ukraineconsulatelib.azurewebsites.net Open in urlscan Pro
23.98.222.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://soo.gd/Il8C
Effective URL:
https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses
Submission: On March 08 via manual (March 8th 2022, 8:48:12 am UTC) from GB — Scanned from GB

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 45 HTTP transactions. The main IP is 23.98.222.34, located in San Antonio, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is ukraineconsulatelib.azurewebsites.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 18th 2021. Valid for: a year.

This is the only time ukraineconsulatelib.azurewebsites.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	23.98.222.34 23.98.222.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
45	16

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

soo.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.98.222.34 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ukraineconsulatelib.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

rootcdn.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	rootcdn.pro rootcdn.pro — Cisco Umbrella Rank: 794826	779 KB
8	googlesyndication.com 97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	40 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	123 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	28 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5725	235 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	19 KB
1	azurewebsites.net ukraineconsulatelib.azurewebsites.net	34 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	28 KB
1	soo.gd soo.gd	2 KB
45	13

	Domain	Requested by
21	rootcdn.pro	ukraineconsulatelib.azurewebsites.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	ukraineconsulatelib.azurewebsites.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	pro.ip-api.com	cdnjs.cloudflare.com
1	stackpath.bootstrapcdn.com	ukraineconsulatelib.azurewebsites.net
1	www.google.com	tpc.googlesyndication.com
1	ukraineconsulatelib.azurewebsites.net	soo.gd
1	97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	www.googletagmanager.com	soo.gd
1	www.googletagservices.com	soo.gd
1	soo.gd
45	16

This site contains links to these domains. Also see Links.

Domain
oneurl.click

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-19` - `2022-08-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
ukrainehonoraryconsulatelib.org Go Daddy Secure Certificate Authority - G2	`2021-08-18` - `2022-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses
Frame ID: C299BC3E32952214C12E33940D71A6B2
Requests: 39 HTTP requests in this frame

Frame: https://97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A8FADBADE5DB5AAD6831D91BC6B5BCF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00D302ACDAC31F357E7304D6A6C608E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6619BB15355A5D8AA3B842CA23EDBA75
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Breaking NEWS

Page URL History Show full URLs

https://soo.gd/Il8C Page URL
https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=pro... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

1113 kB
Transfer

1753 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://oneurl.click/kVMM6Rx9?/Zgc/kp/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://soo.gd/Il8C Page URL
https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Il8C Show response
soo.gd/ 3 KB
2 KB 466ms
404ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soo.gd/Il8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f9df750913ca1fa7daf8debf1f571b0af5c6a734eb10f3ebb482ab5955a7ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Tue, 08 Mar 2022 08:48:04 GMT
content-type: text/html; Charset=UTF-8;charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, must-revalidate, max-age=0
pragma: no-cache
x-robots-tag: noindex, nofollow
i-am: Gamma
strict-transport-security: max-age=31536000; includeSubdomains;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33%2F3rQzfL%2FKLjE525ONkaJRR57uB%2BzLAjfdwjLHFtYkTYFcQUQ2ZzzWsqrSoMRaJrnrt6JZa%2BA%2FdDBpTfTJ%2FoL7Txb9s%2BP1qEtZCdcAzC9PIPK17wL%2FGbGatPCFItKPftpj3bGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e8a4f496bac74c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 139ms
47ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: soo.gd
URL: https://soo.gd/Il8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ba34e3739ecde238be41093ecc0a01e965ec0a500d756cafe9b2cde70936d59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27789
x-xss-protection: 0
server: sffe
etag: "1153 / 528 of 1000 / last-modified: 1646694253"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Mar 2022 08:48:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 134ms
50ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Requested by

Host: soo.gd
URL: https://soo.gd/Il8C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b99de68991dd03bb346f7f3ae67c4235954d0858b58be55945bb84c8124e9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36906
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Mar 2022 08:48:04 GMT

GET
H2 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 137ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 08:11:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
687 B 144ms
44ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=soo.gd

