urlscan.io logo urlscan.io
SecurityTrails logo

h.krasnyy-liman.loogle.com.ua Open in urlscan Pro
2a02:c207:2040:929::b:1  Public Scan

Go To Rescan Add Verdict Report
URL: https://h.krasnyy-liman.loogle.com.ua/
Submission Tags: @phishunt_io
Submission: On November 27 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 31 HTTP transactions. The main IP is 2a02:c207:2040:929::b:1, located in Germany and belongs to CONTABO, DE. The main domain is h.krasnyy-liman.loogle.com.ua.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 26th 2020. Valid for: 3 months.
This is the only time h.krasnyy-liman.loogle.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    2a02:c207:2040:929::b:1 (Germany)

ASN51167 (CONTABO, DE)
h.krasnyy-liman.loogle.com.ua
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
13 h.krasnyy-liman.loogle.com.ua h.krasnyy-liman.loogle.com.ua
4 counter.yadro.ru 2 redirects h.krasnyy-liman.loogle.com.ua
4 pagead2.googlesyndication.com h.krasnyy-liman.loogle.com.ua
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com h.krasnyy-liman.loogle.com.ua
1 ad.mail.ru h.krasnyy-liman.loogle.com.ua
31 12
Subject Issuer Validity Valid
krasnyy-liman.loogle.com.ua
Let's Encrypt Authority X3		 2020-11-26 -
2021-02-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
counter.yadro.ru
Let's Encrypt Authority X3		 2020-10-29 -
2021-01-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://h.krasnyy-liman.loogle.com.ua/
Frame ID: 158DD815D8B1905A0B9F08348F867F32
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: C76953253B187D95E5F3EEEC6CCFB660
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1606457850&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fh.krasnyy-liman.loogle.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606457850821&bpp=18&bdt=44&idt=119&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3568476038282&frm=20&pv=2&ga_vid=866174622.1606457851&ga_sid=1606457851&ga_hid=1270768765&ga_fc=0&iag=0&icsg=10472&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2754857561604678&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
Frame ID: DB50B625624939C0632412C557735A63
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1C1D42FEDBAFDD5828836EC4DFEEF18F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<script[^<>]*>[^]{0,128}?src\s*=\s*['"]\/\/counter\.yadro\.ru\/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r/i
  • html /<!--LiveInternet counter-->/i
  • html /<!--\/LiveInternet-->/i

Page Statistics

31
Requests

100 %
HTTPS

80 %
IPv6

11
Domains

12
Subdomains

10
IPs

3
Countries

347 kB
Transfer

720 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.10387907175887157 HTTP 302
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.10387907175887157
Request Chain 18
  • https://counter.yadro.ru/hit;loogle?t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.19514090522344896 HTTP 302
  • https://counter.yadro.ru/hit;loogle?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.19514090522344896

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h.krasnyy-liman.loogle.com.ua/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
09c5d181d38c5f57b7596e6643abaae0c278329493119a5b71a47ced8f118d26
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Frame-Options deny

Request headers

:method
GET
:authority
h.krasnyy-liman.loogle.com.ua
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=utf-8
vary
Accept-Encoding User-Agent
date
Fri, 27 Nov 2020 06:17:30 GMT
cache-control
no-transform
referrer-policy
no-referrer
x-frame-options
deny
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-encoding
gzip
index.css
h.krasnyy-liman.loogle.com.ua/templates/common/styles/ 		1 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/templates/common/styles/index.css
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
89a0bfd12a193515cd2d5d2ed88aaed0a93a2558c29dabdf432461c40795bbf3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
last-modified
Mon, 27 Apr 2020 14:00:00 GMT
server
nginx
etag
W/"5ea6e560-598"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000; includeSubdomains; preload
expires
Fri, 04 Dec 2020 06:17:30 GMT
index.css
h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/ 		202 B
425 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Sat, 15 Aug 2015 09:43:00 GMT
server
nginx
etag
"55cf09a4-ca"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
202
expires
Fri, 04 Dec 2020 06:17:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		129 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
45286
x-xss-protection
0
server
cafe
etag
14933426052519692593
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 27 Nov 2020 06:17:30 GMT
ads-async.js
ad.mail.ru/static/ 		101 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
6f1385e259d05cb71a8efda52b3d1d76b339d9e8190fae651af61d591a806cbb

