cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com Open in urlscan Pro
67.207.77.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Submission: On April 12 via api (April 12th 2024, 12:29:23 am UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 35 HTTP transactions. The main IP is 67.207.77.53, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on March 6th 2024. Valid for: 3 months.

This is the only time cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	67.207.77.53 67.207.77.53	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.72 99.86.4.72	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:236e:ec00:1e:9742:1680:21	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.30 13.35.58.30	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	18.245.31.107 18.245.31.107	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	3.5.71.163 3.5.71.163	16509 (AMAZON-02) (AMAZON-02)
35	14

11 67.207.77.53 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-72.fra6.r.cloudfront.net

tag.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:ec00:1e:9742:1680:21 (United States)

ASN16509 (AMAZON-02, US)

d14jnfavjicsbe.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-30.fra60.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-107.fra56.r.cloudfront.net

api.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.5.71.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

sleeknotestaticcontent.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	aminbenmesk.com cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com	399 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2490	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	314 KB
3	amazonaws.com sleeknotestaticcontent.s3.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 47197	118 KB
3	getdrip.com tag.getdrip.com — Cisco Umbrella Rank: 28863 api.getdrip.com — Cisco Umbrella Rank: 32487	4 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
2	gstatic.com fonts.gstatic.com	47 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 795 script.hotjar.com — Cisco Umbrella Rank: 1208	59 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 94	425 B
1	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 20487	2 KB
1	cloudfront.net d14jnfavjicsbe.cloudfront.net	29 KB
35	11

	Domain	Requested by
11	cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com	cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
4	www.googletagmanager.com	cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com www.googletagmanager.com
3	sleeknotestaticcontent.s3.eu-west-1.amazonaws.com	sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.s3.eu-west-1.amazonaws.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	fonts.googleapis.com	cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
2	fonts.gstatic.com	fonts.googleapis.com
2	api.getdrip.com	d14jnfavjicsbe.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	sleeknotecustomerscripts.sleeknote.com	tag.getdrip.com
1	d14jnfavjicsbe.cloudfront.net	tag.getdrip.com
1	region1.google-analytics.com	www.googletagmanager.com
1	tag.getdrip.com	cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
1	static.hotjar.com	www.googletagmanager.com
35	14

This site contains no links.

Subject Issuer	Validity	Valid
ZeroSSL ECC Domain Secure Site CA	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.getdrip.com Amazon RSA 2048 M03	`2023-11-29` - `2024-12-27`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.sleeknote.com Amazon RSA 2048 M02	`2024-01-23` - `2025-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Frame ID: E00CE8E76207A6EB51B2B27BDCB588A0
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

35
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

997 kB
Transfer

3299 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/ 3 KB
2 KB 492ms
64ms Document
text/html 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy Cowboy /

Resource Hash

c0353e7cf726ca4c6f038af1097b8f742cd462fa77ab481899c0baae11f20552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: de-DE
content-type: text/html;charset=UTF-8
date: Fri, 12 Apr 2024 00:29:18 GMT
expires: 0
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
pragma: no-cache
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D
server: Caddy Cowboy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-folio-forwarded-host: cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 styles-b83a6ccf592731b298622783b2950620.css
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 478 KB
59 KB 38ms
37ms Stylesheet
text/css 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/styles-b83a6ccf592731b298622783b2950620.css

Requested by

Host: cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
URL: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

c6e21573741e96cda5d5035502c7f45c41d753e3a83d921bd624db0fa1cf8b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D"}]}
content-type: text/css
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 case-study-view-efacfbb5082e20400cdf107dd431d2c8.css
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 182 KB
23 KB 39ms
38ms Stylesheet
text/css 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/case-study-view-efacfbb5082e20400cdf107dd431d2c8.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

cee92bbb2d5709dd043785559714d145bf0886cd1649e1bddcda882fb9b623c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D"}]}
content-type: text/css
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 bundle-8d3ad0136a4895784e1c557f87d62359.js Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 721 KB
182 KB 89ms
89ms Script
application/javascript 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/bundle-8d3ad0136a4895784e1c557f87d62359.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

