urlscan.io logo urlscan.io
SecurityTrails logo

uapay.ua Open in urlscan Pro
52.29.0.52  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://m0o.me/
Effective URL: https://uapay.ua/
Submission: On February 02 via manual from UA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 14 domains to perform 54 HTTP transactions. The main IP is 52.29.0.52, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is uapay.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 16th 2020. Valid for: a year.
This is the only time uapay.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    193.233.15.162 (Russian Federation)

ASN42745 (SAFEVALUE-AS, DE)
m0o.me
36    52.29.0.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
uapay.ua
widget.uapay.ua
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
2    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
stackpath.bootstrapcdn.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3034::ac43:9550 (United States)

ASN13335 (CLOUDFLARENET, US)
rawgit.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    178.132.201.50 (Russian Federation)

ASN49505 (SELECTEL, RU)
cdn.bitrix24.ru
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
34 uapay.ua uapay.ua
2 cdn.bitrix24.ru uapay.ua
cdn.bitrix24.ru
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com uapay.ua
2 widget.uapay.ua uapay.ua
2 stackpath.bootstrapcdn.com uapay.ua
2 use.fontawesome.com uapay.ua
use.fontawesome.com
2 www.googletagmanager.com uapay.ua
1 www.google.de uapay.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 www.gstatic.com www.google.com
1 rawgit.com uapay.ua
1 cdnjs.cloudflare.com uapay.ua
1 code.jquery.com uapay.ua
1 m0o.me 1 redirects
54 15

This site contains links to these domains. Also see Links.

Domain
cards.uapay.ua
account.uapay.ua
escrowbox.uapay.ua
uapayua.atlassian.net
Subject Issuer Validity Valid
*.uapay.ua
Sectigo RSA Domain Validation Secure Server CA		 2020-11-16 -
2021-12-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.bitrix24.ru
Go Daddy Secure Certificate Authority - G2		 2020-11-19 -
2021-12-21		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://uapay.ua/
Frame ID: 8BB4852946BDA988F204F5B8EE708331
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://m0o.me/ HTTP 301
    https://uapay.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

54
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

15
Subdomains

13
IPs

5
Countries

1113 kB
Transfer

2526 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m0o.me/ HTTP 301
    https://uapay.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
uapay.ua/
Redirect Chain
  • http://m0o.me/
  • https://uapay.ua/
328 KB
92 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx / PHP/7.3.16
Resource Hash
ec72a7b50c4af3ab64446d75a06d42afaba55978c7b73a67a9742b4a8d7dc2af
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN

Request headers

Host
uapay.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.16
Link
<https://uapay.ua/wp-json/>; rel="https://api.w.org/" <https://uapay.ua/>; rel=shortlink
Vary
Accept-Encoding User-Agent
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000 max-age=31536000
X-Frame-Options
sameorigin SAMEORIGIN
X-Content-Type-Options
nosniff nosniff
Referrer-Policy
strict-origin-when-cross-origin strict-origin-when-cross-origin
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/ microphone 'none'; geolocation 'none'
Expires
Thu, 04 Mar 2021 02:08:49 GMT
Cache-Control
max-age=2592000