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5fa3afd9c5e6de7152dacc7c2fa38afb712d9cd34b12b9e9f187310563f5b128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 08:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51
x-xss-protection: 0
expires: Tue, 08 Mar 2022 08:48:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
34ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4391
date: Tue, 08 Mar 2022 07:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 08 Mar 2022 09:34:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
199 B 43ms
42ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=769408843&t=pageview&_s=1&dl=https%3A%2F%2Fsoo.gd%2FIl8C&ul=en-us&de=UTF-8&dt=Il8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1136588467&gjid=905976240&cid=1064157782.1646729287&tid=UA-31510493-2&_gid=928017662.1646729287&_r=1&gtm=2ou370&z=1021497955

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soo.gd/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 08:48:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://soo.gd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 170ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=soo.gd

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 08:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
43ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soo.gd

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 08:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
248 B 112ms
69ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1093793959768020&correlator=3686375977435997&eid=31064150%2C31065436%2C31065485%2C31065502%2C44758227%2C31064019%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220308&iu_parts=5837603%2CSGD_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&fsapi=false&cookie_enabled=1&abxe=1&dt=1646729287437&lmt=1646729287&dlt=1646729286944&idt=460&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&ucis=1&adks=1216140633&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fsoo.gd%2FIl8C&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1064157782.1646729287&ga_sid=1646729287&ga_hid=769408843&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

590ee3ef075e76b5c8286955d5013f41084bac3a21285f47fb2d93e59f9002b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://soo.gd
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A8FA 6 KB
4 KB 153ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Mar 2022 08:48:05 GMT
expires: Wed, 08 Mar 2023 08:48:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Primary Request advertise.php Show response
ukraineconsulatelib.azurewebsites.net/ 109 KB
34 KB 2077ms
1616ms Document
text/html 23.98.222.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses
Requested by: Host: soo.gd
URL: https://soo.gd/Il8C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.98.222.34 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/7.3.32 ASP.NET
Resource Hash: 6c6ab2741172dec875db428a983419006c363dd43ac71aacd719bcacb73cac75

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/

Response headers

Content-Length: 34332
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.3.32 ASP.NET
Date: Tue, 08 Mar 2022 08:48:06 GMT