47487086f9b1643b5b8a2cd26fc937c810358f463026620f4b62b5818c876df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
etag: "8d3ad0136a4895784e1c557f87d62359"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881758&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=c0MGC2SAiDDv%2BHd4lu7MsCOu2yNH%2BkwUzbp3MmJwZwc%3D"}]}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
81 KB 56ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N24X7V9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

caef0c68558663b3b6f43c6265a5f4e87f0bd5c51cc90d9c276dd8744ca8dda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82650
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 00:29:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 57ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&family=Work+Sans:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9e01946037f35473a29547e905d8a45650f2ea004ac5674e6acb39d75265785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 00:29:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
2 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500;600&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f3fdfbe15355829984fa7e17165382850fefc0793d94f1295d3ef4ae0c8ab57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 00:29:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N24X7V9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c92d4456639e6c7dc0e4661c950c86900984feb78b23427cb01f64abf3d86ebd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99598
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Apr 2024 00:29:18 GMT

GET
H2 200 hotjar-841363.js Show response
static.hotjar.com/c/ 9 KB
4 KB 97ms
37ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-841363.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N24X7V9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

6fb463631098e508152bc987baa2ced8369651f029fde3c7a097b18c65a052dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 12 Apr 2024 00:29:18 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/7c332a4281acd9f0c066939197b24679
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: paoUzuYFFx_NQZho1r8AxNntgZWL9AC9w6tCelsZy_3KZ1dmdHwU7g==

GET
H2 200 2607659.js Show response
tag.getdrip.com/ 6 KB
2 KB 75ms
10ms Script
application/javascript 99.86.4.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.getdrip.com/2607659.js
Requested by: Host: cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
URL: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-72.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0384fc5f3dd749a5c1cf63398412f8131e7269953aeb667b748e365ce122d5f9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:28:51 GMT
content-encoding: gzip
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
last-modified: Fri, 12 Apr 2024 00:24:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 27
x-amz-server-side-encryption: AES256
etag: W/"fc5ad868ff4a66f90428684e731b68ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QVen_ekaVF6o88GECA8tIFbStcNoB8aKyX_ktKcPZzDCleytzb-C6g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N24X7V9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 11 Apr 2024 23:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3036
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Apr 2024 01:38:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69935771-28&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N24X7V9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05ebf0a496f0d38271f9e3551e6c0c9befb19bca84f6df83f6108ccdf416f693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69582
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 00:29:19 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69935771-28&l=dataLayer

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f4cb512f01f411011c1294a31038d04acbb5c59585660621f90f77b7f21e7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69569
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:07:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Apr 2024 00:29:19 GMT

GET
H2 200 7198.d21c17c71ea52e184cf6.js Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 109 KB
43 KB 36ms
36ms Script
application/javascript 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/7198.d21c17c71ea52e184cf6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

5c41e6cc1a99717601651465d6adbcbfb40f036ffa7549d0e65aee455c60976a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 5991.31232dd4efdfcccda016.css
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 54 KB
9 KB 37ms
37ms Stylesheet
text/css 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/5991.31232dd4efdfcccda016.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

d4bf259dbc2042217dd2f8f476f87984e6bf0cd633308b07677dbe68adb84d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-type: text/css
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

GET
H2 200 public-pages.212ff84380fe873e4594.js Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/ 202 KB
62 KB 36ms
36ms Script
application/javascript 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/public-pages.212ff84380fe873e4594.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

d02a17f0a491174af2090f62387303403e9cd25a3491d6dddd01caa9edf854fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=1209600
accept-ranges: bytes

POST
H2 204 collect
region1.google-analytics.com/g/ 0
333 B 41ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SWXNNMMKPQ&gtm=45je44a0v881061948z8812476367za200&_p=1712881758778&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=593317834.1712881759&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712881759&sct=1&seg=0&dl=https%3A%2F%2Fcdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=814
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SWXNNMMKPQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 00:29:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
0 0ms
0ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bricolage+Grotesque:opsz,wght@12..96,200..800&family=Work+Sans:ital,wght@0,100..900;1,100..900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9e01946037f35473a29547e905d8a45650f2ea004ac5674e6acb39d75265785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Apr 2024 00:29:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Apr 2024 00:29:18 GMT

