tARt7LqYVPEKPgmq2dRBcff3dDADxPL1Slap1UA93hrCfO8xOVjX9UOJqosMS1H1KT-VR9yArhcz1Wz-YQ4RcV1QyOf4rc%2C.TZqBRCaBzQMADLbcfTSQJ-AdNBI%2C
date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 metrika_match.html
mc.yandex.ru/metrika/ Frame 47FB 0
0 368ms
154ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/metrika_match.html

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ukraine-index.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 03 Sep 2024 08:48:47 GMT
etag: "66cee31c-416"
expires: Tue, 03 Sep 2024 09:48:47 GMT
last-modified: Wed, 28 Aug 2024 08:43:08 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST
H2 200 5lt5.json Show response
newrotatormarch23.bid/ 59 B
260 B 118ms
116ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

c9cbf20d3e77b7612063cb626b1aa7d7ca357a900936c4cfc068f65fae06b24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 5lt5.json
newrotatormarch23.bid/ 60 B
261 B 115ms
114ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 AGSKWxXwkTKeCttcizPYDpGgxq3qjZAKD4D_LKLKTuF1rjyp9hTJo8TQ_FCjRUMyG3CxLfm8tSqFy0l-cD9bHEK71HfB-f-1s3WpAW4_uokDYV82NAclZlcZxzFvsgQyanXMuHCZBz6MFQ==
fundingchoicesmessages.google.com/f/ 391 KB
60 KB 106ms
105ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwkTKeCttcizPYDpGgxq3qjZAKD4D_LKLKTuF1rjyp9hTJo8TQ_FCjRUMyG3CxLfm8tSqFy0l-cD9bHEK71HfB-f-1s3WpAW4_uokDYV82NAclZlcZxzFvsgQyanXMuHCZBz6MFQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1MzUzMzI3LDUwNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91a3JhaW5lLWluZGV4LnRvcC8iLG51bGwsW1s4LCJtbmZrZ2dScTc0NCJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMyUYG2Z2g-_9WBE4bHBl4940VTRAg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bNY6eq2gGjK2apG90aWQ_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bNY6eq2gGjK2apG90aWQ_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViJP-nWctAmJ3rYus_kC8JOIi66HEi6yGCpdYHYFYtecSqykQ3193ifU5EO_9eIn1KBAL8XC8n3V7G5tAw6P105mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsjMz1DIziCwwAAhJBsQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET xV74Ky
from.taskscompletedlists.com/ 0
0

GET
H3

200

Qvr4Tm Show response
to.taskscompletedlists.com/
Redirect Chain

https://from.taskscompletedlists.com/xV74Ky
https://to.taskscompletedlists.com/Qvr4Tm

240 B
923 B

172ms
161ms

Document
text/html

2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://to.taskscompletedlists.com/Qvr4Tm
Requested by: Host: gogo.recordsbluemountain.com
URL: https://gogo.recordsbluemountain.com/zbLzKF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce19fb61d33130b3adb5f00ab725827e2e997ce8faae5e6684b302fd6ba87985

Request headers

Referer: https://ukraine-index.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bd47b9aff22cd21-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 03 Sep 2024 08:48:47 GMT
expires: Tue, 03 Sep 2024 08:48:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2Buc7zoxp1bVJ3gfIi%2FcZNTrZ%2FEgS%2FFGNDUfdZ32Xbj1zaBtp%2F%2F%2BrpzSF6pl5myxDGsftXF3bGgRDGNIY8b%2F%2BDaeFAAglEFCjI0e0zvoSmXUFRSVdHl%2FDSNtydeopDp%2BB9LM%2FG%2BneP1sG9ZZlQINZHzc6UKwFwpmfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8bd47b99cddbcd21-LHR
content-type: text/html; charset=utf-8
date: Tue, 03 Sep 2024 08:48:47 GMT
expires: Tue, 03 Sep 2024 08:48:47 GMT
location: https://to.taskscompletedlists.com/Qvr4Tm
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dBoS6U5hnA4QAmuOXUkqKMkTz054nshFDZ7UyksIO%2F4j0V99uOMjJoJiaOrHRT5L60CbdYKHBGK6%2FW2bP7Jk8WAfSatmCdL03PGj7rFVKzX9CA8ic5wIuKAN2FJnYPOPZkUDK4YbxBwpI2B%2BukC2m3Lk37DHE8GNnKwc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 5lt5.json
newrotatormarch23.bid/ 59 B
260 B 115ms
114ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://newrotatormarch23.bid/5lt5.json