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 147ms
49ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 08:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10589
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 161ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Mar 2022 08:48:05 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00D3 13 KB
5 KB 87ms
37ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 07:00:09 GMT
expires: Wed, 08 Mar 2023 07:00:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 6476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 6619 783 B
1 KB 134ms
46ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rqa21LgBDjt+KNEhcC9DoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Mar 2022 08:48:05 GMT
date: Tue, 08 Mar 2022 08:48:05 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Rqa21LgBDjt+KNEhcC9DoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js
pagead2.googlesyndication.com/bg/ Frame 00D3 35 KB
13 KB 78ms
35ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 13:33:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 13:33:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6619 0
0 100ms
80ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1093793959768020&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 00D3 0
9 B 35ms
34ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0RYjtg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1093793959768020&bg=!rK-lr-vNAAb7UztL-1M7ACkAdvg8Wj5H62cuZQH7bQonxrG8wfHt2XpIJRCE1lfidLB8AR5XPj8azgIAAABgUgAAAAVoAQeZAtvGBkkTyGgbwUQ4tUPVKdPAl2WRamEPr-n3x28wc7GC7CG9BMAVjcYAzVSvoXxiIosIcnmndw68VehMJJmTZYwk5QLno87CSTLvwl2mgT6pDe9KTpwj8ni9fifB6WNUx3l_pXAq_QX8PAa6SqX7GrzE354mYBzZRgWH6--Fkzp3Zbi3bysfytEYqgGLkqA9GapsaPE1eMbvy9MixAVbgK0Dr07Ec43ie9dqLryIM7JbYa8HUsz8VP8Ow9riymTZ3WFaSJst6udFIlgaiuD0APTYgFAVQZ7BNHoTKFIlSMIMKLnallHOr1ndCTOIFYsZNF4INk8186Fgzrzxcsjpt0kGEtFh3r1TgpYXwNXUKxZY2tzaeAp_MW7xbGUC6drpuCxqEYpxUGwNo28orXx0VZFFMBMa-iLI2RwSVX8O4vEMYZfp-XqbEYaO-Z58zJHHQ8PDwEDCShUe65JzdzkR-WG6eJTSwOLCsRmkdaK9uyRpGX90CKg8rS8haT-vsKiky4JPWHYZtsZCdIoZgL0uUmFWIcD9ADSxwPcK9ORTTn2YUyhX7i9V1ZyuVOtdCP5-_5-hFHXEaB4xutUvbkJyyvR55L8MkFrV01breD2KUgr7_NUr8hAGJgxvgvta0jzsoTZ33k3G9s-6bMYvvRQTNG63jw27vL0Aud9GkCPT4_AU977NpDHN2QW4GLt202svXQf_ItQw11OehlL9c337dkwoLzEGpEFBcOZid06VmVAZAN5AU6QhYgddq0UE37piHrmB-gHU2JgxRMFZhX1mK7fLK4ZEMjoTNfk6g01bvC9CEGeQXF3E5K-fiDf9pt6ewXwWwxmdTmHTnnJnV2Pkwn3luTUWipTAOyjiKNd4ezOdEJErKWXeY6i1qgrsxbDc9AnqWx4e_COVCCtmUDd6tom584p8K7TXkH9-qnDlp-0Ro1eH4uYPMZmkJ6xlCu4ufX8MnbNrKQQaBgCZVQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://soo.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 08:48:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/3.3.1/css/ 111 KB
19 KB 101ms
36ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 718, 718
age: 7266492
cdn-cachedat: 2021-04-22 23:16:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0379772f676eac3dea2530e448fdebba
cf-ray: 6e8a4f5dec4e76e9-LHR
cdn-requestcountrycode: FR
cdn-requestpullsuccess: True

GET
H2 404 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 0
0 289ms
231ms Stylesheet
text/html 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/font-awesome.min.css
Requested by: Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 style.css
rootcdn.pro/html/en/images/12/ 5 KB
2 KB 138ms
40ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rootcdn.pro/html/en/images/12/style.css

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf95055bbc54336490ebe314b0cfce2037452274198667825f483dd7154e54c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51913
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: W/"75201943c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxsBj6cHZgl8az%2FLx6vm04zoBfAhwB2s8h1juCjCy5d9rzolwfoEbdjxbtVH%2F0sXhgmUljQmNxyexOM74D0XcsDf7wx2WQMufHWqVGG4vMS55kAEpx9JDOU%2Bf5dWlauxG6IyOxhEKLC0yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 6e8a4f5e2ed68e0f-LHR
expires: Tue, 08 Mar 2022 18:22:54 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 86ms
29ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 552148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
timing-allow-origin: *
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH%2BEWC6yYTdBHL9FnDYDZyHjmHaToUSG2neeuju6VzTOeRCXoazUs24M1sOmf9yjUEH2Vhc7fTxrssXXZV6MusK%2Fk%2BliOQ3GOEDsFsGFQ%2BfnF%2B9LHNjKaKVbWJPu0xH3WRk6IIwxAy%2FbJZiIMNtVtvUM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e8a4f5de83a407d-LHR
expires: Sun, 26 Feb 2023 08:48:07 GMT

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 80 B
235 B 121ms
35ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?fields=8388627&key=hEpYxLQ2EecE1sz
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 5451729e087453848c152e2031e7547e39c8c2f5fc9187f7d430c5c1a4bba89c

Request headers

Accept: */*
Referer: https://ukraineconsulatelib.azurewebsites.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 08 Mar 2022 08:48:07 GMT
Content-Length: 80
Content-Type: application/json; charset=utf-8

