my.prom.ua Open in urlscan Pro
193.34.169.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://my.prom.ua/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campa...
Effective URL:
https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_...
Submission Tags: falconsandbox
Submission: On June 24 via api (June 24th 2021, 8:17:23 pm UTC) from US

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 14 domains to perform 59 HTTP transactions. The main IP is 193.34.169.16, located in Ukraine and belongs to EVO, UA. The main domain is my.prom.ua.
TLS certificate: Issued by R3 on April 28th 2021. Valid for: 3 months.

This is the only time my.prom.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	193.34.169.16 193.34.169.16	43896 (EVO) (EVO)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	116.202.11.240 116.202.11.240	24940 (HETZNER-AS) (HETZNER-AS)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 6	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
5	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:ac8... 2a05:d018:ac8:b900:9f9d:9921:e3e4:2545	16509 (AMAZON-02) (AMAZON-02)
1	193.200.65.70 193.200.65.70	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	95.216.24.150 95.216.24.150	24940 (HETZNER-AS) (HETZNER-AS)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	193.34.168.232 193.34.168.232	43896 (EVO) (EVO)
1 1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
59	18

20 193.34.169.16 (Ukraine) 1 redirects

ASN43896 (EVO, UA)
PTR: my.prom.ua

my.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.11.240 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.240.11.202.116.clients.your-server.de

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8974896.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.166 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

10048520.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)

a.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:ac8:b900:9f9d:9921:e3e4:2545 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.70 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: affiliates.prom.ua

affiliates.prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.216.24.150 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.24.216.95.clients.your-server.de

ttt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.34.168.232 (Ukraine)

ASN43896 (EVO, UA)

gotcha-server.evo.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	prom.ua 1 redirects my.prom.ua affiliates.prom.ua tracker.prom.ua	463 KB
11	doubleclick.net 5 redirects 8974896.fls.doubleclick.net 10048520.fls.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	4 KB
5	google.com 1 redirects www.google.com adservice.google.com	753 B
5	mgid.com a.mgid.com cm.mgid.com	5 KB
5	onthe.io cdn.onthe.io ttt.onthe.io	15 KB
4	facebook.com www.facebook.com	265 B
3	facebook.net connect.facebook.net	174 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	evo.run gotcha-server.evo.run	276 B
2	googleadservices.com www.googleadservices.com	16 KB
2	googletagmanager.com www.googletagmanager.com	119 KB
1	google.de www.google.de	108 B
1	esputnik.com esputnik.com	11 KB
1	googleoptimize.com www.googleoptimize.com	35 KB
59	14

	Domain	Requested by
18	my.prom.ua	1 redirects my.prom.ua
6	10048520.fls.doubleclick.net	2 redirects www.googletagmanager.com my.prom.ua
4	www.facebook.com	my.prom.ua connect.facebook.net
4	ttt.onthe.io	cdn.onthe.io
3	adservice.google.com	10048520.fls.doubleclick.net 8974896.fls.doubleclick.net
3	a.mgid.com	www.googletagmanager.com my.prom.ua
3	8974896.fls.doubleclick.net	1 redirects www.googletagmanager.com my.prom.ua
3	connect.facebook.net	my.prom.ua connect.facebook.net
3	www.google-analytics.com	my.prom.ua www.googletagmanager.com
2	tracker.prom.ua	my.prom.ua
2	cm.mgid.com	a.mgid.com my.prom.ua
2	gotcha-server.evo.run	my.prom.ua
2	www.google.com	1 redirects my.prom.ua
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.googletagmanager.com	my.prom.ua
1	cm.g.doubleclick.net	1 redirects
1	www.google.de	my.prom.ua
1	googleads.g.doubleclick.net	1 redirects
1	affiliates.prom.ua	www.googletagmanager.com
1	esputnik.com	my.prom.ua
1	cdn.onthe.io	my.prom.ua
1	www.googleoptimize.com	my.prom.ua
59	22

This site contains links to these domains. Also see Links.

