halkbank.pp.ua Open in urlscan Pro
2606:4700:30::681b:a5b9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://halkbank.pp.ua/
Submission: On August 26 via automatic, source certstream-suspicious (August 26th 2019, 5:59:35 pm UTC)

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 17 HTTP transactions. The main IP is 2606:4700:30::681b:a5b9, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is halkbank.pp.ua.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 26th 2019. Valid for: a year.

This is the only time halkbank.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:30:... 2606:4700:30::681b:a5b9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 4	88.212.196.101 88.212.196.101	39134 (UNITEDNET) (UNITEDNET)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a02:27aa::c8 2a02:27aa::c8	59729 (ITL-) (ITL-)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
2 2	51.75.49.94 51.75.49.94	16276 (OVH) (OVH)
1	2606:4700:30:... 2606:4700:30::681b:ab18	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	144.202.53.144 144.202.53.144	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
17	9

3 2606:4700:30::681b:a5b9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

halkbank.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.196.101 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host01.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:27aa::c8 (Nesebar, Bulgaria)

ASN59729 (ITL-, BG)

ipv6alt.antibot.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.49.94 (Poland) 2 redirects

ASN16276 (OVH, FR)
PTR: edugram.com

ad.edugram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edugram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:ab18 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

apessay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.202.53.144 (Elk Grove Village, United States) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 144.202.53.144.vultr.com

expertwriting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	yandex.ru 1 redirects mc.yandex.ru	185 KB
4	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	pp.ua halkbank.pp.ua	4 KB
2	expertwriting.org 1 redirects expertwriting.org	896 B
2	edugram.com 2 redirects ad.edugram.com edugram.com	466 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	29 KB
1	apessay.com apessay.com
1	jquery.com code.jquery.com	82 KB
1	antibot.cloud ipv6alt.antibot.cloud ipv6main.antibot.cloud Failed	597 B
17	9

	Domain	Requested by
6	mc.yandex.ru	1 redirects halkbank.pp.ua mc.yandex.ru
4	counter.yadro.ru	2 redirects halkbank.pp.ua
3	halkbank.pp.ua	ipv6alt.antibot.cloud halkbank.pp.ua
2	expertwriting.org	1 redirects halkbank.pp.ua
2	maxcdn.bootstrapcdn.com	halkbank.pp.ua
1	apessay.com	halkbank.pp.ua
1	edugram.com	1 redirects
1	ad.edugram.com	1 redirects
1	code.jquery.com	halkbank.pp.ua
1	ipv6alt.antibot.cloud	halkbank.pp.ua
0	ipv6main.antibot.cloud Failed	halkbank.pp.ua
17	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-26` - `2020-08-25`	a year	crt.sh
counter.yadro.ru COMODO ECC Domain Validation Secure Server CA	`2018-04-09` - `2020-04-08`	2 years	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
ipv4alt.antibot.cloud Let's Encrypt Authority X3	`2019-07-31` - `2019-10-29`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
sni179723.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-23` - `2020-01-29`	6 months	crt.sh
expertwriting.org COMODO RSA Domain Validation Secure Server CA	`2018-12-03` - `2019-12-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://halkbank.pp.ua/
Frame ID: C0B1E2EF4DBF7C09ECDA58E5D1D899C8
Requests: 15 HTTP requests in this frame

Frame: https://apessay.com/order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310
Frame ID: A772640207CA62D70A1115845940782F
Requests: 1 HTTP requests in this frame

Frame: https://expertwriting.org/
Frame ID: D4064126DE9B53DC3C62D903211D84BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://halkbank.pp.ua/ Page URL
https://halkbank.pp.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<script[^<>]*>[^]{0,128}?src\s*=\s*['"]\/\/counter\.yadro\.ru\/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r/i
html //i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

94 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

301 kB
Transfer

1147 kB
Size

30
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://halkbank.pp.ua/ Page URL
https://halkbank.pp.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://counter.yadro.ru/hit;edugram?r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081 HTTP 302
https://counter.yadro.ru/hit;edugram?q;r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081