GET
H3 200 Logo.png
rootcdn.pro/html/en/images/12/ 3 KB
3 KB 163ms
124ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/Logo.png

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

276f1db3a3178abdc581d679cd4c3091d9cfc96f6524549a42c05c518cdf2bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2685
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "3330d43c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QSDJ32Tt6fyd%2BxSnSphLrw0kWhxRJ8%2BvpqWPaxsdOPuc%2Bzuv2Uj4zbid03Bdi%2FlPtjeHK7rzMOiK7Y59Mi0uuEINA3lJv8WUXyv%2BC%2Bf6UOT041fbg7FA1dvevT7f6xX6J33FCCTdYGdMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbffd7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 top.jpg
rootcdn.pro/html/en/images/12/ 54 KB
55 KB 90ms
51ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/top.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2489b6150efecee42d4a6ac44e7412e24694b800deaab4750c42d42d38180853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55293
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "7a6b843c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXeqVdaF%2FBqGshLvyksg3WpYh5l8pr7pmgSZ6coqc9vn7gDKulHLlsU6bEja24O9bcQC5ZxjsMaccrdUm6MJMncBOcrJA1L86OHDmqcdCBktnTRFfHfns4wA2JwTm8v%2BFzUbBi1m8UXBIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbffe7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 mid.jpg
rootcdn.pro/html/en/images/12/ 54 KB
54 KB 117ms
78ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/mid.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4827101a742d037bfd1abee57a8381e03727e3e69595778307a67a61928ac11d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54986
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "7dcf4843c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5XSbK8epoXwIpzfCkPr9%2FtRRklrt31Bqg9EcggnhR1nQBrFGgNwgZaaaMobBBZmcg2%2BSrLGqrsun2rXrFG0FdQslKnP6NAr%2FNeFqHffqgVYlXFk1Z%2FkcHiFcHODWBt8Qi1jIPEmaTRHxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb8007572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 muskbranson.jpg
rootcdn.pro/html/en/images/12/ 72 KB
73 KB 166ms
126ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/muskbranson.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558ff4e312e5f7cfb6a66e493102c119f477e9e9002b2e851b90d1b26b842ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51344
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74019
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:31 GMT
server: cloudflare
etag: "f7904d43c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIfsz30HrwvZ2yB4r3DnsBQRR8JKKlzLRfLH3jD8CxTUCAwrzHZ46n0LGd7GN2krvRmX9Tv351eggogxVe7c6HUYPSIYWvJT7VOJCSzfuH%2FgBQdzir6kUR8Goq%2BgI6RJzFCt24Npirm%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb8057572-LHR
expires: Tue, 08 Mar 2022 18:32:23 GMT

GET
H3 200 dreamcar.jpg
rootcdn.pro/html/en/images/12/ 63 KB
64 KB 90ms
51ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/dreamcar.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98da04e4fe7961d6187060290a6c399fd5b2ce7517585a046559a12b902ecff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51302
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65015
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "e646e242c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CteHX3M7FnHqq%2F4dlHLP3FlN0XDl1q0rn9w%2Fjy3u6os02W4XqzVuAdziqL3o%2B0L%2F4YYBXH5vDIozWQb%2BRM4GlCmfkUPF3GnSYf%2F890K7eDYUif9072cWBy%2Bl4ECbxNRovsBM3IUEkTCbNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb8067572-LHR
expires: Tue, 08 Mar 2022 18:33:05 GMT

GET
H3 200 ZAfamily.jpg
rootcdn.pro/html/en/images/12/ 39 KB
39 KB 189ms
150ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/ZAfamily.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93569c6f0b34f2761d855b028675ecc9bfdc5b1bf7c85157c6681d8351449b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39693
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:31 GMT
server: cloudflare
etag: "f7904d43c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JInfB8qci4Wt%2FV4mcBUnh0sp%2BEUkbzF3L0VnURNVR9SKUlgPnVUDAhRXjFlnbbiWmMKxcm30lrDOGgb8igie2ylrx8988esbsdfcyQEn5LKHJ%2BOT6n74qAmnL6H67X7aNPyrfAYNVYDcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb8077572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 EmbellishedDeliriousArmyworm-size_restricted.gif
rootcdn.pro/html/en/images/12/ 250 KB
251 KB 191ms
152ms Image
image/gif 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/EmbellishedDeliriousArmyworm-size_restricted.gif