Domain
prom.page.link

Subject Issuer	Validity	Valid
prom.ua R3	`2021-04-28` - `2021-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2021-05-06` - `2022-06-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-28` - `2021-11-27`	2 years	crt.sh
affiliates.prom.ua Sectigo RSA Domain Validation Secure Server CA	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
evo.run R3	`2021-05-05` - `2021-08-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Frame ID: 7764559DDD43084828CD37FF9D7246CF
Requests: 51 HTTP requests in this frame

Frame: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/iframe.html
Frame ID: CAFE2E08BF943219F05F5A50EFD33D85
Requests: 1 HTTP requests in this frame

Frame: https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus
Frame ID: 5C6C11471D16BF04C945C110907FA0B3
Requests: 2 HTTP requests in this frame

Frame: https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus
Frame ID: 09E5BCC3F4D9C539B65BEF2AC048A99E
Requests: 2 HTTP requests in this frame

Frame: https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus
Frame ID: 087DDBCF1346B876FD19C0BC6C1E8401
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://my.prom.ua/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_me... HTTP 302
https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2cust... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

59
Requests

100 %
HTTPS

52 %
IPv6

14
Domains

22
Subdomains

18
IPs

6
Countries

859 kB
Transfer

3973 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://prom.page.link/prom-mobile-web-r1
Title: Скачать приложение

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://my.prom.ua/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus HTTP 302
https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://8974896.fls.doubleclick.net/activityi;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus HTTP 302
https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Request Chain 23

https://10048520.fls.doubleclick.net/activityi;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus HTTP 302
https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Request Chain 24

https://10048520.fls.doubleclick.net/activityi;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus HTTP 302
https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Request Chain 46

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QujUYO6kN56p3gP3q5yYDA&sscte=1&crd=&eitems=ChEI8NrQhgYQ3PH_h8zEoPf9ARIdAI8ICJrjt_hLL5bIGtx5U-jrYOQe_V8Oy9PjrJ8 HTTP 302
https://www.google.com/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QujUYO6kN56p3gP3q5yYDA&cid=CAQSKQCNIrLMMS_pXng9P8A-T9b16K-dYjbP6HGCg5ie7Xa-fiLDpzfQzn9C&eitems=ChEI8NrQhgYQ3PH_h8zEoPf9ARIdAI8ICJo2HVrgOksWms2Qi7bkoENd8qjtIFG0Ht0&random=899277631&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QujUYO6kN56p3gP3q5yYDA&cid=CAQSKQCNIrLMMS_pXng9P8A-T9b16K-dYjbP6HGCg5ie7Xa-fiLDpzfQzn9C&eitems=ChEI8NrQhgYQ3PH_h8zEoPf9ARIdAI8ICJo2HVrgOksWms2Qi7bkoENd8qjtIFG0Ht0&random=899277631&resp=GooglemKTybQhCsO&ipr=y

Request Chain 51

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVvNmlNRVVFRGhk&muidn=l5o6iMEUEDhd HTTP 302
https://cm.mgid.com/google?muidn=l5o6iMEUEDhd&google_ula={guid},5&google_gid=CAESEBu-oBO85suiQhCH-nNS-xU&google_cver=1

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign-in Show response
my.prom.ua/cabinet/
Redirect Chain

https://my.prom.ua/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

106 KB
24 KB

453ms
452ms

Document
text/html

193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.16 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