Request Chain 3

https://mc.yandex.ru/watch/55023166?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190826195919%3Aet%3A1566842359%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A353155010%3Ahid%3A633713127%3Ads%3A31%2C28%2C344%2C1%2C0%2C0%2C0%2C33%2C0%2C%2C%2C%2C439%3Afp%3A443%3Awn%3A61574%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1566842359%3Au%3A156684235931397041%3At%3AJust%20a%20moment... HTTP 302
https://mc.yandex.ru/watch/55023166/1?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190826195919%3Aet%3A1566842359%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A353155010%3Ahid%3A633713127%3Ads%3A31%2C28%2C344%2C1%2C0%2C0%2C0%2C33%2C0%2C%2C%2C%2C439%3Afp%3A443%3Awn%3A61574%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1566842359%3Au%3A156684235931397041%3At%3AJust%20a%20moment...

Request Chain 10

https://ad.edugram.com/order?rid=f2efe9b80fb6b01a HTTP 301
https://edugram.com/link/order?rid=f2efe9b80fb6b01a HTTP 302
https://apessay.com/order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310

Request Chain 11

https://expertwriting.org/?cid=33614 HTTP 302
https://expertwriting.org/

Request Chain 12

https://counter.yadro.ru/hit;edugram?rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906 HTTP 302
https://counter.yadro.ru/hit;edugram?q;rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
halkbank.pp.ua/ 6 KB
3 KB 403ms
344ms Document
text/html 2606:4700:30::681b:a5b9
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://halkbank.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a5b9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9ee0669871712026e8131ff5f54ef665f89ba1e2aeb410496bdb825e2f1e82a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

:method: GET
:authority: halkbank.pp.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Mon, 26 Aug 2019 17:59:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7690cfc0c247b10a109d24530bbc03891566842358; expires=Tue, 25-Aug-20 17:59:18 GMT; path=/; domain=.halkbank.pp.ua; HttpOnly ab_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-powered-cms: Antibot.Cloud (See: https://antibot.cloud/)
x-robots-tag: noindex
x-frame-options: DENY
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 50c7b2e5c9cbcbd0-VIE
content-encoding: br

GET
H/1.1

200
OK

hit;edugram
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;edugram?r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081
https://counter.yadro.ru/hit;edugram?q;r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081

43 B
421 B

65ms
65ms

Image
image/gif

88.212.196.101
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;edugram?q;r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.196.101 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host01.rax.ru
Software: nginx/1.11.1 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:19 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 25 Aug 2018 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:19 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;edugram?q;r;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hJust%20a%20moment...;0.3522969532493081
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 25 Aug 2018 21:00:00 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 353 KB
91 KB 144ms
144ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 26 Aug 2019 17:59:19 GMT
Content-Encoding: br
Last-Modified: Wed, 14 Aug 2019 12:43:05 GMT
Server: nginx/1.14.2
ETag: "5d5401d9-16999"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 92569
Expires: Mon, 26 Aug 2019 18:59:19 GMT

GET
H/1.1

200
OK

1 Show response
mc.yandex.ru/watch/55023166/
Redirect Chain

https://mc.yandex.ru/watch/55023166?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136261...
https://mc.yandex.ru/watch/55023166/1?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661362...

152 B
702 B

79ms
79ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55023166/1?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190826195919%3Aet%3A1566842359%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A353155010%3Ahid%3A633713127%3Ads%3A31%2C28%2C344%2C1%2C0%2C0%2C0%2C33%2C0%2C%2C%2C%2C439%3Afp%3A443%3Awn%3A61574%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1566842359%3Au%3A156684235931397041%3At%3AJust%20a%20moment...