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89551df7776d88c155ec7ebc8ff0fdb5132e555d76811739f4bfffd7979c2916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3700
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 255919
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "64d0eb42c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLBGqKH8zzPVghdZCgn5k8ULFUVWU1eAV0FbC56EKA4GrEGRbJlwQpLoK3AV%2FBgkYG226Qvt%2Bs17Tylp3b6Ug2Rko3fhaLtEmIfT3xb8ZQf8cViEwwY5zXXodTYXe9Hisr7Z8zAKQ20skQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb8087572-LHR
expires: Wed, 09 Mar 2022 07:46:27 GMT

GET
H3 200 cta1b.jpg
rootcdn.pro/html/en/images/12/ 27 KB
28 KB 214ms
175ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/cta1b.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a93f5572ec03df86621e681c994f8e832ad06b5ce59d235130c61182940f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27889
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "6c1d842c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zt7KBkshBA%2Bx%2B70nqz9D2Z1iTNqP7dsVw3Y69GSNUz0qYPC1IF0Bj3UrA1hBipENBByTgikjylGpePaaxjrMhkf0vWGDITWo1qAKo581etR%2F3Tm6UElF95Q9gfVDz5Xmu9s1l7V7O7%2BTlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb80b7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 cta2.jpg
rootcdn.pro/html/en/images/12/ 26 KB
26 KB 217ms
178ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/cta2.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a7bddde59764b263f7d46caab05581ab00b223ac6b1b7b5d05640d329f7e9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26250
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "4b92543c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcjCK3NUOU1wbZxoixJrTP5IQq%2FwrP9a1EUcpvet6KjI%2FgtVMDzPms5Q8KVp9%2BqUKgTTnO1uA76YDS4vd1RKzTIOi%2BZG1j%2B3khNCqoNuj7GotfoRvWAmzQWOgF04jhzA4EF3q4OLRbIP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fb80d7572-LHR
expires: Tue, 08 Mar 2022 18:32:24 GMT

GET
H3 200 cta3.jpg
rootcdn.pro/html/en/images/12/ 20 KB
20 KB 66ms
29ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/cta3.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f405f28d3fc780dcd00b5febfb853a2c521ba8d9f2cbc2968a9c5787747b6f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20325
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "7ee21d43c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjFaBn9a8KuSdX4eeteWnwRMgjP6FeBp%2BqVdjF1y%2B%2BjVfHMFnZcc0mgc63cLbeuDExuwftMmky82RYNdUoiXHI3VPZp3r0f8LKvlH8n1djYjFJ4EhVb%2F1SEWBDrUnqz%2BnZh0dBnQV%2B1ypw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbfea7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 canadian-man1.jpg
rootcdn.pro/html/en/images/12/ 15 KB
15 KB 183ms
146ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/canadian-man1.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d01ccd1570627430c58350525cd032e892063f9a839fe30827d9c0415e06d3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15132
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "1f5ad642c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV%2FZq%2FuOsx8fsb%2BISQTMoxxlpJkUK5GKHw4Hny0P8PHsUb9jczuw7nJDIuPMo1HAA4LIRT%2BO2Lveu%2BUEWjm44kTcFQvWvBeqZ%2BglRIKllNxOKu9zrPR5L8K2aYkus7X8fslCQ7uYghFKaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbfeb7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 canadian-man2.jpg
rootcdn.pro/html/en/images/12/ 9 KB
10 KB 137ms
100ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/canadian-man2.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