my.prom.ua

Software

nginx /

Resource Hash

4dc431ea4e867a29c4ee291fcbef7a2b8d9bddb12a7d0c7a2e0653e480eaf140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: my.prom.ua
:scheme: https
:path: /cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 24 Jun 2021 20:17:06 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
set-cookie: cid=85128255232918805294540347517030941642; Domain=.prom.ua; Max-Age=2592000; Path=/; expires=Sat, 24-Jul-2021 20:17:05 GMT user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; Domain=.prom.ua; Path=/ csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; Domain=.prom.ua; Max-Age=31449600; Path=/; expires=Thu, 23-Jun-2022 20:17:05 GMT; secure; SameSite=None auth=e598486e963b346bab852b062d7edd22b3779178; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Fri, 24-Jun-2022 20:17:06 GMT; secure; HttpOnly auth=e598486e963b346bab852b062d7edd22b3779178; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Fri, 24-Jun-2022 20:17:06 GMT; secure; HttpOnly; SameSite=None
referrer-policy: no-referrer-when-downgrade
link: </cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_43647970e3889a7e2819.css>; rel=preload; as=style; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f9196c7029117c7cd3a1.css>; rel=preload; as=style; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_e6f9a8fef01aff095a39.css>; rel=preload; as=style; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_4719d19b12f2dac64beb.css>; rel=preload; as=style; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f36e81ac6c0b7b9b77cd.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_df69843a3db145b49c1a.es6.js>; rel=preload; as=script; nopush,</cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_37ab366d215d60f74638.es6.js>; rel=preload; as=script; nopush,<https://my.prom.ua>; rel=preconnect,<https://gum.criteo.com>; rel=preconnect,<https://stats.g.doubleclick.net>; rel=preconnect,<https://www.google.com.ua>; rel=preconnect,<https://www.google.com>; rel=preconnect,<https://chat.c.prom.st>; rel=preconnect,<https://images.ua.prom.st>; rel=preconnect,<https://www.google-analytics.com>; rel=preconnect,<https://malevich.evo.run>; rel=preconnect,<https://chat.my.prom.ua>; rel=preconnect,<https://billboard.evo.run>; rel=preconnect
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Thu, 24 Jun 2021 20:17:05 GMT
content-type: text/html; charset=utf-8
content-length: 354
x-powered-by: Express
location: /cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
vary: Accept
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
set-cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; Domain=.prom.ua; HttpOnly; Max-Age=31536000; Path=/; SameSite=None; Secure

GET
H2 200 vendors~portable_43647970e3889a7e2819.css
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 678 KB
29 KB 61ms
59ms Stylesheet
text/css 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_43647970e3889a7e2819.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 0d1cb1d429075ed79589fa18de496f54b56ef7f37ac69654059be8ee80e5a5d0

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_43647970e3889a7e2819.css
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx000000000000000fa0ced-0060d170a7-9df5ad2-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-vendors~portable_43647970e3889a7e2819.css cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_43647970e3889a7e2819.css
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 28695
last-modified: Mon, 21 Jun 2021 03:06:56 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: lancehead betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 portable_f9196c7029117c7cd3a1.css
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 146 KB
20 KB 61ms
59ms Stylesheet
text/css 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f9196c7029117c7cd3a1.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 7642023e797743f36cd028e14919344762f9fbc2f3e2801374d9f669f0bac879

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f9196c7029117c7cd3a1.css
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000011907a2-0060d2e425-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-portable_f9196c7029117c7cd3a1.css cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f9196c7029117c7cd3a1.css
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 19843
last-modified: Wed, 23 Jun 2021 03:16:29 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-01 betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 commons_e6f9a8fef01aff095a39.css
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 27 KB
7 KB 61ms
59ms Stylesheet
text/css 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_e6f9a8fef01aff095a39.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 0adec344ba42ae21ee1561f97b015f8ed64beaca82a79f0893e7d14fa671ebc2

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_e6f9a8fef01aff095a39.css
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000010e0b58-0060d170a7-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-commons_e6f9a8fef01aff095a39.css cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_e6f9a8fef01aff095a39.css
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 6189
last-modified: Mon, 21 Jun 2021 03:06:55 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: nginx-cache-01 betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 pages-SignIn_4719d19b12f2dac64beb.css
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 3 KB
1 KB 61ms
59ms Stylesheet
text/css 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_4719d19b12f2dac64beb.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 9b0ef96647b17049a0c4429546cdfe1b76553544a6777f7454820e706a11cbe5