Requested by

Host: newrotatormarch23.bid
URL: https://newrotatormarch23.bid/5lt5.min.js?9818993

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
strict-transport-security: max-age=63072000
content-encoding: br
server: nginx
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 59ms
58ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.mnfkggRq744.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyUUlEaYi0N0gh1HdZRDRcvM6jBlw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 03 Sep 2024 08:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 03 Sep 2024 08:48:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Sep 2024 08:48:47 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
Origin: https://ukraine-index.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 13:37:55 GMT
x-content-type-options: nosniff
age: 241852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 13:37:55 GMT

POST
H3 204 AGSKWxW2aDnLV_UxwsXBseqXYkt-SV4TesrADrlvTOy3vpLgrrxF6yyxdpbaA4DdEIjPClVv8sa930AgUYD_NcTwasXqnDbjoBOP0nszwkWqxKYXyaDZcjkq4nzNqcvks_eDDASvxMqCGA==
fundingchoicesmessages.google.com/el/ 0
28 B 188ms
49ms XHR
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2aDnLV_UxwsXBseqXYkt-SV4TesrADrlvTOy3vpLgrrxF6yyxdpbaA4DdEIjPClVv8sa930AgUYD_NcTwasXqnDbjoBOP0nszwkWqxKYXyaDZcjkq4nzNqcvks_eDDASvxMqCGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0x1q-tWxd5Sg3odzMSEqng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-0x1q-tWxd5Sg3odzMSEqng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw05BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDjez7q9jU3gx54VS5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGlnoFpfIEBAIOILqM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ukraine-index.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW2aDnLV_UxwsXBseqXYkt-SV4TesrADrlvTOy3vpLgrrxF6yyxdpbaA4DdEIjPClVv8sa930AgUYD_NcTwasXqnDbjoBOP0nszwkWqxKYXyaDZcjkq4nzNqcvks_eDDASvxMqCGA==
fundingchoicesmessages.google.com/el/ 0
28 B 190ms
50ms XHR
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2aDnLV_UxwsXBseqXYkt-SV4TesrADrlvTOy3vpLgrrxF6yyxdpbaA4DdEIjPClVv8sa930AgUYD_NcTwasXqnDbjoBOP0nszwkWqxKYXyaDZcjkq4nzNqcvks_eDDASvxMqCGA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vlHbNGKAJFk9UVk0busb2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ukraine-index.top/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 03 Sep 2024 08:48:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-vlHbNGKAJFk9UVk0busb2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDjez7q9jU3gwL7PS5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmBhZGlnoFpfIEBAIc3LrQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ukraine-index.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gi2dqodfme5dcojuga2q Show response
blueselectorpage.com/go/ 12 KB
7 KB 175ms
70ms Document
text/html 2606:4700:3035::6815:2f86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueselectorpage.com/go/gi2dqodfme5dcojuga2q?sub1=carlos&sub3=reppy3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26934cc5b506fbdde3519e2bb4651be945cc381045658b34e900ec85e517e1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bd47b9cfedb94c9-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Sep 2024 08:48:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCFB2uvtTgEt7WhIeVxNxcoJWIesRIn4VjXYkYxJreJ7AAV5vCFOiG6dIvBBX5RCnzo%2B6asKOjF%2FiViAUpPOImOwiHbAGbTTr5HvtfuTo5Lu28NrplOjdYb01RwJM9dgYUrVRa9GNT1CDkdseWHSHOe6uA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 404 favicon.ico
to.taskscompletedlists.com/ 548 B
579 B 47ms
46ms Other
text/html 2606:4700:3033::ac43:a717
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://to.taskscompletedlists.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a717 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 148
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2FW8xne7ljFMjF17nBZY93o1W5ifKUOxvBehCY1hKvz%2BOdNLH8sz%2B6XLdxPezNgSe7gRmiJh%2Fvm7JZy42IDX0vHqOQer5U6ZJBM7Uf0ys8fqLUzxXnmD%2F7HcHtUN5CjhSSqOQ137o%2B3H24G8c0N03ePfDaUcb%2FAzfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 8bd47b9c489ccd21-LHR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 748 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 favicon.ico
blueselectorpage.com/ 0
435 B 50ms
49ms Other
text/plain 2606:4700:3035::6815:2f86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://blueselectorpage.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2f86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blueselectorpage.com/go/gi2dqodfme5dcojuga2q?sub1=carlos&sub3=reppy3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4183
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PnDKJzp3xP3ot%2BxaWct8S8eXEBE%2BPYnX913GpZ13vnSaHxPrtIzzeOp8%2FxlbPQEkVw9lxp%2BikOQELtWV2izlsx6lJvLwHdoxXb8%2FUaMOBuLaoJ0OJNI%2BwJy%2BKyYN9Ooy21V%2FkUBnfsb6UD%2B%2Bi7P8TmhmVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8bd47b9d9fa394c9-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 Primary Request index.php Show response
0.blueselectorpage.com/ 18 KB
8 KB 264ms
72ms Document
text/html 2606:4700:3031::ac43:940a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3
Requested by: Host: ukraine-index.top
URL: https://ukraine-index.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:940a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360104fa32169b408174ae8cab0f4c715b1bdec93d90dc06e782a5e627437f77