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 27 Nov 2020 06:17:30 GMT
Last-Modified
Fri, 20 Nov 2020 14:29:37 GMT
Server
nginx
ETag
"5fb7d2d1-195a5"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
103845
Expires
Fri, 27 Nov 2020 07:17:30 GMT
optimize.js
h.krasnyy-liman.loogle.com.ua/include/js/ 		430 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/include/js/optimize.js
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Sun, 26 Apr 2020 13:29:00 GMT
server
nginx
etag
"5ea58c9c-1ae"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
application/javascript; charset=utf8
cache-control
max-age=604800
accept-ranges
bytes
content-length
430
expires
Fri, 04 Dec 2020 06:17:30 GMT
by.png
h.krasnyy-liman.loogle.com.ua/images/countryflags/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/countryflags/by.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Wed, 22 Apr 2015 22:00:00 GMT
server
nginx
etag
"553819e0-490"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1168
expires
Thu, 31 Dec 2037 23:55:55 GMT
kz.png
h.krasnyy-liman.loogle.com.ua/images/countryflags/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/countryflags/kz.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Wed, 22 Apr 2015 22:00:00 GMT
server
nginx
etag
"553819e0-6ab"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1707
expires
Thu, 31 Dec 2037 23:55:55 GMT
ru.png
h.krasnyy-liman.loogle.com.ua/images/countryflags/ 		581 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/countryflags/ru.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Wed, 22 Apr 2015 22:00:00 GMT
server
nginx
etag
"553819e0-245"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
581
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua.png
h.krasnyy-liman.loogle.com.ua/images/countryflags/ 		531 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/countryflags/ua.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
ef40be3d974c8cc776013f7b7f1095aafdee5b7bd914e907da97fad4ae06a9eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Wed, 22 Apr 2015 22:00:00 GMT
server
nginx
etag
"553819e0-213"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
531
expires
Thu, 31 Dec 2037 23:55:55 GMT
www.png
h.krasnyy-liman.loogle.com.ua/images/platform/ 		761 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/platform/www.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Mon, 25 Apr 2016 06:09:00 GMT
server
nginx
etag
"571db47c-2f9"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
761
expires
Thu, 31 Dec 2037 23:55:55 GMT
m.png
h.krasnyy-liman.loogle.com.ua/images/platform/ 		610 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.krasnyy-liman.loogle.com.ua/images/platform/m.png
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
c09d28cb767050938a4e5f273cd33be0a0679de5b640bbf40c24a8514b3863d3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
last-modified
Mon, 25 Apr 2016 06:09:00 GMT
server
nginx
etag
"571db47c-262"
strict-transport-security
max-age=15768000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
610
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e41f4d14930c77ed39bca0541e9d74ffd2c4b33ad328d02d767903f2acfd0630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38694
x-xss-protection
0
last-modified
Fri, 27 Nov 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 Nov 2020 06:17:30 GMT
all.css
h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/ 		1 KB
781 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/all.css
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
d8cb0991177bb365519f2ae98b78a54dd2654fbfb5ca8bf1275d5a76992ebde8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
last-modified
Mon, 17 Jun 2019 08:06:00 GMT
server
nginx
etag
W/"5d0749e8-4ed"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000; includeSubdomains; preload
expires
Fri, 04 Dec 2020 06:17:30 GMT
screen.css
h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/ 		2 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/screen.css
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
9fda06a41e04abb42ad8a70a346d0935cd48ce2485b1a0d9570a00db95ecbc0e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Jun 2019 22:21:00 GMT
server
nginx
etag
W/"5d0ab54c-7bd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000; includeSubdomains; preload
expires
Fri, 04 Dec 2020 06:17:30 GMT
handheld.css
h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/ 		2 KB
909 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/handheld.css
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a02:c207:2040:929::b:1 , Germany, ASN51167 (CONTABO, DE),
Reverse DNS
Software
nginx /
Resource Hash
8df480205439182607a5558d413f0f5f9bc43ad472d94ec7a8ccab31b31b0fa7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/templates/loogle/styles/index.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
last-modified
Wed, 19 Jun 2019 22:22:00 GMT
server
nginx
etag
W/"5d0ab588-726"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
strict-transport-security
max-age=15768000; includeSubdomains; preload
expires
Fri, 04 Dec 2020 06:17:30 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 		231 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
88601
x-xss-protection
0
server
cafe
etag
4353532171737760018
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 27 Nov 2020 06:17:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame C769 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201112/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://h.krasnyy-liman.loogle.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://h.krasnyy-liman.loogle.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 27 Nov 2020 00:54:52 GMT
expires
Fri, 11 Dec 2020 00:54:52 GMT
content-type
text/html; charset=UTF-8
etag
5228831996244654541
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4745
x-xss-protection
0
age
19358
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
hit;poiskuny
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;poiskuny?t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0...
  • https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%...
130 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.10387907175887157
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
cf3f070c9d877281bbe6171050120c8aad8809a0727907f7dd03f6780d1620dd
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 06:17:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
130
Expires
Wed, 27 Nov 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 06:17:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;poiskuny?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.10387907175887157
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 27 Nov 2019 21:00:00 GMT
hit;loogle
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;loogle?t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u044...