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_4719d19b12f2dac64beb.css
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000010d6ca2-0060d17149-9c1e926-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-pages-SignIn_4719d19b12f2dac64beb.css cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_4719d19b12f2dac64beb.css
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 766
last-modified: Mon, 21 Jun 2021 03:06:56 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: lancehead betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 portable_runtime_e9857b0f64e72dcd60f6.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 13 KB
4 KB 61ms
59ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 35b2f2d564d2ffcffacafe8f85444dcecd8e7b1bd4fe9b59732106a0a42fda14

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000010008c5-0060d2e426-9e08f74-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-portable_runtime_e9857b0f64e72dcd60f6.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 3423
last-modified: Wed, 23 Jun 2021 03:16:29 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 vendors~portable_86d30f051fc022c6c3c0.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 957 KB
209 KB 61ms
59ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 9e5aaedf6fd67313d00bed5fadc519907cf38ea975e575efad47c45536092720

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000010d67d7-0060d170a7-9c1e926-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-vendors~portable_86d30f051fc022c6c3c0.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 213447
last-modified: Mon, 21 Jun 2021 03:06:56 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-03 betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 portable_f36e81ac6c0b7b9b77cd.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 366 KB
64 KB 61ms
59ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f36e81ac6c0b7b9b77cd.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: fdd482be9cc2a05fd70b30d9446f8271f70bad09a05c10f6a033d996bf55e2ac

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f36e81ac6c0b7b9b77cd.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000011c7969-0060d45103-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-portable_f36e81ac6c0b7b9b77cd.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_f36e81ac6c0b7b9b77cd.es6.js
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 64772
last-modified: Thu, 24 Jun 2021 09:16:45 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 commons_df69843a3db145b49c1a.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 358 KB
73 KB 61ms
60ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_df69843a3db145b49c1a.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 80813bf815fa94eb55ec80fcd1542098c18f6cac7334ec017cf9656835646d3e

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_df69843a3db145b49c1a.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx00000000000000112794a-0060d1dc91-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-commons_df69843a3db145b49c1a.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/commons_df69843a3db145b49c1a.es6.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 74297
last-modified: Tue, 22 Jun 2021 12:32:59 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: whiptails betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 pages-SignIn_37ab366d215d60f74638.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 11 KB
4 KB 61ms
60ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_37ab366d215d60f74638.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 1f6c95495a979fa39ddece3f10ee0ad18c2e6a2be8a68a6e7e56f861a319ab0b

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_37ab366d215d60f74638.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000011907a3-0060d2e426-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-pages-SignIn_37ab366d215d60f74638.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/pages-SignIn_37ab366d215d60f74638.es6.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 3166
last-modified: Wed, 23 Jun 2021 03:16:29 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 89 KB
35 KB 38ms
14ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-W5CJ2MR

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9942b1916281c01f4a269aad7a2ad63d88e9e2942086c13152d91d3184f64e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35724
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 18:59:26 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 155 KB
57 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F7T5DFHXY0

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f221ec293323155d097f42608705156b62db4bff83d28781a772864214598a98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58384
x-xss-protection: 0
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 2721
date: Thu, 24 Jun 2021 19:31:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 24 Jun 2021 21:31:45 GMT

GET
H2 200 adv_teasers.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/ 20 B
740 B 63ms
60ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97

Request headers

:path: /cloud-cgi/static/uaprom-static/js/adv_teasers.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
x-amz-request-id: tx0000000000000006ec4dc-005fca76ad-19ba88b-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/br-encoded-adv_teasers.js?rev=87ea8999e37c3bce342bf782657854e03b415687 cmy.prom.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 25
last-modified: Fri, 13 Nov 2020 11:24:00 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 bare.js Show response
my.prom.ua/cloud-cgi/static/clerk/v4.3.1/ 11 KB
5 KB 63ms
60ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/bare.js
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: f4014c4c5b37520e8267f886c3ee84cd93c6ac7b996ecaba30dfa315942bed86