Request headers

Referer: https://blueselectorpage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bd47bab383f63a1-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 Sep 2024 08:48:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tAuzxYKh0Wnthm%2Fe7uBLh6dCYh0j7obCf%2BOsE4SoLLggYX3nZ%2BzpQspsYmvtlg%2B3NtFlbTikRSLcet6z4IF3d6%2B8ncbCIBWQIHSUJYU5kugLD0jV9wJUvgOVWho5Du1tgGkiy5GU3bp55bJki3cYvjCrnB51"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
DATA 200
OK truncated
/ 378 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 favicon.ico
0.blueselectorpage.com/ 0
301 B 37ms
36ms Other
text/plain 2606:4700:3031::ac43:940a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0.blueselectorpage.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:940a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0.blueselectorpage.com/index.php?p=gi2dqodfme5dcojuga2q&sub1=carlos&sub3=reppy3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 03 Sep 2024 08:48:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 63
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3iM%2BaBItDGCTCNz867vvJUoxBNoXPmWhJgyx0skMKenTBmcxCm%2Fm1YWHduqMB4ZgApSMx3jkS3N%2FgI4mPsgHRKzB6zcmgBgIy4hCI4sTMe2wvofzDJ3voUsGhkyJnX%2F%2Bkdpf9%2B8zL6aFbsaqYToogaLVqED"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8bd47babf92663a1-LHR
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: from.taskscompletedlists.com
URL: https://from.taskscompletedlists.com/xV74Ky

Domain: from.taskscompletedlists.com
URL: https://from.taskscompletedlists.com/xV74Ky

