URL: https://gov.diiapay.su/
Submission: On December 20 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:215, located in Russian Federation and belongs to AS-REGRU "Domain names registrar REG.RU", Ltd, RU. The main domain is gov.diiapay.su.
TLS certificate: Issued by R10 on December 19th 2024. Valid for: 3 months.
This is the only time gov.diiapay.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a00:f940:2:2... 197695 (AS-REGRU ...)
2 2a00:1450:400... 15169 (GOOGLE)
3 157.240.252.13 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
7 195.189.240.75 212542 (DIIA-AS S...)
2 157.240.253.35 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
32 9
Apex Domain
Subdomains
Transfer
13 diiapay.su
gov.diiapay.su
752 KB
7 diia.gov.ua
diia.gov.ua — Cisco Umbrella Rank: 301113
344 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
320 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
92 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
211 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
544 B
32 8
Domain Requested by
13 gov.diiapay.su gov.diiapay.su
diia.gov.ua
7 diia.gov.ua gov.diiapay.su
3 www.googletagmanager.com gov.diiapay.su
www.google-analytics.com
3 connect.facebook.net gov.diiapay.su
connect.facebook.net
2 www.facebook.com gov.diiapay.su
2 www.google-analytics.com gov.diiapay.su
diia.gov.ua
1 www.google.de gov.diiapay.su
1 stats.g.doubleclick.net www.googletagmanager.com
32 8
Subject Issuer Validity Valid
gov.diiapay.su
R10
2024-12-19 -
2025-03-19
3 months crt.sh
*.google-analytics.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-28 -
2024-12-27
3 months crt.sh
*.diia.gov.ua
RapidSSL TLS RSA CA G1
2024-02-06 -
2025-03-08
a year crt.sh
*.g.doubleclick.net
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
*.google.de
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://gov.diiapay.su/
Frame ID: 321872B0B90F482FBAA3256505F18B7A
Requests: 42 HTTP requests in this frame

Screenshot

Page Title

Виплати | Дія

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

5
Countries

1530 kB
Transfer

3225 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gov.diiapay.su/
68 KB
10 KB
Document
General
Full URL
https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
a569ec2c55fb5e1e5d00f57e7b5e816edd89de651fe2d488e798d8d788f621cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 20 Dec 2024 13:22:28 GMT
server
nginx
vary
Accept-Encoding
44261ff286f3cd30e7cdd7bb96061748-1732022823.css
gov.diiapay.su/css/
558 KB
147 KB
Stylesheet
General
Full URL
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
00c0e0bf9adee3ca2b4ab977652671712cb26ddf082d2e196b9dc36832bae99a