Request headers

:path: /cloud-cgi/static/clerk/v4.3.1/bare.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000000d9d067-0060cca169-9e08f74-openstack-1
x-cache-key: cdnclerk.c.prom.st/v4.3.1/bare.js cmy.prom.ua/cloud-cgi/static/clerk/v4.3.1/bare.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 4096
last-modified: Mon, 22 Feb 2021 12:02:54 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
x-fallback: true
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 solve.js Show response
my.prom.ua/cloud-cgi/static/power/ 34 KB
12 KB 63ms
61ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/power/solve.js
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849

Request headers

:path: /cloud-cgi/static/power/solve.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: gzip
x-cache-key: cdnpower.c.prom.st/solve.js cmy.prom.ua/cloud-cgi/static/power/solve.js
x-cache-status: HIT HIT HIT
x-cache-source: local
content-length: 11492
last-modified: Fri, 23 Aug 2019 15:27:56 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: habu betelgeuse
cache-control: public,max-age=31536000,immutable
x-cache-type: main
x-fallback: true
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK LoD6SGe8vMTb Show response
cdn.onthe.io/io.js/ 41 KB
14 KB 91ms
36ms Script
text/javascript 116.202.11.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/LoD6SGe8vMTb
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.202.11.240 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.240.11.202.116.clients.your-server.de
Software: nginx /
Resource Hash: de2298be0785396c05b03fa2b0e92b050d56f10418c274461551b344ae63fe83

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 20:17:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Dec 2020 07:38:18 GMT
Server: nginx
ETag: W/"5fd1d06a-a58c"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Fri, 25 Jun 2021 20:17:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
62 KB 25ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d307f9e027995de74be3a615898308b2f48d3ad0b1e872b20cf4e913df1303c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63360
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 18:59:26 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H2 200 iframe.html Show response
my.prom.ua/cloud-cgi/static/clerk/v4.3.1/ Frame CAFE 3 KB
2 KB 48ms
48ms Document
text/html 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/iframe.html
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 6d144edbc1b15ef769a5bee04b9856feff30eff2f1b64b523c49f1df2ffe362e

Request headers

:method: GET
:authority: my.prom.ua
:scheme: https
:path: /cloud-cgi/static/clerk/v4.3.1/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178; timezone_offset=120
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Response headers

server: nginx
date: Thu, 24 Jun 2021 20:17:06 GMT
content-type: text/html
content-length: 1382
last-modified: Mon, 22 Feb 2021 12:02:54 GMT
x-rgw-object-type: Normal
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-storage-class: STANDARD
x-amz-request-id: tx000000000000000f2d353-0060ccb112-9c1e926-openstack-1
x-trouble: IAMHERE
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-cache-status: MISS MISS HIT
x-cache-key: cdnclerk.c.prom.st/v4.3.1/iframe.html cmy.prom.ua/cloud-cgi/static/clerk/v4.3.1/iframe.html
x-cache-source: local
x-servant: nginx-cache-03 betelgeuse
x-cache-type: main
x-fallback: true
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24631
x-xss-protection: 0
pragma: public
x-fb-debug: gk1popI3wePL6GlgrqTkVzurJtJYoQiM8ESWwwYXVclGJ3XUccIQ77nYcjoYmG2w/INUJSECCU2kzTUdnlnMvA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 24 Jun 2021 20:17:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1717139881860563 Show response
connect.facebook.net/signals/config/ 262 KB
75 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1717139881860563?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cf0908a8b2345dfa2ac642a4f1ccb75de22391bf82c3c706584cd39fcb6e7fd0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76495
x-xss-protection: 0
pragma: public
x-fb-debug: BzTxPKOGL3uPWElOqo5DtSfneAUrme73PxCmLhvvVgFywsCLaEs4faSpNWGJ/YD1y9rq6KAmHTM5TubmlOkHUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Jun 2021 20:17:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 12ms
12ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F7T5DFHXY0&gtm=2oe6g0&_p=177476584&sr=1600x1200&ul=en-us&cid=1104856924.1624565826&_s=1&dl=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&dt=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sid=1624565826&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7T5DFHXY0
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.prom.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fn... Show response
8974896.fls.doubleclick.net/ Frame 5C6C
Redirect Chain

https://8974896.fls.doubleclick.net/activityi;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3...
https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%...