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

1290ad03faa418935bc5a5873cc36ae0beb3e52f371bd0480a1388dac4fc83fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26-Aug-2019 17:59:19 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://halkbank.pp.ua
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Mon, 26-Aug-2019 17:59:19 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:19 GMT
Last-Modified: Mon, 26-Aug-2019 17:59:19 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://halkbank.pp.ua
Strict-Transport-Security: max-age=31536000
Location: /watch/55023166/1?wmode=7&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842358618%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190826195919%3Aet%3A1566842359%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A353155010%3Ahid%3A633713127%3Ads%3A31%2C28%2C344%2C1%2C0%2C0%2C0%2C33%2C0%2C%2C%2C%2C439%3Afp%3A443%3Awn%3A61574%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1566842359%3Au%3A156684235931397041%3At%3AJust%20a%20moment...
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 26-Aug-2019 17:59:19 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 68ms
68ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 26 Aug 2019 17:59:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.14.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Mon, 26 Aug 2019 18:59:19 GMT

GET
H2 200 cloud5.php Show response
ipv6alt.antibot.cloud/content/ 349 B
597 B 196ms
94ms Script
application/javascript 2a02:27aa::c8
ITL-

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6alt.antibot.cloud/content/cloud5.php?h1=d43ef8fdf2cf449836d35d247ae74367&h2=856c79d436f56ca34e7283ec4e1da7d7&ip=2a01:4f8:192:5414::2&via=&v=5.05&r=&rand=1566842358

Requested by

Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:27aa::c8 Nesebar, Bulgaria, ASN59729 (ITL-, BG),

Reverse DNS

Software

nginx /

Resource Hash

e858b8cdba12a3e414c60e132492f3dbd8971d6f9def5a117c498d7213958dcd

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 17:59:22 GMT
content-encoding: gzip
server: nginx
x-frame-options: DENY
x-powered-cms: Antibot.Cloud (See: https://antibot.cloud/)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET cloud5.php
ipv6main.antibot.cloud/content/ 0
0

GET
H2 200 Primary Request / Show response
halkbank.pp.ua/ 4 KB
2 KB 340ms
340ms Document
text/html 2606:4700:30::681b:a5b9
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://halkbank.pp.ua/
Requested by: Host: ipv6alt.antibot.cloud
URL: https://ipv6alt.antibot.cloud/content/cloud5.php?h1=d43ef8fdf2cf449836d35d247ae74367&h2=856c79d436f56ca34e7283ec4e1da7d7&ip=2a01:4f8:192:5414::2&via=&v=5.05&r=&rand=1566842358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:a5b9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8329d286ddc86fb031e5729108db4eb281d22db325f3cc48d0ebd6bea44a5ab7

Request headers

:method: GET
:authority: halkbank.pp.ua
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://halkbank.pp.ua/
accept-encoding: gzip, deflate, br
cookie: __cfduid=d7690cfc0c247b10a109d24530bbc03891566842358; _ym_uid=156684235931397041; _ym_d=1566842359; _ym_isad=2; _ym_visorc_55023166=w; antibot=a30f9d60cad4c4875d40d3a69107bba6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://halkbank.pp.ua/

Response headers

status: 200
date: Mon, 26 Aug 2019 17:59:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: ab_referer=https%3A%2F%2Fhalkbank.pp.ua%2F; expires=Fri, 25-Oct-2019 17:59:22 GMT; Max-Age=5184000; path=/
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 50c7b2fc1eadcbd0-VIE
content-encoding: br

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
19 KB 26ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 17:59:22 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H/1.1 200
OK jquery.js Show response
code.jquery.com/ 276 KB
82 KB 169ms
53ms Script
application/javascript 2001:4de0:ac18::1:a:3b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 26 Aug 2019 17:59:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
ETag: W/"54499a48-4508e"
Vary: Accept-Encoding
X-HW: 1566842362.dop143.fr8.t,1566842362.cds141.fr8.shn,1566842362.dop143.fr8.t,1566842362.cds051.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 23ms
7ms Script
text/javascript 2001:4de0:ac19::1:b:2b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 17:59:22 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2