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
max-age=3888000
content-encoding
gzip
etag
W/"6763c2bb-8b9d1"
expires
Mon, 03 Feb 2025 13:22:28 GMT
date
Fri, 20 Dec 2024 13:22:28 GMT
content-type
text/css
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
vary
Accept-Encoding
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
age
2463
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 14:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 12:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
2853763384889398
connect.facebook.net/signals/config/
76 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2853763384889398?v=2.9.176&r=stable&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
4f816c327602e9efce8732c5e45730b0f0b8961ce4c3be2390278fe2eebf2eaa
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-HOpRb7Tq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-HOpRb7Tq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=34137, tp=36, tpl=0, uplat=149, ullat=0
pragma
public
x-fb-debug
8Cfw13+trXOsxYh+iBWrg8D/CBopYxLJL1y00TDIpwrClBEKVf/sc1kB394FR+FX9z6+XTP5GE1KH7mga462ug==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EaGwyCsI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-EaGwyCsI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4665, tp=12, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
vH0Iv1G7DDzR/01HDDwaHGJrjucoBcrvuktsZyAmRvm6rG2JbzML55EGS63ZM6mjK1A+drG8NFWqGvtwXYL3pg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
gtm.js
www.googletagmanager.com/
259 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBX3V3Z
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c523713b3b4656cf60e4386523f0bd83c7c1049eaff30e9769e57d2e54b7746c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 20 Dec 2024 13:22:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 20 Dec 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89681
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
329 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZF72K12ETR&l=dataLayer&cx=c&gtm=45He4bk0v831006156za200
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1424fe67e3dc6c2a2d1c9856ba624d84a2ef372ef063543e4149cc6990b80847
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 13:22:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110577
x-xss-protection
0
server
Google Tag Manager
c5a159185922f4526c0f3a0c21b5d662-1732022823
diia.gov.ua/combine/
264 KB
264 KB
Script
General
Full URL
https://diia.gov.ua/combine/c5a159185922f4526c0f3a0c21b5d662-1732022823
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
ab5f2eab75b0d8e538da562507d734205d33ea82273260a5eaa704d38d47ff94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Cache-Status
HIT
Cache-Control
max-age=604800, public
X-Fastcgi-Cache
MISS
ETag
"c5a159185922f4526c0f3a0c21b5d662"
Connection
keep-alive
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
ajax.js
diia.gov.ua/plugins/kitsoft/pages/assets/js/
429 B
789 B
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/pages/assets/js/ajax.js?v=2.1.20
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
5674778e54be657bb0ec2a7d0599f7edff73973405916b30874161238153a79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d2e-1ad"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
429
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:30:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
csrf_token.js
diia.gov.ua/plugins/kitsoft/pages/assets/js/
2 KB
2 KB
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/pages/assets/js/csrf_token.js?v=2.1.20
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx /
Resource Hash
29debfbd89e9ddba4b369d32e78a52f5f604d87a89848e5c7a6d6caee5aa72bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d2e-653"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
1619
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:30:54 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
hit.js
diia.gov.ua/plugins/kitsoft/services/assets/js/
277 B
653 B
Script
General
Full URL
https://diia.gov.ua/plugins/kitsoft/services/assets/js/hit.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
7a9f77ca86cae5a82f3055bed9762927881c82c9f9032080c98bcb08bcbb6d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570d4b-115"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
277
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:31:23 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
jquery.validate.min.js
diia.gov.ua/themes/diia/assets/vendor/validate-1.19.3/
24 KB
24 KB
Script
General
Full URL
https://diia.gov.ua/themes/diia/assets/vendor/validate-1.19.3/jquery.validate.min.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
c74d06bbbd775b61fdc17ac4a2e71178803ed7f032320f2337d28a26872268ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-5f71"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
24433
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
serviceitem.bundle.js
diia.gov.ua/themes/diia/assets/javascript/build/
32 KB
32 KB
Script
General
Full URL
https://diia.gov.ua/themes/diia/assets/javascript/build/serviceitem.bundle.js
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
5f4907340aaff5fb5d7968d13195717cf1909c8ad94060d7cf256c16ca17b8fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-7efe"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
32510
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99d5c6b8e0c7431abbb21aae59ecbcca4381cb79c44ec898d3d1cc00dd6d8cf1

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5b1f5f9346169e6205738dce4505533f414e242b75fc421d5c8d317d89d4987

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
768 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a114796c5cf904276265efa8fb616c47974d1552b18911ef2fccb6195be3d85

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
409 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
486f47a4dd912217e8004c81c1c83b58e2302a8222d24bb72cf004954c5ef0af

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
ic_back(ic_service-back).svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/
156 KB
156 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/ic_back(ic_service-back).svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
42392beebf15b7c41291007bf008ed851d2ad3a6f3257814677f0b8af6430291

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
531e54df1389a69f754c08f4c97cdd2cce152688bf15cd76692a38d558d52585

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8cd6fd55e95aba57c1db45511d8141cdcbf36acbf26326558dce417e41473889

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41aa9d14c1337403ef4b2fb8e9225707868a15df39a99d62916e52f97c8d3134

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc52bf5eadd856ce725eeae5bc5c4039f05a2097e7ad8b70b537c6895fe64490