Redirect headers

Server
openresty/1.13.6.1
Date
Tue, 02 Feb 2021 02:08:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-FireWall-Port
80
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=vtr3qhej3b2igh0qsi8ck4l974; path=/
Location
https://uapay.ua/
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-159871881-1
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e96d39b22a36b74c20f9f1da4d08ced81640bcf6e39974745663a3a5f390fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38878
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Feb 2021 02:08:49 GMT
style.min.css
uapay.ua/wp-includes/css/dist/block-library/ 		40 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
6132
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Thu, 11 Jun 2020 10:11:46 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"a055-5a7cc3025ac69-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
text/css
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
style.css
uapay.ua/wp-content/themes/uapay/ 		725 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/style.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7acd1a3190ce8d6348df9ab294f6167a6cecd68625055ce62600b7922bdf8341
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
389
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"2d5-5b9d264a403ba-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
text/css
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
all.css
use.fontawesome.com/releases/v5.3.1/css/ 		48 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
last-modified
Tue, 28 Aug 2018 18:00:36 GMT
server
NetDNA-cache/2.2
etag
W/"10519cfd3206802f58315b877a9beab5"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:50 GMT
etag
"1550076050"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
23237
main.min.css
uapay.ua/wp-content/themes/uapay/assets/css/ 		157 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
78dfc9e756bea3d3a757ed8f5b2e823abab3c9212634f669af7a7b4fbb14662f
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
14326
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:25 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"273f1-5b9d2649f121a-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
text/css
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
animations.css
uapay.ua/wp-content/themes/uapay/assets/css/ 		39 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/css/animations.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7a05b2909a572116c35e4d4bbcd50b6f92a6372fba8321010365dca5558dee64
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
3709
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:25 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"9cfd-5b9d2649f0e32-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
text/css
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
style.css
widget.uapay.ua/vendor/ 		572 B
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.uapay.ua/vendor/style.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f58c628c6677d27201d6c8c5eff20c266055f7edf22cf229de6f155d93bce671
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Last-Modified
Sun, 26 Jul 2020 21:51:54 GMT
Server
nginx
ETag
"5f1dfafa-23c"
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
572
custom.css
uapay.ua/wp-content/themes/uapay/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/css/custom.css
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d43110407b105703a22c4298c8087277273697f53fc2ddaeebf891e108f364b4
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
3229
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:25 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"39bf-5b9d2649f121a-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
text/css
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
jquery.js
uapay.ua/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
33776
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 17 May 2019 04:25:54 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"17a69-5890dc7401880-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
jquery-migrate.min.js
uapay.ua/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
4014
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Fri, 20 May 2016 06:11:28 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"2748-5333ff613c400-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
site-logo.png
uapay.ua/wp-content/themes/uapay/assets/images/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/logo/site-logo.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
57fd052509d52a7982c985a4fef8e26f55f4a1bb59cb352f348558c991066ed5
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
1104
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"450-5b9d264a2b3ca"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
gtm.js
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HCZSBT
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
wp-emoji-release.min.js
uapay.ua/wp-includes/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
4626
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 05 Nov 2019 22:16:02 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"362a-596a0c70cec80-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
percent.svg
uapay.ua/wp-content/themes/uapay/assets/images/svg/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/svg/percent.svg
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b629bcfc7d5afb81c749f5054cbdbf76c6e8cc7b529f30db808f6a5e84979319
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
W/"127f-5b9d264a2cb3a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Expires
Thu, 04 Mar 2021 02:08:49 GMT
pci-dss.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/pci-dss.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fb2cd89a21e8ea20ccae04845bca59f9c4f335db88b959c34ef435b1d2eaef06
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
2168
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"878-5b9d264a24e3a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
gdpr.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/gdpr.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
46061fad5d9056050a0536e77466695aa09ec511b2b5257f05c1813e217a7c42
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
1351
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"547-5b9d264a2466a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
ukraine.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/ukraine.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1be716bdb43599e292c04c58b0201caa58d65977875a943f248ee1a6aad1e304
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
2772
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"ad4-5b9d264a25222"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
paperless.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		777 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/paperless.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2b0a8ee81a954a2cfb06dc468e380692eaff273b342020640ea9dca4f906f48c
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
777
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"309-5b9d264a24e3a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
structure.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		975 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/structure.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e6735be586f9724a8d0c290a1837094620cee183c8bd4eacdadb75de8a9b40a5
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
975
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"3cf-5b9d264a25222"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
licence.png
uapay.ua/wp-content/themes/uapay/assets/images/about-us/ 		1007 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/about-us/licence.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
72cbc10bf5f818da0d278d8b0c0596990fb174e96263153165521f5762efa890
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
1007
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"3ef-5b9d264a24a52"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
api-cms-black.svg
uapay.ua/wp-content/themes/uapay/assets/images/svg/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/svg/api-cms-black.svg
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da72b9e7e1f72f52d02921b9c2fa2b0a33aa1c8343aec3516b0bb3d0d86420b6
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
W/"170f-5b9d264a2c752"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Expires
Thu, 04 Mar 2021 02:08:49 GMT
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1612231729.dop101.fr8.t,1612231729.cds280.fr8.hn,1612231729.cds002.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1660117
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6451
cf-request-id
080218f82400002c567998d000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dqQmoaI1gbKCnKTXk8I%2F6HKe4rL3WEpGp2sdowGokkAn0bSn3%2FDudu4QUP64XFSXGfiQy9K0KehzmBjj8PO7QAspY9ZhHBKl4al3d13gfztK4rvDGMckYAJkwS3vkjcEVg%3D%3D"}],"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61b05dd36b2c2c56-FRA
expires
Sun, 23 Jan 2022 02:08:49 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Feb 2019 16:40:57 GMT
etag
"1550076057"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15434
css3-animate-it.js
uapay.ua/wp-content/themes/uapay/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/js/css3-animate-it.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8d4c018f2eb0ca4b04de85170e3a3fbfbd5ba6f4fbe91e44415d9663787bd229
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
4588
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"41a7-5b9d264a2dec2-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
jquery.inputmask.bundle.js
rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/ 		214 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rawgit.com/RobinHerbots/jquery.inputmask/3.x/dist/jquery.inputmask.bundle.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9550 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
content-type
application/javascript;charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
080218f83a0000d6fd1b1c4000000001
rawgit-cache-status
HIT
x-robots-tag
none
server
cloudflare
etag
W/"239e0cb721224bc76940cfad39ef0f2ecf1de110e9a777ecc9e2fefa91c0fe7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=M1yKdNA2CUxy6AjYXXN%2FDgMYzqYn%2FWAEk%2FnOLl1tuR6wlKEy39vAsctcANOeBIRE7Rd%2FO2TuAVl9rTuYeIc0vwdnt7i3ClKE90dpLKxAiUIY6cwZO9FM"}],"group":"cf-nel","max_age":604800}
sunset
Tue, 01 Oct 2019 00:00:00 GMT
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
max-age=3600, s-maxage=300
cf-ray
61b05dd39ff7d6fd-FRA
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
common.js
uapay.ua/wp-content/themes/uapay/assets/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/js/common.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a8eca00735f9688f8a336fc7c036cb8d1a4e900ebf8a81ebc0e55a5ab86ec2d3
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
605
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"795-5b9d264a2dada-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
custom.min.js
uapay.ua/wp-content/themes/uapay/assets/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/js/custom.min.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5f4826950a70ff2747e3474e9e044e3bdb6de365b9834806eba7b2253caae3ea
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
4306
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:33 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"48c4-5b9d2650b60a7-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551
x-xss-protection
1; mode=block
expires
Tue, 02 Feb 2021 02:08:49 GMT
widget-bundle.js
widget.uapay.ua/vendor/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.uapay.ua/vendor/widget-bundle.js
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e9e3296f8c2a831e9d8a1a20b049d001e4cb1dbb000546ecdf6df3ba6e8e9465
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Last-Modified
Sun, 26 Jul 2020 21:51:53 GMT
Server
nginx
ETag
"5f1dfaf9-2df8"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11768
wp-embed.min.js
uapay.ua/wp-includes/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-includes/js/wp-embed.min.js?ver=5.3.6
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
Accept-Encoding, User-Agent
Content-Length
740
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Sat, 05 Oct 2019 19:49:10 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"577-5942f1cbbd980-gzip"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
application/javascript
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159871881-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3286
date
Tue, 02 Feb 2021 01:14:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 02 Feb 2021 03:14:03 GMT
loader_5_phl2a0.js
cdn.bitrix24.ru/b1283029/crm/site_button/ 		152 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bitrix24.ru/b1283029/crm/site_button/loader_5_phl2a0.js?26870528
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.132.201.50 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
65c438702916a8adfb7a72a7ebee5c07257c7ac5a07f92c2a3f8b7ad90c11686