GET
H2 200 client.js Show response
d14jnfavjicsbe.cloudfront.net/ 86 KB
29 KB 47ms
7ms Script
text/javascript 2600:9000:236e:ec00:1e:9742:1680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d14jnfavjicsbe.cloudfront.net/client.js
Requested by: Host: tag.getdrip.com
URL: https://tag.getdrip.com/2607659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:ec00:1e:9742:1680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78e938504fd15665bb134725a79ce4098e26791c7fe0a547afd360eecaa56112

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:27:12 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
last-modified: Thu, 11 Apr 2024 15:07:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 128
x-amz-server-side-encryption: AES256
etag: W/"69b324b70f7f6f96a6aeb90784920301"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-meta-md5sum: abMktw9/b5amrrkHhJIDAQ==
cache-control: max-age=300
x-amz-cf-id: JxUPChSSAM76gNE6Gnij0FcoL-FNTO2bI2_Zsjbccm6PlAMhwDQ8GQ==

GET
H2 200 87524.js Show response
sleeknotecustomerscripts.sleeknote.com/ 3 KB
2 KB 167ms
127ms Script
text/javascript 13.35.58.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/87524.js
Requested by: Host: tag.getdrip.com
URL: https://tag.getdrip.com/2607659.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-30.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6faaba27c71812faaf5c44526a0a3cd3186a14e4f36f30309f453eeffa4ddc2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pkKDA6R9JA_ATyOU8Bjv3l5skLMUB8pT
content-encoding: gzip
via: 1.1 0ccdc706b9b907d47a4960eec0e95f2a.cloudfront.net (CloudFront)
date: Fri, 12 Apr 2024 00:29:20 GMT
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1304
last-modified: Tue, 19 Mar 2024 16:10:35 GMT
server: AmazonS3
etag: "7db0c5f66532a09bf5c8c6ba1114ff66"
content-type: text/javascript; charset=utf-8
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: aL4cDjiIeDP1Z5zeaXaOMaBQkND7AAzxd1Pd-UA6gBjZvNPDtOh32w==

GET
H2 200 modules.429236d560f51d186b8b.js Show response
script.hotjar.com/ 221 KB
55 KB 33ms
7ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.429236d560f51d186b8b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-841363.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 46b6cb3d5daab7defe28d3658c3a54fe.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 569473
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55714
last-modified: Fri, 05 Apr 2024 10:17:11 GMT
etag: "f153d7cc62fba42a4a256996815cbb73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gTa7ZcFpUUxSvmU29gYbyCv2EF1_1cQex7s3SD0wHTtxKgm-EJRFkA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
288 B 14ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=833757326&t=pageview&_s=1&dl=https%3A%2F%2Fcdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com%2F&ul=de-de&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=128724053&gjid=623740710&cid=593317834.1712881759&tid=UA-69935771-28&_gid=305569232.1712881759&_r=1&_slc=1&gtm=45He44a0n81N24X7V9v812476367za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=522852436

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Apr 2024 00:29:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 3ms
3ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69935771-28&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 11 Apr 2024 23:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3036
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Apr 2024 01:38:42 GMT

GET
H2 200 / Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/ 3 KB
1 KB 62ms
61ms XHR
text/html 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

c0353e7cf726ca4c6f038af1097b8f742cd462fa77ab481899c0baae11f20552

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-content-type-options: nosniff
x-folio-forwarded-host: cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
pragma: no-cache
server: Caddy, Cowboy
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-language: de-DE
content-type: text/html;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
expires: 0

GET
H2 404 ownDomain Show response
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/data/ 0
75 B 62ms
60ms XHR
text/plain 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/data/ownDomain

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' uxstudioteam.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-CSRF-TOKEN: 4233943e-b252-4944-98c2-62e8b470f3e3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self' uxstudioteam.com
date: Fri, 12 Apr 2024 00:29:19 GMT
via: 1.1 vegur
strict-transport-security: max-age=31536000 ; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server: Caddy, Cowboy
x-content-type-options: nosniff
x-frame-options: DENY
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
425 B 74ms
24ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-69935771-28&cid=593317834.1712881759&jid=128724053&gjid=623740710&_gid=305569232.1712881759&npa=1&_u=YADAAEAAAAAAACAAI~&z=1028246847

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 12 Apr 2024 00:29:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 visit Show response
api.getdrip.com/client/events/ 84 B
839 B 340ms
313ms Script
text/javascript 18.245.31.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/events/visit?drip_account_id=2607659&referrer=&url=https%3A%2F%2Fcdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com%2F&domain=cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com&time_zone=Europe%2FBerlin&enable_third_party_cookies=f&callback=Drip_532793033