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bb42605e51379fbe4ab9b8e50e068a6934bed3b6f16b888a5b0a40ed636f24b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
reddot.svg
diia.gov.ua/themes/diia/assets/images/
20 KB
20 KB
Image
General
Full URL
https://diia.gov.ua/themes/diia/assets/images/reddot.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.189.240.75 , Ukraine, ASN212542 (DIIA-AS SE Diia, UA),
Reverse DNS
Software
nginx/1.24.0 (Ubuntu) /
Resource Hash
a8130e624349048491acca779eb786ae3fa70d3789ce5996dcb3e2547ca223b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

X-Cache-Status
HIT
ETag
"67570c89-5046"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
20550
Date
Fri, 20 Dec 2024 13:22:29 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/svg+xml
Last-Modified
Mon, 09 Dec 2024 15:28:09 GMT
Server
nginx/1.24.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
apple-store.svg
gov.diiapay.su/themes/diia/assets/images/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/apple-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
google-store.svg
gov.diiapay.su/themes/diia/assets/images/
156 KB
156 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/google-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
42392beebf15b7c41291007bf008ed851d2ad3a6f3257814677f0b8af6430291

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
AppGallery-store.svg
gov.diiapay.su/themes/diia/assets/images/
22 KB
22 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/AppGallery-store.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
344995e08d22b08330181e900e204590d717ed44d403d367ef40f7fec2c31d3f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_telegram.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
22 KB
22 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_telegram.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
7adf6451bf9e9ba4be5eb4514d8f8110385739e7c58cf1a412073684b1422e20

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_viber.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
6 KB
6 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_viber.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
chatbot_fb.svg
gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/
22 KB
22 KB
Image
General
Full URL
https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_fb.svg
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
7adf6451bf9e9ba4be5eb4514d8f8110385739e7c58cf1a412073684b1422e20

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
e-Ukraine-Regular.otf
gov.diiapay.su/fonts/
69 KB
69 KB
Font
General
Full URL
https://gov.diiapay.su/fonts/e-Ukraine-Regular.otf
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
99da5f554cb416b08a628f94415dfe357a365d0adc0d1d6a2f157a71cb30696b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://gov.diiapay.su
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

accept-ranges
bytes
content-length
70420
date
Fri, 20 Dec 2024 13:22:29 GMT
etag
"11314-62999fa244438"
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
e-Ukraine-Light.otf
gov.diiapay.su/fonts/
68 KB
68 KB
Font
General
Full URL
https://gov.diiapay.su/fonts/e-Ukraine-Light.otf
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
172f548715156c318750e7378ec8e6caef46d2c07a3a88476c708de0c717f570

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Origin
https://gov.diiapay.su
Referer
https://gov.diiapay.su/css/44261ff286f3cd30e7cdd7bb96061748-1732022823.css

Response headers

accept-ranges
bytes
content-length
69740
date
Fri, 20 Dec 2024 13:22:29 GMT
etag
"1106c-62999fa244050"
content-type
application/vnd.oasis.opendocument.formula-template
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx
csrf-token
gov.diiapay.su/
307 KB
67 KB
XHR
General
Full URL
https://gov.diiapay.su/csrf-token
Requested by
Host: diia.gov.ua
URL: https://diia.gov.ua/combine/c5a159185922f4526c0f3a0c21b5d662-1732022823
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
f8189cc4dcf4d7587e9192d17dd28f5a7dab255fa5ee4a446113cacd72a970fc

Request headers

Referer
https://gov.diiapay.su/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Accept
*/*