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| urlB64ToUint8Array

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ukraine-index.top/	1970-01-21 08:01:29	Name: _ym_uid Value: 1725353327919132726
.ukraine-index.top/	1970-01-21 08:01:29	Name: _ym_d Value: 1725353327
.yandex.ru/	1970-01-21 08:01:29	Name: ymex Value: 1756889327.yrts.1725353327#1756889327.yrtsi.1725353327
.yandex.ru/	1970-01-21 08:01:29	Name: receive-cookie-deprecation Value: 1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 960090571725353327
.yandex.ru/	1970-01-21 08:01:29	Name: yuidss Value: 3729862951725353327
.yandex.ru/	1970-01-21 08:51:53	Name: i Value: RUTXVFxny+aGP8n5dNZGBI7ZEqWN9PLv4ooDem4edLWX4qQF8XaFQeWNojTZlSogUWl9RKuN/9DSSh1WUEOBMAHmciY=
.yandex.ru/	1970-01-21 08:51:53	Name: yandexuid Value: 4396063821725353327
.yandex.ru/	1970-01-21 08:01:29	Name: yashr Value: 4637838621725353327
.ukraine-index.top/	1970-01-20 23:17:05	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-21 08:51:53	Name: bh Value: KgI/MGDvmtu2Bg==
.ukraine-index.top/	1970-01-20 23:15:55	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 23:15:53	Name: sync_cookie_csrf Value: 2559999939fake
from.taskscompletedlists.com/	1970-01-21 00:00:31	Name: _subid Value: 3b6ap4npph9ni
from.taskscompletedlists.com/	1970-01-21 08:51:53	Name: a4fba Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg3XCI6MTcyNTM1MzMyN30sXCJjYW1wYWlnbnNcIjp7XCIyMlwiOjE3MjUzNTMzMjd9LFwidGltZVwiOjE3MjUzNTMzMjd9In0.qi9_F-_WiKO94qNc8RnyNZ1h-TDdPgj0Zx8uQB7hmfA
.mc.yandex.ru/	1970-01-20 23:15:53	Name: sync_cookie_csrf Value: 2554688693fake
.webvisor.org/	1970-01-21 08:51:53	Name: yandexuid Value: 4396063821725353327
.webvisor.org/	1970-01-21 08:51:53	Name: yuidss Value: 4396063821725353327
.webvisor.org/	1970-01-21 08:51:53	Name: i Value: RUTXVFxny+aGP8n5dNZGBI7ZEqWN9PLv4ooDem4edLWX4qQF8XaFQeWNojTZlSogUWl9RKuN/9DSSh1WUEOBMAHmciY=
.mc.webvisor.org/	1970-01-20 23:17:19	Name: sync_cookie_ok Value: synced
to.taskscompletedlists.com/	1970-01-21 00:00:31	Name: _subid Value: 3b6ap4npph9nj
to.taskscompletedlists.com/	1970-01-21 08:51:53	Name: a4fba Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjg0XCI6MTcyNTM1MzMyN30sXCJjYW1wYWlnbnNcIjp7XCIyMVwiOjE3MjUzNTMzMjd9LFwidGltZVwiOjE3MjUzNTMzMjd9In0.xK8EdNeMOJmWntqeatAQ8tt_FCxRcSNRPf8KpVzPMng
.blueselectorpage.com/	1970-01-20 23:59:05	Name: uuid Value: d07b37d5-79ef-4880-ad01-38195aa48600
.0.blueselectorpage.com/	1970-01-20 23:59:05	Name: uuid Value: d07b37d5-79ef-4880-ad01-38195aa48600