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
last-modified
Mon, 01 Feb 2021 19:45:53 GMT
server
nginx/1.16.1
etag
W/"e64cd873f6b02bb1ee3e1b080095dde0"
content-type
application/javascript
cache-control
max-age=172800
x-bitrix-lb
lb-ru-04
server-timing
t1;dur=0.000, t2;dur=, t3;dur=, tc1;dur=45875, tc2;dur=7500, tc3;dur=20
expires
Thu, 04 Feb 2021 02:08:49 GMT
first-screen-background.svg
uapay.ua/wp-content/themes/uapay/assets/images/home-page/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/home-page/first-screen-background.svg
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
636cea7773be17e1801db5f98600626e04c0b18b71b8bc2673e9c7ffc7e6a199
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
W/"12a1-5b9d264a2abfa"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Expires
Thu, 04 Mar 2021 02:08:49 GMT
checkout.png
uapay.ua/wp-content/themes/uapay/assets/images/home-page/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/home-page/checkout.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fd524f14565f19e983ebffca934e2d88a15a68bf8f13dff3e204e2bd5c6c5ca3
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
33719
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"83b7-5b9d264a2a812"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
mass-payouts.png
uapay.ua/wp-content/themes/uapay/assets/images/home-page/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/home-page/mass-payouts.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a2bdeb8457bccc0c3ddf41ef302701de7a3a51a56d42289ae8d4dcd799b3cc58
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
19733
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"4d15-5b9d264a2abfa"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
penalti.png
uapay.ua/wp-content/themes/uapay/assets/images/home-page/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/home-page/penalti.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2435eebef5ac52163209d9dd74fb261bed9d95aab187f6120188ca821e31fb60
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
9073
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"2371-5b9d264a2afe2"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
safe-deals.png
uapay.ua/wp-content/themes/uapay/assets/images/home-page/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/home-page/safe-deals.png
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8d2e9e483cd0a978e7f94feb7bf5d94c4cf39d2a871c2d0ad22ff383068e031e
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
26932
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"6934-5b9d264a2afe2"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/png
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
footer.svg
uapay.ua/wp-content/themes/uapay/assets/images/svg/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/images/svg/footer.svg
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
372a7568b14004265b28c7f50b7cc370e75c1ee0f685afe211ab9df2988e0951
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
W/"95c-5b9d264a2cb3a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Expires
Thu, 04 Mar 2021 02:08:49 GMT
Roboto-Regular.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/Roboto/ 		167 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
171272
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"29d08-5b9d264a1a25a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
GothamPro-Bold.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/GothamPro-Bold.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7bc28964cb6513fb14e233c8e9d4452c13218a72b3780835612dc56bf8512f56
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
40856
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"9f98-5b9d264a16f92"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
GothamPro-Medium.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/GothamPro-Medium.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
433c5ce7a0bd4598055ccadeb56fc890df33b0c757fe542d272cadd56395b6cb
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
40552
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"9e68-5b9d264a17b4a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
GothamPro.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/GothamPro.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
40464
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"9e10-5b9d264a1831a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
GothamPro-Black.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/GothamPro-Black.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
270d30776b7e5ccf0560b08e0db009f4b1d9753d43689d1e20bb1065e2a3c157
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
40024
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"9c58-5b9d264a167c2"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Origin
https://uapay.ua
Referer
https://use.fontawesome.com/releases/v5.3.1/css/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
last-modified
Tue, 28 Aug 2018 18:00:53 GMT
server
NetDNA-cache/2.2
etag
"14a08198ec7d1eb96d515362293fed36"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
67400
GothamPro-Italic.ttf
uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/ 		41 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://uapay.ua/wp-content/themes/uapay/assets/fonts/GothamPro/GothamPro-Italic.ttf
Requested by
Host: uapay.ua
URL: https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-52.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7ca3658f60443b8e9f6d3f76a89b236852209524a3eaa47aade02f981247f511
Security Headers
Name Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff
X-Frame-Options sameorigin, SAMEORIGIN