Response headers

content-encoding
gzip
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
nginx
2853763384889398
connect.facebook.net/signals/config/
78 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2853763384889398?v=2.9.179&r=stable&domain=gov.diiapay.su&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
7335d8c4dd4fc6aff33bc97084f89d2b518f30bc95962b5284d53d8aeb2f4c01
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Uhh07L5q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-Uhh07L5q' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=84, mss=1232, tbw=86905, tp=82, tpl=0, uplat=60, ullat=0
pragma
public
x-fb-debug
VJ1jgOyKPNYEF5u7gvA22HCBiIJ9Vzqt5myohaZMkbe74VWZpLcta1Yt4+o/p3phJM9ihiICwGcaF/aG1SG/lg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
truncated
/
367 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7640d507efce0b5e94e928cce5d1530dd20cf3e8e2be234da02cecd91d5a61e0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/j/
15 B
433 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1819363322&t=pageview&_s=1&dl=https%3A%2F%2Fgov.diiapay.su%2F&ul=de-de&de=UTF-8&dt=%D0%92%D0%B8%D0%BF%D0%BB%D0%B0%D1%82%D0%B8%20%7C%20%D0%94%D1%96%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAACAAI~&jid=1417580070&gjid=5254513&cid=922341208.1734700950&tid=UA-148361071-3&_gid=655790254.1734700950&_r=1&_slc=1&gtm=45He4cc1n81WBX3V3Zv831006156za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&z=1430128361
Requested by
Host: diia.gov.ua
URL: https://diia.gov.ua/plugins/kitsoft/pages/assets/js/csrf_token.js?v=2.1.20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533afca9a5ce27be8179b980275daa8e523882f18baf14b6147bdc5d49667a26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://gov.diiapay.su/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/
368 KB
123 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa1f2c3807c6cb1616ffc33a73c2cb5024ccdd5bb20f2947b8fc780b7ef4e9f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 20 Dec 2024 13:22:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
126081
x-xss-protection
0
server
Google Tag Manager
/
www.facebook.com/tr/
0
19 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2853763384889398&ev=PageView&dl=https%3A%2F%2Fgov.diiapay.su%2F&rl=&if=false&ts=1734700949868&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734700949864.8486336931300500&cs_est=true&ler=empty&cdl=API_unavailable&it=1734700949675&coo=false&rqm=GET
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4533, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
192 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2853763384889398&ev=PageView&dl=https%3A%2F%2Fgov.diiapay.su%2F&rl=&if=false&ts=1734700949868&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1734700949864.8486336931300500&cs_est=true&ler=empty&cdl=API_unavailable&it=1734700949675&coo=false&rqm=FGET
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 20 Dec 2024 13:22:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3FZrbz9DhYzFsouzVrIGqI3cypEOsnmOhQ7HAcaaDyHO76ri2K1hP0v2DfPHFDtgT2ViT3ceMQKaNJxJYq9KhA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4901, tp=13, tpl=0, uplat=114, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
stats.g.doubleclick.net/g/
0
544 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDV8QBGVW1&cid=922341208.1734700950&gtm=45je4cc1v9134476228za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDV8QBGVW1&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://gov.diiapay.su
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Dec 2024 13:22:30 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDV8QBGVW1&cid=922341208.1734700950&gtm=45je4cc1v9134476228za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l3l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=781172786
Requested by
Host: gov.diiapay.su
URL: https://gov.diiapay.su/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 20 Dec 2024 13:22:29 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
gov.diiapay.su/
1 KB
1 KB
Other
General
Full URL
https://gov.diiapay.su/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:215 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS
Software
nginx /
Resource Hash
e6b50a4a72eb293819b386154bf847f53425cac53a77e8c10205ef0a1ac9210b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://gov.diiapay.su/

Response headers

accept-ranges
bytes
content-length
1150
date
Fri, 20 Dec 2024 13:22:31 GMT
etag
"47e-62999fa243c68"
content-type
image/vnd.microsoft.icon
last-modified
Thu, 19 Dec 2024 06:52:43 GMT
server
nginx

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_data function| ga object| gaplugins object| dataLayer function| $ function| jQuery object| bootstrap function| moment function| ocJSON function| ocSanitize function| getCsrf function| isCurrentHost function| fbq function| _fbq string| currentRequestUrl object| google_tag_manager function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.diiapay.su/ Name: _gid
Value: GA1.2.655790254.1734700950
.diiapay.su/ Name: _gat_UA-148361071-3
Value: 1
.diiapay.su/ Name: _ga_ZF72K12ETR
Value: GS1.1.1734700949.1.0.1734700949.0.0.0
.diiapay.su/ Name: _ga
Value: GA1.1.922341208.1734700950
.diiapay.su/ Name: _fbp
Value: fb.1.1734700949864.8486336931300500
.diiapay.su/ Name: _ga_KDV8QBGVW1
Value: GS1.2.1734700949.1.0.1734700949.60.0.0