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://to.taskscompletedlists.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.blueselectorpage.com
blueselectorpage.com
cdn.jsdelivr.net
flow.recordsbluemountain.com
fonts.googleapis.com
fonts.gstatic.com
from.taskscompletedlists.com
fundingchoicesmessages.google.com
gogo.recordsbluemountain.com
mc.webvisor.org
mc.yandex.ru
newrotatormarch23.bid
pagead2.googlesyndication.com
to.taskscompletedlists.com
ukraine-index.top
wave.rdntocdns.com
zadarma.com
from.taskscompletedlists.com
185.45.153.82
2606:4700:3031::6815:2975
2606:4700:3031::ac43:940a
2606:4700:3033::ac43:a717
2606:4700:3035::6815:2f86
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:830::200a
2a02:4780:a:543:0:1bd3:3135:a
2a02:6b8::1:119
2a04:4e42:200::485
2a06:98c1:3121::3
95.216.65.102
0014df47a31225758700ebd08c6e98631e2dfda4543e405603b59ec00deb5283
057c6db7176a4b988472143ad3797e478d31de02150c22e8b892d9887102a0c1
06dd9cd58a5c84eb4d5c7f03cbf595ad5ff1f508844d5917662750a985345c0c
0c63b75aea3c73cc070b03360aaf997b2e2d192d4268a455fdf7247400e2ec4e
19ec2571387a93f601d2b7ba570dcfaa8e60d9c1d343b4954830cda458d05357
1a940ecca9607df8314f99d0a038470a7a596420548138ca74cd6e438ce24509
1e1670391d5c883edb9257797d2078b772bd887abc27091774bc159cf12454ab
2074758a7dd10c06f9ae635adad8fd4882ef09c52e8cb2ff54f41c5b24877b8b
2252dc738f3d60792791ade721f6af3aa97406077c4e9ee3fcf960c134ec9608
34c5a65898e36fcd60e427878d27869feadd319949b852c374a7d3f0c59e5bb3
360104fa32169b408174ae8cab0f4c715b1bdec93d90dc06e782a5e627437f77
38229a8d2e5abca804cb46e8904fc89e7f40bfa0404fe3697c2a773b162c5122
3b7836315c2e130ff0e5c07db69fdbe77fc369cf89c7a1c33124b683019a5f10
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3fa7c3bf3d2fa4ddc931adb6e693d158742480ae491a6c73950f9a2b14f4f7dd
484f360a2ab850bbf681094db9d2c359261dd1dbf89a2bbec475af14b580f1a9
4c05931877a0be5f6da4e84e69a82389d9a80def2795c6203e1ffdf5f42dd1ab
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59f7ebe1102328c3c995e789a1cb9f44071d5578f306afc6c1c291e13188b358
5b1cfd04c40f5e611c29bf79a7d7be649f7235dd73994ec1bed9311b222d1e5a
5b73d39363ccd90a5e631b2341ca4151642b8d18771c86686352e3836c8893bf
5c9ffea0ee03e55806cf0d8a4a4ec302ac3e9d2b41c1c4d8b979681a0c7b2b57
5f32042969f2ab5558e48ca655e35dc993f85a72d8ceeb2f45d05d7f36f2c0d8
60c84204cd2559187cc0b14e3d7c5350247ba296c83160f8dca017db7c904aaa
6170aa1f1805b34c9aa1ea3f47cb46a237d8eb2660287612ff0431d18614a8d4
624a9c265ad912c8c51611f90b38f757207925e5490e7a19f46e7cc1407e0e4b
65abb0a4bcdce7b2a2e4036ad8b76a997d2e3ee7d6ef5eed4f193a00a82906be
68966cded5b9c39e4db90bcaa79e1402d2ed2e079e23358f8ac6de190e6bd44b
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
732b7d45c73240c3434e6cf160e0e300293ba925ea3b243b09e074d8d9194754
7e513092401c9f91e2cf236aa350d1920f85fddd44f6d41c66b06bc59682e3cd
80094dc19a3946b6688df1e8b4ae5fe45ba1b7abbe4a540ffa8de87710ce18a7
86535f74c4a3ccbd834c4ec30503a8235743686194a278f5772284dfea2932ba
8ab6ee67897aa39db5f9892dbfae67fbc7ba185e9f9162a788bc257ddd216ba0
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
a5308b7decd6fc2d5e8438fb037c4a822125135db832c05437d754655ff2fc23
aee7d931cad05974e5d29c61fb6f5440aa882b65dfa524a5875d2cde702c250a
b26934cc5b506fbdde3519e2bb4651be945cc381045658b34e900ec85e517e1d
b8a85bcf1c1ae571af4e18934dc623a920e8ef3c865db39503cc817d2b1f6240
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c9cbf20d3e77b7612063cb626b1aa7d7ca357a900936c4cfc068f65fae06b24a
ce19fb61d33130b3adb5f00ab725827e2e997ce8faae5e6684b302fd6ba87985
d7782f5f0f7063bd304580f16649d6039d846ecdbb2d930b89841c81e5b01d6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6744a8b5de21a9f5c4cb5c8be986bead104e3c3491afdced5ec805b7c29d87
eee4c425589c8e5beb4e737e9700d41bfa040bfd497c70e97fb7edd1739c9ef7
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

0.blueselectorpage.com Open in urlscan Pro 2606:4700:3031::ac43:940a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

92 %HTTPS

86 %IPv6

14 Domains

17 Subdomains

15 IPs

6 Countries

908 kBTransfer

2282 kBSize

24 Cookies

0 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

0.blueselectorpage.com Open in urlscan Pro
2606:4700:3031::ac43:940a Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

92 %
HTTPS

86 %
IPv6

14
Domains

17
Subdomains

15
IPs

6
Countries

908 kB
Transfer

2282 kB
Size

24
Cookies

60 HTTP transactions
3 data transactions