200

/
apessay.com/order/ Frame A772
Redirect Chain

https://ad.edugram.com/order?rid=f2efe9b80fb6b01a
https://edugram.com/link/order?rid=f2efe9b80fb6b01a
https://apessay.com/order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310

0
0

574ms
507ms

Document
text/html

2606:4700:30::681b:ab18
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://apessay.com/order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310

Requested by

Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:ab18 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / PHP/7.2.20

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:method: GET
:authority: apessay.com
:scheme: https
:path: /order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://halkbank.pp.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://halkbank.pp.ua/

Response headers

status: 200
date: Mon, 26 Aug 2019 17:59:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d02562c4477e2d931762bfcec9a5778721566842363; expires=Tue, 25-Aug-20 17:59:23 GMT; path=/; domain=.apessay.com; HttpOnly PHPSESSID=j9283agu074gpd11kl9kud22eo; path=/; domain=.edugram.com utm_data=a%3A1%3A%7Bs%3A5%3A%22query%22%3Bs%3A63%3A%22rid%3Df2efe9b80fb6b01a%26edugram_request_id%3D5d641dfb030cd8.23883310%22%3B%7D; expires=Tue, 27-Aug-2019 23:59:23 GMT; Max-Age=108000; path=/ locale=en; path=/ ref=f2efe9b80fb6b01a; expires=Tue, 27-Aug-2019 17:59:23 GMT; Max-Age=86400; path=/
vary: Accept-Encoding
x-powered-by: PHP/7.2.20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-served-by: php_xweb02
strict-transport-security: max-age=63072000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 50c7b3019b78cba0-VIE
content-encoding: br

Redirect headers

status: 302
server: nginx
date: Mon, 26 Aug 2019 17:59:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.20
set-cookie: PHPSESSID=9naugr7c8k0h8fil1taa9ogf2t; path=/; domain=.edugram.com
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://apessay.com/order/?rid=f2efe9b80fb6b01a&edugram_request_id=5d641dfb030cd8.23883310
x-served-by: php_xweb02
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H/1.1

200
OK

Cookie set /
expertwriting.org/ Frame D406
Redirect Chain

https://expertwriting.org/?cid=33614
https://expertwriting.org/

0
0

113ms
113ms

Document
text/html

144.202.53.144
Choopa

General

Check archive.org

Show headers Download Go to

Full URL

https://expertwriting.org/

Requested by

Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.202.53.144 Elk Grove Village, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),

Reverse DNS

144.202.53.144.vultr.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: expertwriting.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://halkbank.pp.ua/
Accept-Encoding: gzip, deflate, br
Cookie: PHPSESSID=s9g3dl8udu7qin1n9eg1561rh7; exw_af=33614; exw_id=087c93e5d8356e40f89385f2199b75c1; exw_st=a49b99fef8506d294a1853c243fa0c28
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://halkbank.pp.ua/

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 26 Aug 2019 17:59:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: exw_af=33614; expires=Tue, 24-Dec-2019 17:59:23 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org exw_id=087c93e5d8356e40f89385f2199b75c1; expires=Tue, 24-Dec-2019 17:59:23 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org exw_st=a49b99fef8506d294a1853c243fa0c28; expires=Tue, 24-Dec-2019 17:59:23 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 26 Aug 2019 17:59:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie: PHPSESSID=s9g3dl8udu7qin1n9eg1561rh7; path=/ exw_af=33614; expires=Tue, 24-Dec-2019 17:59:22 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org exw_id=087c93e5d8356e40f89385f2199b75c1; expires=Tue, 24-Dec-2019 17:59:22 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org exw_st=a49b99fef8506d294a1853c243fa0c28; expires=Tue, 24-Dec-2019 17:59:22 GMT; Max-Age=10368000; path=/; domain=.expertwriting.org
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: /
Strict-Transport-Security: max-age=31536000

GET
H/1.1

200
OK

hit;edugram
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;edugram?rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906
https://counter.yadro.ru/hit;edugram?q;rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906