518ee730c5ba149592d3e18e7c34c65eb931aaea55f921902ddd5d625cc6a1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9326
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "e646e242c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HwjbgIRsJ4%2BXWkTetNa2uJU3zBd4zz4Kyxxv5QuvwToe19k0HvexBUaAQyislM0xvt2flaLWZJ0FAh%2FdyOXM3JGsBv4CtN1VMeeFbEqyT3vQz63VUJKx4SsJhS3%2FFEUHbScQdd%2FsTWHhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbff27572-LHR
expires: Wed, 09 Mar 2022 07:46:28 GMT

GET
H3 200 side3.jpg
rootcdn.pro/html/en/images/12/ 6 KB
7 KB 114ms
77ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/side3.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e9c24008dd7f7fa8b3a4ca375b6b00cbb164607afde5b63a1328a569a84874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6500
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "93bdf742c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MXZQczon6bhVE1vtRhsm1qv%2FbQ7rLYCbwmXXg0WYeEsZNx5JoQOzOLIzzTO5%2BpNpUYHHdAgX1bpRIpE1EkFA%2FXfij%2FwvYqnR8iu0m13vA3DDcAU4FAWTFg9mvI1Hf%2FJwgi32NQMBC5brA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbff47572-LHR
expires: Tue, 08 Mar 2022 18:32:24 GMT

GET
H3 200 side4.jpg
rootcdn.pro/html/en/images/12/ 8 KB
8 KB 111ms
74ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/side4.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4805432d3e214ba35c2982a58e009762eddbcf3c450ee74402cce7bfac6a7929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7929
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "34571443c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Frd%2FeIyRbNACw8pcdyIJtyGPx99CuP0msLsfjRObgsIrt0prN1dU%2FLn8ALjMMX%2FlJZcIk1bOTJOaetoyrvL%2BmAV%2B8YfRrZWHfnCT24KFa%2F85QKWqMF%2Bkg2rz287iPqAijQRikDrQn9pVdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbff57572-LHR
expires: Tue, 08 Mar 2022 18:32:24 GMT

GET
H3 200 canadian-woman.jpg
rootcdn.pro/html/en/images/12/ 14 KB
14 KB 185ms
148ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/canadian-woman.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f4f281ca7166ffb19a8c790150f45e19b7dc9e0fcec5d783e7325e8bb16f8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14078
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "45bd3543c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u74kuftSRhNnNA2AzclanN3gufIJ%2Bg2A7xHfH676auqfGQk72IvCkNEgQF4Sb12xAAIKlm2QI7dY1vuEN1qI1KYkyxo2oIbaXWbE%2BhiNeStxDYjU9YtKRMRG9GqTK1b3yPrvKLkomQGpmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbff77572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 side6.jpg
rootcdn.pro/html/en/images/12/ 12 KB
13 KB 181ms
144ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/side6.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f723cc6e270fa155f6c9c9950393f5876a52ee93f22d77864b49bc3fc24a5fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51342
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12342
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "b07e1b43c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FApmEH1J6pDNhiQVoEJWZWuutesyU7tJZbmbQtOcYo6owyPVSo8640g%2F1yodkwVTDQhX4XptJVZHQkt48OTP7UIW4QXPOaYGXVe5haNa6sANMVEzKkiEdUggf%2BcSCgGKD35yTMoP0u5vAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbffa7572-LHR
expires: Tue, 08 Mar 2022 18:32:25 GMT

GET
H3 200 side7.jpg
rootcdn.pro/html/en/images/12/ 11 KB
12 KB 160ms
123ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/side7.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981a38f436032637ba92058f73de969a85115c98512d4eafa0f101f3e08b1914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11593
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "b0583343c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ATJOt2zwAT0eWQfcpFXMjIIXDCBLRCWD2itAickbdymhYh8Q4UBO%2FBDg7hoo7tqAYBlqAyNw6HFB6Crw8%2FlLWnYuC6FHz6ohUjILdG5VgO6GdmEx7LGpqY7FEXLsttjnF5fx8TMvNmgog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbffc7572-LHR
expires: Wed, 09 Mar 2022 07:46:28 GMT