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-107.fra56.r.cloudfront.net

Software

Resource Hash

a4e42531404c5e9edfebc253a610d1d7a9fcdae1a43afaa85087d8a1463b048d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 84
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amzn-requestid: 065b1197-b9c8-4e1d-a8e2-9bfc5cf33bcd
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: WFj-9HGaIAMEa2A=
content-length: 84
x-xss-protection: 0
x-request-id: 28b24177-681a-46ab-b4b4-7d15eea23b04
x-runtime: 0.020601
referrer-policy: strict-origin-when-cross-origin
etag: W/"a4e42531404c5e9edfebc253a610d1d7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Fri, 12 Apr 2024 00:29:19 GMT
x-amz-cf-id: cyDCUu5WL64RZiFgcyQ-iMj_kmhTI_9fdtG3q7k8aTn1U25OxImM1g==

GET
H2 200 error-404..svg
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/src/assets/images/ 2 KB
2 KB 35ms
34ms Image
image/svg+xml 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/src/assets/images/error-404..svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

b21cc6a7ac6041054bd45c478714c537703f0d2f8c668a6b600c28cb6410a5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/dist/styles-b83a6ccf592731b298622783b2950620.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length: 1613
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
pragma: no-cache
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
x-frame-options: DENY
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-type: image/svg+xml
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
33 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Montserrat:wght@400;500;700&family=Muli&family=Mulish&family=Noto+Serif&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&family=Raleway:wght@400;800;900&family=Source+Sans+Pro:wght@400;600&family=Source+Serif+Pro&family=Work+Sans:wght@400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 14:31:34 GMT
x-content-type-options: nosniff
age: 467865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 14:31:34 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 34ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 23:09:09 GMT
x-content-type-options: nosniff
age: 264010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 23:09:09 GMT

GET
H/1.1 200
OK core-drip.js Show response
sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/ 5 KB
6 KB 113ms
40ms Script
text/javascript 3.5.71.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/core-drip.js
Requested by: Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/87524.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.71.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b219c52f194571d68f2795f1b46b4a6ea8053172d4f35a37a771ef869a14020b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 00:29:20 GMT
x-amz-version-id: k95UzEwkOBXWLX25WP8bVW77xpo6gYtB
Last-Modified: Mon, 11 Mar 2024 18:15:16 GMT
Server: AmazonS3
x-amz-request-id: A326K3XK3X1APEP0
ETag: "8256aad30e5443998efc68600d5f85a0"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 5272
x-amz-id-2: m/WPl3bd9WmhgSQ545OZH+uWguc4akpQS8dN6SseruYOKzxTT+OOoKQbLxsiRGhG3CnMdE6m1I11XGjMMz0iNhG41elO5m4F

GET
H/1.1 200
OK package-core-boot.js Show response
sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/drip/ 98 KB
98 KB 38ms
38ms Script
text/javascript 3.5.71.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/drip/package-core-boot.js
Requested by: Host: sleeknotestaticcontent.s3.eu-west-1.amazonaws.com
URL: https://sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/core-drip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.71.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6ec2467165e739a34bb76f4fb666cc93c6b05dbf3e470d8fc8946ffc4ed33a13

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 00:29:20 GMT
x-amz-version-id: h.ECjFXXHu1oh.5mUXcISwsKc0OeQ2jL
Last-Modified: Mon, 11 Mar 2024 18:15:14 GMT
Server: AmazonS3
x-amz-request-id: A322RE0V33777183
ETag: "de9a35f065478256d224bc378a6bda7c"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 100324
x-amz-id-2: JAnhZCljFPDUKKcnqRfWB9krgF2bbfvvSBOVzaFFIuTMgC/hep1XaABEA1i+t5k+o674+48rUKnZ7kqww1AxzhxBzobJjbcZ

GET
H/1.1 200
OK package-tracker.js Show response
sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/drip/ 13 KB
14 KB 38ms
38ms Script
text/javascript 3.5.71.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/drip/package-tracker.js
Requested by: Host: sleeknotestaticcontent.s3.eu-west-1.amazonaws.com
URL: https://sleeknotestaticcontent.s3.eu-west-1.amazonaws.com/core-drip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.71.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5031dd64938f11cf308087e1c2e7ff3fd0dee148201374819f47146bfca2ca84