43 B
273 B

65ms
65ms

Image
image/gif

88.212.196.101
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;edugram?q;rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.196.101 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host01.rax.ru
Software: nginx/1.11.1 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:22 GMT
Server: nginx/1.11.1
Content-Type: image/gif
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 25 Aug 2018 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:22 GMT
Server: nginx/1.11.1
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;edugram?q;rhttps%3A//halkbank.pp.ua/;s1600*1200*24;uhttps%3A//halkbank.pp.ua/;hEssay%20writing;0.11915097241415906
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 25 Aug 2018 21:00:00 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 353 KB
91 KB 153ms
152ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 26 Aug 2019 17:59:22 GMT
Content-Encoding: br
Last-Modified: Wed, 14 Aug 2019 12:43:05 GMT
Server: nginx/1.14.2
ETag: "5d5401d9-16999"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 92569
Expires: Mon, 26 Aug 2019 18:59:22 GMT

POST
H2 200 cntr.php Show response
halkbank.pp.ua/ 2 B
82 B 346ms
345ms XHR
text/html 2606:4700:30::681b:a5b9
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://halkbank.pp.ua/cntr.php
Requested by: Host: halkbank.pp.ua
URL: https://halkbank.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:a5b9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Sec-Fetch-Mode: cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

cf-ray: 50c7b2ff78a8cbd0-VIE
date: Mon, 26 Aug 2019 17:59:23 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
x-robots-tag: noindex

POST
H/1.1 200
OK 55023187 Show response
mc.yandex.ru/watch/ 152 B
702 B 136ms
135ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/55023187?wmode=7&page-ref=https%3A%2F%2Fhalkbank.pp.ua%2F&page-url=https%3A%2F%2Fhalkbank.pp.ua%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1566842362249%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20190826195923%3Aet%3A1566842363%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A702353574%3Ahid%3A19493328%3Ads%3A0%2C0%2C340%2C1%2C1%2C0%2C0%2C197%2C4%2C%2C%2C%2C543%3Afp%3A717%3Awn%3A61574%3Ahl%3A2%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1566842363%3Au%3A156684235931397041%3At%3AEssay%20writing

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

9378a2f22a8d4eff246bdb1f1f4c308813e921169e71ee9090924d229cc6006f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://halkbank.pp.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 26 Aug 2019 17:59:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 26-Aug-2019 17:59:23 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://halkbank.pp.ua
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Mon, 26-Aug-2019 17:59:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ipv6main.antibot.cloud
URL: https://ipv6main.antibot.cloud/content/cloud5.php?h1=d43ef8fdf2cf449836d35d247ae74367&h2=856c79d436f56ca34e7283ec4e1da7d7&ip=2a01:4f8:192:5414::2&via=&v=5.05&r=&rand=1566842358