GET
H3 200 s1.jpg
rootcdn.pro/html/en/images/12/ 45 KB
46 KB 139ms
103ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/s1.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2fac17ccca8a23dd0e32622d0e68bbb062b5c8901d6f612983c6b7d458b8496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50220
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46033
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "35af542c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVj1Zad%2FLNO9e67G1ttxGAzGNcGx%2FxUmv7r%2BUk6QqyyowgDlte47WJ8s77dBg5dEuiPjO8NoXx4rpA7iOWDE%2Bwh%2FCFgHUbBUjcn5GedZrts1sVUye2V0lOg1UKoYbD0J%2FWNeGytqEhtrDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbfec7572-LHR
expires: Tue, 08 Mar 2022 18:51:07 GMT

GET
H3 200 s2.jpg
rootcdn.pro/html/en/images/12/ 21 KB
22 KB 138ms
102ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/s2.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0dd246573146bdec90a87c9512ee0c31c26f05aa9835397c2c496aec6f85be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21799
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "2134ee42c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwvjVzLYqN7V7qRVEybCg0%2BWVXMlzDVYlUOEOO%2FBwp8Ywg6sy9dIzCe1%2B6DeI5JNT3zIcgEVj09bDOwyBU8%2BjTAaoMDdMNZD8bRpNfch8ad%2B2FNjzwtKGp7CDwAjpfLQYBovn89u5eDGhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbfed7572-LHR
expires: Wed, 09 Mar 2022 07:46:28 GMT

GET
H3 200 s3.jpg
rootcdn.pro/html/en/images/12/ 17 KB
17 KB 135ms
99ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rootcdn.pro/html/en/images/12/s3.jpg

Requested by

Host: ukraineconsulatelib.azurewebsites.net
URL: https://ukraineconsulatelib.azurewebsites.net/advertise.php?umbilicus=as1x1d27ffg6ukqz&vicecomital=cymbaeform&outbound=prosinesses