567 B
458 B

86ms
47ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

76d537804ba3bb4c2e4e979b615398e8ab66a03388d3caf64dd146f1b04c8069

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8974896.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
expires: Thu, 24 Jun 2021 20:17:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 433
x-xss-protection: 0
set-cookie: IDE=AHWqTUl1ggUnVXngrWTAcHR8cELvv1Q5VnqxGVysEiHsBVEt_odG8d1mj0bU71Mqta0; expires=Tue, 19-Jul-2022 20:17:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 91ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

835a3f9f16d6b865bc47f8955aa45da0adb979b89d4880fe69c90497dcac46c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13980
x-xss-protection: 0
server: cafe
etag: 15164145023890173193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H3-29

200

activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%... Show response
10048520.fls.doubleclick.net/ Frame 09E5
Redirect Chain

https://10048520.fls.doubleclick.net/activityi;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabin...
https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~ore...

580 B
466 B

75ms
35ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

7190b935af5914824af9416b2a53e0faa6448b267b0f12ae4f8d3da565928ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10048520.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
expires: Thu, 24 Jun 2021 20:17:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 441
x-xss-protection: 0
set-cookie: IDE=AHWqTUlZuS1rhGH1nsHaR-fG2ThrpQsWidTPzbmkq0PrUxPoA_1lIvXcEi0XRwTj4oY; expires=Tue, 19-Jul-2022 20:17:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fc... Show response
10048520.fls.doubleclick.net/ Frame 087D
Redirect Chain

https://10048520.fls.doubleclick.net/activityi;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%...
https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps...

587 B
471 B

73ms
34ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

49ec6606dd86e86708d6f79da60da8d73dc099b2527240fbb8433bd79007fc51

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10048520.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
expires: Thu, 24 Jun 2021 20:17:06 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 446
x-xss-protection: 0
set-cookie: IDE=AHWqTUklwNcUlydjCo3_Ns6h7Z26dFxleXtOaH0CjlSNPx0qjwchaGno53VpBNv_4z4; expires=Tue, 19-Jul-2022 20:17:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 24 Jun 2021 20:17:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 mgsensor.js Show response
a.mgid.com/ 12 KB
3 KB 200ms
145ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.mgid.com/mgsensor.js?d=1624565826511&source=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: fd691f88-c6bf-42a7-8ccb-9a2da922f7fc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6648a340192d06ed-LHR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae1445c10000006ed3e931000000001
server: cloudflare

GET
H/1.1 200 scripts Show response
esputnik.com/scripts/v1/public/ 34 KB
11 KB 90ms
29ms Script
application/javascript 2a05:d018:ac8:b900:9f9d:9921:e3e4:2545
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWE3YmE0ZmMzYTM3YTFjM2M1YWQzODYxYWFiNjA3ZWMwODc0ZDFlNjhhM2ZhMjIwZWZiZWYyNDJhMTE3N2UzZDgyN2RhMmQwM2E0YmIwNTU0Mzk3ZWE0YTE3NTAzYzQyMjI0ZWI1MmFiY2ZhYzM2Mzc3NDdhNDJlMTM4ZWQ3M2EwOGI0MjE1MGU4MmUzOTE5YTE4NjI1N2Y2MDRhZmQ4In0.d200CiGa-FGtn1CHJ1pFKIKZlZUmp8H1gXdKAg9nBJSotHljLLsFk9jXxlGrdv2ALLngnpw8KFNkHqVu3GFK5g&domain=DE90CB36-AFF0-464A-A8D1-28B021E39879

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:9f9d:9921:e3e4:2545 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

92bbd4fc80653e1e5145cd49c5c1dc1ba5134c85bbec421fd76f1737df715db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 20:17:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Thu, 24 Jun 2021 20:22:06 GMT

GET
H/1.1 200
OK utm.php Show response
affiliates.prom.ua/tools/ 0
351 B 58ms
19ms Script
text/javascript 193.200.65.70
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://affiliates.prom.ua/tools/utm.php