8 Console Messages

Source Level URL
Text
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/all-btns/ic_back(ic_service-back).svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/google-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_viber.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_fb.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/AppGallery-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/icons/svg/chatbot/chatbot_telegram.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/themes/diia/assets/images/apple-store.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gov.diiapay.su/csrf-token
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
diia.gov.ua
gov.diiapay.su
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
142.250.185.67
157.240.252.13
157.240.253.35
195.189.240.75
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0b::9a
2a00:f940:2:2:1:1:0:215
00c0e0bf9adee3ca2b4ab977652671712cb26ddf082d2e196b9dc36832bae99a
1424fe67e3dc6c2a2d1c9856ba624d84a2ef372ef063543e4149cc6990b80847
172f548715156c318750e7378ec8e6caef46d2c07a3a88476c708de0c717f570
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
29debfbd89e9ddba4b369d32e78a52f5f604d87a89848e5c7a6d6caee5aa72bb
344995e08d22b08330181e900e204590d717ed44d403d367ef40f7fec2c31d3f
39fb7865cf317f21431796488f99934bc15344f51f45023d11504182141c9925
41aa9d14c1337403ef4b2fb8e9225707868a15df39a99d62916e52f97c8d3134
42392beebf15b7c41291007bf008ed851d2ad3a6f3257814677f0b8af6430291
486f47a4dd912217e8004c81c1c83b58e2302a8222d24bb72cf004954c5ef0af
4bb42605e51379fbe4ab9b8e50e068a6934bed3b6f16b888a5b0a40ed636f24b
4f816c327602e9efce8732c5e45730b0f0b8961ce4c3be2390278fe2eebf2eaa
531e54df1389a69f754c08f4c97cdd2cce152688bf15cd76692a38d558d52585
533afca9a5ce27be8179b980275daa8e523882f18baf14b6147bdc5d49667a26
5674778e54be657bb0ec2a7d0599f7edff73973405916b30874161238153a79c
5f4907340aaff5fb5d7968d13195717cf1909c8ad94060d7cf256c16ca17b8fa
7335d8c4dd4fc6aff33bc97084f89d2b518f30bc95962b5284d53d8aeb2f4c01
7640d507efce0b5e94e928cce5d1530dd20cf3e8e2be234da02cecd91d5a61e0
7a9f77ca86cae5a82f3055bed9762927881c82c9f9032080c98bcb08bcbb6d27
7adf6451bf9e9ba4be5eb4514d8f8110385739e7c58cf1a412073684b1422e20
8cd6fd55e95aba57c1db45511d8141cdcbf36acbf26326558dce417e41473889
99d5c6b8e0c7431abbb21aae59ecbcca4381cb79c44ec898d3d1cc00dd6d8cf1
99da5f554cb416b08a628f94415dfe357a365d0adc0d1d6a2f157a71cb30696b
9a114796c5cf904276265efa8fb616c47974d1552b18911ef2fccb6195be3d85
a569ec2c55fb5e1e5d00f57e7b5e816edd89de651fe2d488e798d8d788f621cf
a8130e624349048491acca779eb786ae3fa70d3789ce5996dcb3e2547ca223b7
aa1f2c3807c6cb1616ffc33a73c2cb5024ccdd5bb20f2947b8fc780b7ef4e9f4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5f2eab75b0d8e538da562507d734205d33ea82273260a5eaa704d38d47ff94
c523713b3b4656cf60e4386523f0bd83c7c1049eaff30e9769e57d2e54b7746c
c74d06bbbd775b61fdc17ac4a2e71178803ed7f032320f2337d28a26872268ed
d5b1f5f9346169e6205738dce4505533f414e242b75fc421d5c8d317d89d4987
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b50a4a72eb293819b386154bf847f53425cac53a77e8c10205ef0a1ac9210b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8189cc4dcf4d7587e9192d17dd28f5a7dab255fa5ee4a446113cacd72a970fc
fc52bf5eadd856ce725eeae5bc5c4039f05a2097e7ad8b70b537c6895fe64490