  • https://counter.yadro.ru/hit;loogle?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0...
128 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;loogle?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.19514090522344896
Requested by
Host: h.krasnyy-liman.loogle.com.ua
URL: https://h.krasnyy-liman.loogle.com.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e8278cdf9752821d95ef5ccee9a6d08d31f747b31b4300480a66b79e12f71f1e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 06:17:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
128
Expires
Wed, 27 Nov 2019 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 Nov 2020 06:17:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;loogle?q;t26.6;r;s1600*1200*24;uhttps%3A//h.krasnyy-liman.loogle.com.ua/;hLoogle%20-%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u043F%u043E%u0438%u0441%u043A%20%u0441%u0432%u0435%u0436%u0438%u0445%20%u043E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u0439%20%u0432%20%u041A%u0440%u0430%u0441%u043D%u043E%u043C%20%u041B%u0438%u043C%u0430%u043D%u0435;0.19514090522344896
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 27 Nov 2019 21:00:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127232603-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1689
date
Fri, 27 Nov 2020 05:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 27 Nov 2020 07:49:21 GMT
collect
www.google-analytics.com/j/ 		1 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1270768765&t=pageview&_s=1&dl=https%3A%2F%2Fh.krasnyy-liman.loogle.com.ua%2F&ul=en-us&de=UTF-8&dt=Loogle%20-%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D0%BF%D0%BE%D0%B8%D1%81%D0%BA%20%D1%81%D0%B2%D0%B5%D0%B6%D0%B8%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%B2%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D0%BE%D0%BC%20%D0%9B%D0%B8%D0%BC%D0%B0%D0%BD%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=810858598&gjid=2038264324&cid=866174622.1606457851&tid=UA-127232603-1&_gid=1190263608.1606457851&_r=1&gtm=2oub41&z=1116377929
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 06:17:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://h.krasnyy-liman.loogle.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		203 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=h.krasnyy-liman.loogle.com.ua&callback=_gfp_s_&client=ca-pub-8959338553837844
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s29-in-f2.1e100.net
Software
cafe /
Resource Hash
9e79cf9788a46217caeb49be1b4c1c2dce8d338956f698624da233fc55d1d969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=h.krasnyy-liman.loogle.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=h.krasnyy-liman.loogle.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DB50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1606457850&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fh.krasnyy-liman.loogle.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606457850821&bpp=18&bdt=44&idt=119&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3568476038282&frm=20&pv=2&ga_vid=866174622.1606457851&ga_sid=1606457851&ga_hid=1270768765&ga_fc=0&iag=0&icsg=10472&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2754857561604678&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8959338553837844&output=html&adk=1812271804&adf=3025194257&lmt=1606457850&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fh.krasnyy-liman.loogle.com.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606457850821&bpp=18&bdt=44&idt=119&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3568476038282&frm=20&pv=2&ga_vid=866174622.1606457851&ga_sid=1606457851&ga_hid=1270768765&ga_fc=0&iag=0&icsg=10472&dssz=12&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=2754857561604678&pem=41&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=138
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://h.krasnyy-liman.loogle.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://h.krasnyy-liman.loogle.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 27 Nov 2020 06:17:31 GMT
server
cafe
content-length
4145
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 27-Nov-2020 06:32:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Fri, 27 Nov 2020 06:17:31 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1605702985553312"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28207
x-xss-protection
0
expires
Fri, 27 Nov 2020 06:17:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
caa9ec1b4c16edc1d9c0933d8b0b2ea0ab6b90c5e95e9bcc889d3363cd823c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 Nov 2020 06:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6393
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 27 Nov 2020 06:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1603823857801521"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6015
x-xss-protection
0
expires
Fri, 27 Nov 2020 06:17:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1C1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/219/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://h.krasnyy-liman.loogle.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://h.krasnyy-liman.loogle.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4867
date
Thu, 26 Nov 2020 20:58:09 GMT
expires
Fri, 26 Nov 2021 20:58:09 GMT
last-modified
Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33562
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=2754857561604678&bg=!b2ylbEzNAAVGySeIRli8_F2h3faGnQIAAABPUgAAAAxoAQcKAITbG6KQqi1RhWmFh8ICtCoR255WMlW6nIf87QdXYdsBX_Js2GjHA7SdOR3fN6k4-4zR-iYiVeFg5HmfXyv6YdjpmZTyEieEWEC2w5LxF_605kBHh4En_DbF4HpxXQPc3724k36_0t2cxW6koX9jh59vjnQ-nDWjqrlO0RaVvvMvRhWx-kiZAcZzQNPkNLlDp26Gch8cECiS27OwsSAhJtOi2PVXBuKq8btK_NBasUzeJQLrO7ct6PuL8VLb0HLXbsHiToAa8S1esY3msS1KrpD_PhmFGbsDu0WWJxEX8tUulAyNDBLYTo2zGwCcDNEy6xSmGJjw7sQG9vc34Y8-0b9QveJE8BowwZqfZDwJX4wpNp5yzagzYvntx7qbmVcu7b1XhPQZio4zkDTJfszobPsQ5aLqdna05SL0GxVPjQtd3oHrBYYumfgHMEFOiWyIaQj1iRoyRboJtnbimGMfKU38k9nRbKcc6Bb0Ib-qczrwhnsGzA8HfWjY6Eu90HJDQYlKKqRx6cEpzdmGxZq0JgfWwV8a1QtzCAMIX8bVN0juDSIRTQzrKa3s0JSn0lUqSN9lzGghfBO4OHIfqRMHvqgtNhBWSPKqBRsrd9TkdgGEm-Zn9otYTu0QT-y5xvl8MzbQrT8rtgCa0fGKIZouWyutGvRdYi0c6U0yBUWIU6tYdsOfx7gpyF5_UyMWRXO4hbVt9CXTcInb0gkjjYZ6j5dNZBjuiEMO0cjawRZlCUirkO8FVrxpwsYAx_OlbmNLvt3CwqkvYxFqSeUTq9hy
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://h.krasnyy-liman.loogle.com.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 Nov 2020 06:17:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| openNextCat function| random object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| MRGtag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.loogle.com.ua/ Name: __gads
Value: ID=5f0b2b64e16a27d0-22be59837ba60059:T=1606457851:RT=1606457851:S=ALNI_MYfuHQH9z66fsFoiayWcG765f874g
.loogle.com.ua/ Name: _gat_gtag_UA_127232603_1
Value: 1
.loogle.com.ua/ Name: _gid
Value: GA1.3.1190263608.1606457851
.loogle.com.ua/ Name: _ga
Value: GA1.3.866174622.1606457851