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-3N8Z

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

193.200.65.70 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),

Reverse DNS

affiliates.prom.ua

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';
X-Content-Type-Options: nosniff
Server: nginx
Date: Thu, 24 Jun 2021 20:17:06 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 0

GET
H2 200 activityi;register_conversion=1;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcab...
8974896.fls.doubleclick.net/ 0
0 79ms
36ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8974896.fls.doubleclick.net/activityi;register_conversion=1;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3F...
10048520.fls.doubleclick.net/ 0
0 64ms
29ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10048520.fls.doubleclick.net/activityi;register_conversion=1;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 activityi;register_conversion=1;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsig...
10048520.fls.doubleclick.net/ 0
0 64ms
29ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10048520.fls.doubleclick.net/activityi;register_conversion=1;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
ttt.onthe.io/ 0
287 B 146ms
44ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttt.onthe.io/?k[]=41949:error_script[title:Cannot%20read%20property%20%27getItem%27%20of%20null%0A%0ATypeError%3A%20Cannot%20read%20property%20%27getItem%27%20of%20null%0A%20%20%20%20at%20Object.o._getQueue%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A19728)%0A%20%20%20%20at%20Object.e.nextPageMetricQueueService.clearBySending%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A32530)%0A%20%20%20%20at%20Object.init%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A20455)%0A%20%20%20%20at%20Object.o.loadComponentAsync%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A19081)%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A42177%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A42375)%0A%20%20%20%20at%20r%20(https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A110)%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A517%0A%20%20%20%20at%20https%3A%2F%2Fcdn.onthe.io%2Fio.js%2FLoD6SGe8vMTb%3A1%3A526,href:https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus,url:%2Fcabinet%2Fsign-in,domain:my.prom.ua,page:Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36,cdn_version:211]&s=40d67c0b572c270cf96c57c0d146e8e5&1624565826821
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/LoD6SGe8vMTb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 20:17:06 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 graphql Show response
my.prom.ua/ 2 KB
1 KB 100ms
100ms Fetch
application/json 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://my.prom.ua/graphql

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.16 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

my.prom.ua

Software

nginx /

Resource Hash

96f25b53b6030ec227eefa7600a124087ddd6326f87ff2a7840264a4af9a16c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://my.prom.ua
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178; timezone_offset=120; _ga_F7T5DFHXY0=GS1.1.1624565826.1.0.1624565826.0; _ga=GA1.1.1104856924.1624565826; _gcl_au=1.1.738932188.1624565826; __io_nav_state41949=%7B%22current%22%3A%22%2Fcabinet%2Fsign-in%22%2C%22currentDomain%22%3A%22my.prom.ua%22%2C%22previousDomain%22%3A%22%22%7D
x-forwarded-proto: https
content-length: 1006
:path: /graphql
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
X-Requested-With: XMLHttpRequest
X-Forwarded-Proto: https
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: https://my.prom.ua
cache-control: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-LANGUAGE,X-DisableSafariCORSCheck
x-xss-protection: 1; mode=block

GET
H3-29 200 378339343322863 Show response
connect.facebook.net/signals/config/ 262 KB
75 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/378339343322863?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93d036a80ade3370292290a4d53abe8103767ac860910a788c18a6c802c02910

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76637
x-xss-protection: 0
pragma: public
x-fb-debug: 9XMVqCHuZ+qjaALKy7Z/nobFhPvwAaCyt8od1EWG81S6PRDPuNUdVP3psZwVRM0kQ4t25aH9oEQ2aQBw2vjthA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 24 Jun 2021 20:17:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1717139881860563&ev=PageView&dl=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&rl=&if=false&ts=1624565826848&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&fbp=fb.1.1624565826845.1060154293&it=1624565826447&coo=false&rqm=GET

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/812721445/ 2 KB
1 KB 61ms
31ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/812721445/?random=1624565826852&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

50e71538e125d952a41d135d44b7e0697c815b2de01a3ba66700c9e73e1efe35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1346
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/812721445/ 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/812721445/?random=1624565826852&cv=9&fst=1624565826852&num=1&fmt=3&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=*;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2F...
adservice.google.com/ddm/fls/z/ Frame 087D 42 B
107 B 62ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=*;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Requested by