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 03:14:04	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7aOV1KHtXLk
.youtube.com/	1970-01-19 07:33:14	Name: VISITOR_INFO1_LIVE Value: uucBzHVbL18
.expertwriting.org/	1970-01-19 05:23:38	Name: _fbp Value: fb.1.1566842364209.799639998
.expertwriting.org/	1970-01-19 06:06:50	Name: exw_st Value: a49b99fef8506d294a1853c243fa0c28
.expertwriting.org/	1970-01-19 20:45:14	Name: _ga Value: GA1.2.1570080043.1566842364
.expertwriting.org/	1970-01-19 06:06:50	Name: exw_id Value: 087c93e5d8356e40f89385f2199b75c1
.apessay.com/	1970-01-19 03:14:02	Name: _dc_gtm_UA-121800452-1 Value: 1
.expertwriting.org/	1970-01-19 06:06:50	Name: exw_af Value: 33614
.youtube.com/	1970-01-19 09:04:40	Name: PREF Value: f1=50000000
.halkbank.pp.ua/	1970-01-19 03:14:04	Name: _ym_visorc_55023166 Value: w
.apessay.com/	1970-01-19 20:45:14	Name: _ga Value: GA1.2.1284811838.1566842364
apessay.com/	1970-01-19 03:15:28	Name: ref Value: f2efe9b80fb6b01a
.halkbank.pp.ua/	1970-01-19 11:59:38	Name: _ym_d Value: 1566842359
expertwriting.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: s9g3dl8udu7qin1n9eg1561rh7
apessay.com/	1969-12-31 23:59:59	Name: locale Value: en
.expertwriting.org/	1970-01-19 11:59:38	Name: __zlcmid Value: tyiUVrEKoBGPAH
.expertwriting.org/	1970-01-19 03:15:28	Name: _gid Value: GA1.2.1780337404.1566842364
.halkbank.pp.ua/	1970-01-19 03:15:14	Name: _ym_isad Value: 2
apessay.com/	1970-01-19 03:15:50	Name: utm_data Value: a%3A1%3A%7Bs%3A5%3A%22query%22%3Bs%3A63%3A%22rid%3Df2efe9b80fb6b01a%26edugram_request_id%3D5d641dfb030cd8.23883310%22%3B%7D
.halkbank.pp.ua/	1970-01-19 11:59:38	Name: _ym_uid Value: 156684235931397041
.expertwriting.org/	1970-01-19 03:14:02	Name: _gat_UA-100320683-1 Value: 1
.apessay.com/	1970-01-19 11:59:38	Name: __cfduid Value: d02562c4477e2d931762bfcec9a5778721566842363
.halkbank.pp.ua/	1970-01-19 03:14:04	Name: _ym_visorc_55023187 Value: w
halkbank.pp.ua/	1970-01-19 03:15:28	Name: hit Value: 1
halkbank.pp.ua/	1970-01-19 04:40:26	Name: ab_referer Value: https%3A%2F%2Fhalkbank.pp.ua%2F
.apessay.com/	1970-01-19 03:15:28	Name: _gid Value: GA1.2.541128288.1566842364
.expertwriting.org/	1970-01-19 11:59:38	Name: _hjid Value: 71fbe90a-6907-4afa-a371-a92d879aa962
.halkbank.pp.ua/	1970-01-19 11:59:38	Name: __cfduid Value: d7690cfc0c247b10a109d24530bbc03891566842358
halkbank.pp.ua/	1970-01-19 03:15:28	Name: antibot Value: a30f9d60cad4c4875d40d3a69107bba6

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.edugram.com
apessay.com
code.jquery.com
counter.yadro.ru
edugram.com
expertwriting.org
halkbank.pp.ua
ipv6alt.antibot.cloud
ipv6main.antibot.cloud
maxcdn.bootstrapcdn.com
mc.yandex.ru
ipv6main.antibot.cloud
144.202.53.144
2001:4de0:ac18::1:a:3b
2001:4de0:ac19::1:b:2b
2606:4700:30::681b:a5b9
2606:4700:30::681b:ab18
2a02:27aa::c8
2a02:6b8::1:119
51.75.49.94
88.212.196.101
1290ad03faa418935bc5a5873cc36ae0beb3e52f371bd0480a1388dac4fc83fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
8329d286ddc86fb031e5729108db4eb281d22db325f3cc48d0ebd6bea44a5ab7
9378a2f22a8d4eff246bdb1f1f4c308813e921169e71ee9090924d229cc6006f
a9ee0669871712026e8131ff5f54ef665f89ba1e2aeb410496bdb825e2f1e82a
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
e858b8cdba12a3e414c60e132492f3dbd8971d6f9def5a117c498d7213958dcd
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

halkbank.pp.ua Open in urlscan Pro 2606:4700:30::681b:a5b9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

94 %HTTPS

67 %IPv6

9 Domains

11 Subdomains

9 IPs

5 Countries

301 kBTransfer

1147 kBSize

30 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

30 Cookies

Security Headers

Indicators

halkbank.pp.ua Open in urlscan Pro
2606:4700:30::681b:a5b9 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

67 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

301 kB
Transfer

1147 kB
Size

30
Cookies

17 HTTP transactions
0 data transactions