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/wp-content/themes/uapay/assets/css/main.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 02 Feb 2021 02:08:49 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Feature-Policy-Report-Only
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/
Vary
User-Agent
Content-Length
41960
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Last-Modified
Tue, 26 Jan 2021 19:09:26 GMT
Server
nginx
X-Frame-Options
sameorigin, SAMEORIGIN
ETag
"a3e8-5b9d264a1737a"
Strict-Transport-Security
max-age=31536000, max-age=31536000
Content-Type
font/ttf
Cache-Control
max-age=2592000
Feature-Policy
microphone 'none'; geolocation 'none'; report-uri /csp-violation-report-endpoint/, microphone 'none'; geolocation 'none'
Content-Security-Policy
default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';, default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Accept-Ranges
bytes
Expires
Thu, 04 Mar 2021 02:08:49 GMT
collect
www.google-analytics.com/j/ 		2 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1763263539&t=pageview&_s=1&dl=https%3A%2F%2Fuapay.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%B0%D1%86%D1%96%D0%BE%D0%BD%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9%20%D0%BF%D0%BB%D0%B0%D1%82%D1%96%D0%B6%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B5%D1%80%D0%B2%D1%96%D1%81%20UAPAY%20%E2%80%93%20%D0%B7%D0%B1%D1%96%D0%BB%D1%8C%D1%88%D1%83%D0%B9%D1%82%D0%B5%20%D0%BE%D0%B1%D0%BE%D1%80%D0%BE%D1%82%20%D0%B2%D0%B0%D1%88%D0%BE%D0%B3%D0%BE%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD-%D0%B1%D1%96%D0%B7%D0%BD%D0%B5%D1%81%D1%83%20%D1%96%20%D0%BB%D0%BE%D1%8F%D0%BB%D1%8C%D0%BD%D1%96%D1%81%D1%82%D1%8C%20%D0%BA%D0%BB%D1%96%D1%94%D0%BD%D1%82%D1%96%D0%B2%20UAPAY.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1070015091&gjid=1939869514&cid=297381555.1612231729&tid=UA-159871881-1&_gid=1628280611.1612231729&_r=1&gtm=2ou1k0&z=368364127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 02:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uapay.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/ 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/2Mfykwl2mlvyQZQ3PEgoH710/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://uapay.ua
Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 01:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2322
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132389
x-xss-protection
0
last-modified
Mon, 01 Feb 2021 05:06:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Feb 2022 01:30:07 GMT
call.tracker.js
cdn.bitrix24.ru/b1283029/crm/tag/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bitrix24.ru/b1283029/crm/tag/call.tracker.js?26870528
Requested by
Host: cdn.bitrix24.ru
URL: https://cdn.bitrix24.ru/b1283029/crm/site_button/loader_5_phl2a0.js?26870528
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.132.201.50 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
19bef855d38ba6d94c7fc89ebc746a7d68669ac0a61c6f98ed6902f998b0fe0e