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 12 Apr 2024 00:29:20 GMT
x-amz-version-id: NM3OFkUdJ1TBt6lnPJqiDnnFB9dctLnw
Last-Modified: Mon, 11 Mar 2024 18:15:15 GMT
Server: AmazonS3
x-amz-request-id: A325ZZH6ZJSHQYHG
ETag: "840df60265eabb2529765016cadb9047"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 13644
x-amz-id-2: pEAIZNwcpCP3eqPpROgQYQLYSt7VyEwC6IoW/KBe9Xw35CVW7sVJMadVXz+azxIERieQBaZSqMFRs4OTCDf4vHk+UkdV7dOV

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
857 B 339ms
339ms Script
text/javascript 18.245.31.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fcdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com%2F&visitor_uuid=8804df60d9cc48b7b247ed8eb2152799&_action=Visited%20a%20page&source=drip&drip_account_id=2607659&callback=Drip_656183288

Requested by

Host: d14jnfavjicsbe.cloudfront.net
URL: https://d14jnfavjicsbe.cloudfront.net/client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-107.fra56.r.cloudfront.net

Software

Resource Hash

561464da9427ef303ecdd4de1bfc21c2fee0107b7df14090feb79de1aa9b52a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 5dbbe1c6db9a003131a63be8ded250a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
x-amzn-requestid: 24c42e92-0849-4cdb-8446-1b3d1f441e70
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: WFj_BF9cIAMEqSw=
content-length: 101
x-xss-protection: 0
x-request-id: 9e5df386-93a8-456c-a2ec-59419006fbd9
x-runtime: 0.055013
referrer-policy: strict-origin-when-cross-origin
etag: W/"561464da9427ef303ecdd4de1bfc21c2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Fri, 12 Apr 2024 00:29:19 GMT
x-amz-cf-id: U-pTBSM8Tv85c1H4IOGUjBJGBOp-zK91J05o7Y3Ss2xw91jTYB_LbQ==

GET
H2 200 favicon.ico
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/favicon/ 15 KB
15 KB 36ms
35ms Other
image/x-icon 67.207.77.53
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/favicon/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

67.207.77.53 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Caddy, Cowboy /

Resource Hash

3565721023b8c052bceedb8f369eff92222bcc470f06be03c405d51698774f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 12 Apr 2024 00:29:19 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length: 15406
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D
pragma: no-cache
last-modified: Thu, 04 Apr 2024 13:33:23 GMT
server: Caddy, Cowboy
x-frame-options: DENY
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1712881759&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=fLlv6KtQdEYZZP5kzZHe1Rg5cCjq9%2FJDPi0YZi8Ywo8%3D"}]}
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0, must-revalidate
accept-ranges: bytes
expires: 0

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1970-01-20 19:48:23	Name: JSESSIONID Value: 52C69B07104C24D7F6FFB13E7A59F162
.aminbenmesk.com/	1970-01-21 05:24:01	Name: _ga_SWXNNMMKPQ Value: GS1.1.1712881759.1.0.1712881759.0.0.0
.aminbenmesk.com/	1970-01-21 05:24:01	Name: _ga Value: GA1.2.593317834.1712881759
.aminbenmesk.com/	1970-01-20 19:49:28	Name: _gid Value: GA1.2.305569232.1712881759
.aminbenmesk.com/	1970-01-20 19:48:01	Name: _gat_UA-69935771-28 Value: 1
.aminbenmesk.com/	1970-01-21 04:33:37	Name: _hjSessionUser_841363 Value: eyJpZCI6ImM3NjNlZDliLWM1ZWEtNTM1My1iZDdkLWUzZTdiOTk0MWE4NyIsImNyZWF0ZWQiOjE3MTI4ODE3NTkyOTAsImV4aXN0aW5nIjpmYWxzZX0=
.aminbenmesk.com/	1970-01-20 19:48:03	Name: _hjSession_841363 Value: eyJpZCI6ImFkMDczYjE2LTkyMmQtNDQ0MS05MTRjLWE1MTkwNTQ2NWQ0MyIsImMiOjE3MTI4ODE3NTkyOTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1969-12-31 23:59:59	Name: SNS Value: 1
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1970-01-21 04:33:37	Name: _sn_m Value: {"r":{"n":1}}
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1970-01-21 04:33:37	Name: _sn_a Value: {"a":{"s":1712881759579}}
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1970-01-21 04:33:37	Name: _sn_n Value: {"a":{"i":"54fb5815-5d49-43ef-8a3c-72d200eb6c84"}}
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/	1970-01-21 05:24:01	Name: _drip_client_2607659 Value: vid%253D8804df60d9cc48b7b247ed8eb2152799%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1712881759592%2526weeklySessionCount%253D1%2526lastSessionAt%253D1712881759592