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adservice.google.com
adservice.google.de
counter.yadro.ru
googleads.g.doubleclick.net
h.krasnyy-liman.loogle.com.ua
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
172.217.18.162
2a00:1148:db00::17
2a00:1450:4001:802::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2002
2a00:1450:4001:816::2002
2a00:1450:4001:817::2008
2a00:1450:4001:81e::2001
2a02:c207:2040:929::b:1
88.212.201.198
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09c5d181d38c5f57b7596e6643abaae0c278329493119a5b71a47ced8f118d26
3d934257156f441f8231d9e618c3b71ed083c77e50357f9c56572c5dbfd761fa
48d8320967ee3adf5cfd89467b6c810809872a660ddc510ad76610dce9a6d411
5f5ce9f65460be13ecd26fbbb05806445861f53e01da856400244353576302f4
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66de80f5c91d14f0c4d222a82eea52a01ab8d8e907f3df2e08a7c4bc1d4ec33d
67ccb921981c0d70a272f13159101b91c183bfe825ab325af8a574df7f63f61f
689f313aedbcf0fa2d1e383cfa7004ea9914121b1de499ab053fbed31d3a29bc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d958ccde374ce86de23898b8a06c3f1d968fda65943698ac115c42b3dcb667d
6f1385e259d05cb71a8efda52b3d1d76b339d9e8190fae651af61d591a806cbb
89a0bfd12a193515cd2d5d2ed88aaed0a93a2558c29dabdf432461c40795bbf3
8df480205439182607a5558d413f0f5f9bc43ad472d94ec7a8ccab31b31b0fa7
9e79cf9788a46217caeb49be1b4c1c2dce8d338956f698624da233fc55d1d969
9fda06a41e04abb42ad8a70a346d0935cd48ce2485b1a0d9570a00db95ecbc0e
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
c09d28cb767050938a4e5f273cd33be0a0679de5b640bbf40c24a8514b3863d3
caa9ec1b4c16edc1d9c0933d8b0b2ea0ab6b90c5e95e9bcc889d3363cd823c62
cf3f070c9d877281bbe6171050120c8aad8809a0727907f7dd03f6780d1620dd
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d8cb0991177bb365519f2ae98b78a54dd2654fbfb5ca8bf1275d5a76992ebde8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f4d14930c77ed39bca0541e9d74ffd2c4b33ad328d02d767903f2acfd0630
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e8278cdf9752821d95ef5ccee9a6d08d31f747b31b4300480a66b79e12f71f1e
ef40be3d974c8cc776013f7b7f1095aafdee5b7bd914e907da97fad4ae06a9eb