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 02:08:49 GMT
content-encoding
gzip
last-modified
Tue, 22 Dec 2020 17:51:40 GMT
server
nginx/1.16.1
etag
W/"39bf42db3d4a7298b9ad0837ac4540ae"
content-type
application/javascript
cache-control
max-age=2592000
x-bitrix-lb
lb-ru-04
server-timing
t1;dur=0.131, t2;dur=0.131, t3;dur=0.000, tc1;dur=45750, tc2;dur=750, tc3;dur=25
expires
Thu, 04 Mar 2021 02:08:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-159871881-1&cid=297381555.1612231729&jid=1070015091&gjid=1939869514&_gid=1628280611.1612231729&_u=IEBAAUAAAAAAAC~&z=639198933
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 02 Feb 2021 02:08:49 GMT
content-type
text/plain
access-control-allow-origin
https://uapay.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-159871881-1&cid=297381555.1612231729&jid=1070015091&_u=IEBAAUAAAAAAAC~&z=765424368
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 02:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-159871881-1&cid=297381555.1612231729&jid=1070015091&_u=IEBAAUAAAAAAAC~&z=765424368
Requested by
Host: uapay.ua
URL: https://uapay.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uapay.ua/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Feb 2021 02:08:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| gtag object| _wpemojiSettings object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Popper object| bootstrap object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData function| Inputmask function| switchToUaLocale function| switchToRuLocale function| switchToEnLocale function| showUserAccountSidebar function| hideUserAccountSidebar object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| UAPAY object| b24Tracker object| b24order object| BX object| recaptcha number| delay

3 Cookies

Domain/Path Name / Value
.uapay.ua/ Name: _gat_gtag_UA_159871881_1
Value: 1
.uapay.ua/ Name: _gid
Value: GA1.2.1628280611.1612231729
.uapay.ua/ Name: _ga
Value: GA1.2.297381555.1612231729