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com/data/ownDomain Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getdrip.com
cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com
d14jnfavjicsbe.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
script.hotjar.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.s3.eu-west-1.amazonaws.com
static.hotjar.com
stats.g.doubleclick.net
tag.getdrip.com
www.google-analytics.com
www.googletagmanager.com
13.33.187.74
13.35.58.30
18.245.31.107
18.66.102.53
2001:4860:4802:34::36
2600:9000:236e:ec00:1e:9742:1680:21
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9a
3.5.71.163
67.207.77.53
99.86.4.72
0384fc5f3dd749a5c1cf63398412f8131e7269953aeb667b748e365ce122d5f9
05ebf0a496f0d38271f9e3551e6c0c9befb19bca84f6df83f6108ccdf416f693
3565721023b8c052bceedb8f369eff92222bcc470f06be03c405d51698774f35
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
47487086f9b1643b5b8a2cd26fc937c810358f463026620f4b62b5818c876df8
4f3fdfbe15355829984fa7e17165382850fefc0793d94f1295d3ef4ae0c8ab57
5031dd64938f11cf308087e1c2e7ff3fd0dee148201374819f47146bfca2ca84
561464da9427ef303ecdd4de1bfc21c2fee0107b7df14090feb79de1aa9b52a5
5c41e6cc1a99717601651465d6adbcbfb40f036ffa7549d0e65aee455c60976a
5f4cb512f01f411011c1294a31038d04acbb5c59585660621f90f77b7f21e7f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ec2467165e739a34bb76f4fb666cc93c6b05dbf3e470d8fc8946ffc4ed33a13
6fb463631098e508152bc987baa2ced8369651f029fde3c7a097b18c65a052dc
78e938504fd15665bb134725a79ce4098e26791c7fe0a547afd360eecaa56112
a4e42531404c5e9edfebc253a610d1d7a9fcdae1a43afaa85087d8a1463b048d
a9e01946037f35473a29547e905d8a45650f2ea004ac5674e6acb39d75265785
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b219c52f194571d68f2795f1b46b4a6ea8053172d4f35a37a771ef869a14020b
b21cc6a7ac6041054bd45c478714c537703f0d2f8c668a6b600c28cb6410a5c0
b6faaba27c71812faaf5c44526a0a3cd3186a14e4f36f30309f453eeffa4ddc2
c0353e7cf726ca4c6f038af1097b8f742cd462fa77ab481899c0baae11f20552
c6e21573741e96cda5d5035502c7f45c41d753e3a83d921bd624db0fa1cf8b92
c92d4456639e6c7dc0e4661c950c86900984feb78b23427cb01f64abf3d86ebd
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
caef0c68558663b3b6f43c6265a5f4e87f0bd5c51cc90d9c276dd8744ca8dda5
cee92bbb2d5709dd043785559714d145bf0886cd1649e1bddcda882fb9b623c8
d02a17f0a491174af2090f62387303403e9cd25a3491d6dddd01caa9edf854fa
d4bf259dbc2042217dd2f8f476f87984e6bf0cd633308b07677dbe68adb84d43
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb

cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com Open in urlscan Pro 67.207.77.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

50 %IPv6

11 Domains

14 Subdomains

14 IPs

4 Countries

997 kBTransfer

3299 kBSize

12 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cdek.www.pay.www.pay.www.pay.pay.pay.pay.sber.sber.avito.avito.avito.avito.avisber.hld3gpdtq8ft7ip.magenbeta.aminbenmesk.com Open in urlscan Pro
67.207.77.53 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

997 kB
Transfer

3299 kB
Size

12
Cookies

35 HTTP transactions
0 data transactions