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

133771dea9e842dc402c42caff112015a06070bb2b0a5bb78d26b82309247003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ukraineconsulatelib.azurewebsites.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:48:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3699
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16951
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Feb 2022 14:54:30 GMT
server: cloudflare
etag: "93bdf742c528d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjK4sTPODG%2BHqk3gh8yvzbD7Li95Kp7HZazeUBmhHPIO3%2FR4uykTitV%2BtWOvo9KahY6ENqO7AjWTWt747ilGj5Oy6imq4Avf%2FBpvHkrVI%2FKuH5VgIuxwoJMIPMHEk6MswsV1viiJlZ8KUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6e8a4f5fbff07572-LHR
expires: Wed, 09 Mar 2022 07:46:28 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.soo.gd/	1970-01-20 18:56:41	Name: _ga Value: GA1.2.1064157782.1646729287
.soo.gd/	1970-01-20 01:26:55	Name: _gid Value: GA1.2.928017662.1646729287
.soo.gd/	1970-01-20 01:25:29	Name: _gat_gtag_UA_31510493_2 Value: 1
.doubleclick.net/	1970-01-20 01:25:30	Name: test_cookie Value: CheckForPermission
.soo.gd/	1970-01-20 10:47:05	Name: __gads Value: ID=c083d66f907a3c35-2275578757cd0094:T=1646729285:S=ALNI_Mafz3BTiSKn7zg0UvXSqSHAW1E1_Q
.ukraineconsulatelib.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinity Value: d8d03614bc510cc5857017d2e5db96abd9ca95b7444ce9f96afd5266abaaa99e
.ukraineconsulatelib.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: d8d03614bc510cc5857017d2e5db96abd9ca95b7444ce9f96afd5266abaaa99e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/font-awesome.min.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97d3391ae421d9003ff1b8c61e34d1e4.safeframe.googlesyndication.com
adservice.google.co.uk
adservice.google.com
cdnjs.cloudflare.com
pagead2.googlesyndication.com
pro.ip-api.com
rootcdn.pro
securepubads.g.doubleclick.net
soo.gd
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
ukraineconsulatelib.azurewebsites.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.226
23.98.222.34
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:831::2001
2a06:98c1:3120::7
2a06:98c1:3121::7
51.77.64.70
0b99de68991dd03bb346f7f3ae67c4235954d0858b58be55945bb84c8124e9bb
133771dea9e842dc402c42caff112015a06070bb2b0a5bb78d26b82309247003
2489b6150efecee42d4a6ac44e7412e24694b800deaab4750c42d42d38180853
276f1db3a3178abdc581d679cd4c3091d9cfc96f6524549a42c05c518cdf2bf3
2f4f281ca7166ffb19a8c790150f45e19b7dc9e0fcec5d783e7325e8bb16f8dc
36a93f5572ec03df86621e681c994f8e832ad06b5ce59d235130c61182940f9f
3a7bddde59764b263f7d46caab05581ab00b223ac6b1b7b5d05640d329f7e9c3
4805432d3e214ba35c2982a58e009762eddbcf3c450ee74402cce7bfac6a7929
4827101a742d037bfd1abee57a8381e03727e3e69595778307a67a61928ac11d
518ee730c5ba149592d3e18e7c34c65eb931aaea55f921902ddd5d625cc6a1d2
5451729e087453848c152e2031e7547e39c8c2f5fc9187f7d430c5c1a4bba89c
558ff4e312e5f7cfb6a66e493102c119f477e9e9002b2e851b90d1b26b842ca6
590ee3ef075e76b5c8286955d5013f41084bac3a21285f47fb2d93e59f9002b9
5ba34e3739ecde238be41093ecc0a01e965ec0a500d756cafe9b2cde70936d59
5f9df750913ca1fa7daf8debf1f571b0af5c6a734eb10f3ebb482ab5955a7ced
5fa3afd9c5e6de7152dacc7c2fa38afb712d9cd34b12b9e9f187310563f5b128
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6ab2741172dec875db428a983419006c363dd43ac71aacd719bcacb73cac75
89551df7776d88c155ec7ebc8ff0fdb5132e555d76811739f4bfffd7979c2916
93569c6f0b34f2761d855b028675ecc9bfdc5b1bf7c85157c6681d8351449b09
981a38f436032637ba92058f73de969a85115c98512d4eafa0f101f3e08b1914
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b2e9c24008dd7f7fa8b3a4ca375b6b00cbb164607afde5b63a1328a569a84874
cf0dd246573146bdec90a87c9512ee0c31c26f05aa9835397c2c496aec6f85be
cf95055bbc54336490ebe314b0cfce2037452274198667825f483dd7154e54c6
d01ccd1570627430c58350525cd032e892063f9a839fe30827d9c0415e06d3b8
d2fac17ccca8a23dd0e32622d0e68bbb062b5c8901d6f612983c6b7d458b8496
d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
f405f28d3fc780dcd00b5febfb853a2c521ba8d9f2cbc2968a9c5787747b6f88
f723cc6e270fa155f6c9c9950393f5876a52ee93f22d77864b49bc3fc24a5fa3
f98da04e4fe7961d6187060290a6c399fd5b2ce7517585a046559a12b902ecff
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ukraineconsulatelib.azurewebsites.net Open in urlscan Pro 23.98.222.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

81 %IPv6

13 Domains

16 Subdomains

16 IPs

2 Countries

1113 kBTransfer

1753 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ukraineconsulatelib.azurewebsites.net Open in urlscan Pro
23.98.222.34 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

81 %
IPv6

13
Domains

16
Subdomains

16
IPs

2
Countries

1113 kB
Transfer

1753 kB
Size

7
Cookies

45 HTTP transactions
0 data transactions