2 Console Messages

Source Level URL
Text
console-api log URL: https://uapay.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://widget.uapay.ua/vendor/widget-bundle.js(Line 1)
Message:
[object Window]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; default-src * data: mediastream: blob: filesystem: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bitrix24.ru
cdnjs.cloudflare.com
code.jquery.com
m0o.me
rawgit.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
uapay.ua
use.fontawesome.com
widget.uapay.ua
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
178.132.201.50
193.233.15.162
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
23.111.9.35
2606:4700:3034::ac43:9550
2606:4700::6810:135e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:81e::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:400c:c00::9b
52.29.0.52
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0e96d39b22a36b74c20f9f1da4d08ced81640bcf6e39974745663a3a5f390fa6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19bef855d38ba6d94c7fc89ebc746a7d68669ac0a61c6f98ed6902f998b0fe0e
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1be716bdb43599e292c04c58b0201caa58d65977875a943f248ee1a6aad1e304
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2435eebef5ac52163209d9dd74fb261bed9d95aab187f6120188ca821e31fb60
270d30776b7e5ccf0560b08e0db009f4b1d9753d43689d1e20bb1065e2a3c157
2b0a8ee81a954a2cfb06dc468e380692eaff273b342020640ea9dca4f906f48c
372a7568b14004265b28c7f50b7cc370e75c1ee0f685afe211ab9df2988e0951
433c5ce7a0bd4598055ccadeb56fc890df33b0c757fe542d272cadd56395b6cb
46061fad5d9056050a0536e77466695aa09ec511b2b5257f05c1813e217a7c42
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
57fd052509d52a7982c985a4fef8e26f55f4a1bb59cb352f348558c991066ed5
5cbeb9095648444ae26ad665785931d937a10bc83b78f2cf51eaefea0dc0ec21
5f4826950a70ff2747e3474e9e044e3bdb6de365b9834806eba7b2253caae3ea
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
636cea7773be17e1801db5f98600626e04c0b18b71b8bc2673e9c7ffc7e6a199
65c438702916a8adfb7a72a7ebee5c07257c7ac5a07f92c2a3f8b7ad90c11686
72cbc10bf5f818da0d278d8b0c0596990fb174e96263153165521f5762efa890
78dfc9e756bea3d3a757ed8f5b2e823abab3c9212634f669af7a7b4fbb14662f
7a05b2909a572116c35e4d4bbcd50b6f92a6372fba8321010365dca5558dee64
7acd1a3190ce8d6348df9ab294f6167a6cecd68625055ce62600b7922bdf8341
7bc28964cb6513fb14e233c8e9d4452c13218a72b3780835612dc56bf8512f56
7ca3658f60443b8e9f6d3f76a89b236852209524a3eaa47aade02f981247f511
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d2e9e483cd0a978e7f94feb7bf5d94c4cf39d2a871c2d0ad22ff383068e031e
8d4c018f2eb0ca4b04de85170e3a3fbfbd5ba6f4fbe91e44415d9663787bd229
9a1a6e71c1607e636a98bcebe49e3b67aa9ef9fa16cf31a2909f92655e1c928a
a2bdeb8457bccc0c3ddf41ef302701de7a3a51a56d42289ae8d4dcd799b3cc58
a8eca00735f9688f8a336fc7c036cb8d1a4e900ebf8a81ebc0e55a5ab86ec2d3
b629bcfc7d5afb81c749f5054cbdbf76c6e8cc7b529f30db808f6a5e84979319
c1c07ebcbd346b8d5b9a33219fce562ae37d9885563f6dabae6cd104bfd54827
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
d43110407b105703a22c4298c8087277273697f53fc2ddaeebf891e108f364b4
da72b9e7e1f72f52d02921b9c2fa2b0a33aa1c8343aec3516b0bb3d0d86420b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e02da845387edbdd44fcaeb3f005b99d5ad96eade3ce2d1a392c85a56f627e1c
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6735be586f9724a8d0c290a1837094620cee183c8bd4eacdadb75de8a9b40a5
e9e3296f8c2a831e9d8a1a20b049d001e4cb1dbb000546ecdf6df3ba6e8e9465
ec72a7b50c4af3ab64446d75a06d42afaba55978c7b73a67a9742b4a8d7dc2af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f58c628c6677d27201d6c8c5eff20c266055f7edf22cf229de6f155d93bce671
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fb2cd89a21e8ea20ccae04845bca59f9c4f335db88b959c34ef435b1d2eaef06
fd524f14565f19e983ebffca934e2d88a15a68bf8f13dff3e204e2bd5c6c5ca3