Host: 10048520.fls.doubleclick.net
URL: https://10048520.fls.doubleclick.net/activityi;dc_pre=CImHh6iLsfECFU8w0wod_VoFXw;src=10048520;type=pvcid0;cat=all_p00;ord=1;num=7513376350008;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10048520.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=*;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet...
adservice.google.com/ddm/fls/z/ Frame 09E5 42 B
515 B 62ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=*;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Requested by

Host: 10048520.fls.doubleclick.net
URL: https://10048520.fls.doubleclick.net/activityi;dc_pre=CMWFh6iLsfECFVE_0wodpyAC7g;src=10048520;type=pvcid0;cat=all_p0;ord=6662322000127;gtm=2wg6g0;auiddc=738932188.1624565826;u1=1104856924;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10048520.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Ford...
adservice.google.com/ddm/fls/z/ Frame 5C6C 42 B
107 B 61ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus

Requested by

Host: 8974896.fls.doubleclick.net
URL: https://8974896.fls.doubleclick.net/activityi;dc_pre=CPaAiKiLsfECFXwRBgAdvBUI9g;src=8974896;type=invmedia;cat=all_p0;ord=1619164051929;gtm=2wg6g0;auiddc=738932188.1624565826;ps=1;~oref=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8974896.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 log
gotcha-server.evo.run/ Frame 0
0 262ms
53ms Preflight 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Protocol: H2
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Origin: https://my.prom.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 24 Jun 2021 20:17:07 GMT
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id
x-envoy-upstream-service-time: 0

POST
H2 204 log Show response
gotcha-server.evo.run/ 0
276 B 60ms
60ms XHR
text/plain 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Request-ID: 5163421f-c5a5-4c5f-808a-2a9e55539f39
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 24 Jun 2021 20:17:07 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id

GET
H2 200 sm.js Show response
cm.mgid.com/ 192 B
319 B 115ms
113ms Script
application/javascript 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/sm.js?d=1624565826878
Requested by: Host: a.mgid.com
URL: https://a.mgid.com/mgsensor.js?d=1624565826511&source=gtm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d81d3a59d349b2aec35bf3ef4f5fcb4f645c31404b3de98565187fa047310196

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 188bcc61-b615-4783-adbc-029a571238cc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6648a3422d8f06ed-LHR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae1445d69000006ed6801d000000001
server: cloudflare

GET
H3-29 200 1x1.gif
a.mgid.com/ 43 B
427 B 181ms
158ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/1x1.gif?id=358465&type=c&tg=&r=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&cmgid=0&cmtid=0&cmtuid=0&d=1624565826878
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6648a3423c9153c1-LHR
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae1445d5f000053c137010000000001

GET
H3-29 200 auto.gif
a.mgid.com/ 43 B
463 B 175ms
152ms Image
image/gif 104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mgid.com/auto.gif?sid=358465&eid=null&type=c&goods=&partner=10991153&referer=&d=1624565826878
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6648a3422c8d53c1-LHR
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae1445d5e000053c123b17000000001

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=378339343322863&ev=PageView&dl=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&rl=&if=false&ts=1624565826885&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22803427593755335%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22RUB%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22367059224402594%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22RUB%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22799464477560069%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22395900461794339%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1624565826845.1060154293&it=1624565826447&coo=false&rqm=GET

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 24 Jun 2021 20:17:06 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/812721445/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=25050...
https://www.google.com/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=16...
https://www.google.de/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=160...

42 B
108 B

20ms
19ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QujUYO6kN56p3gP3q5yYDA&cid=CAQSKQCNIrLMMS_pXng9P8A-T9b16K-dYjbP6HGCg5ie7Xa-fiLDpzfQzn9C&eitems=ChEI8NrQhgYQ3PH_h8zEoPf9ARIdAI8ICJo2HVrgOksWms2Qi7bkoENd8qjtIFG0Ht0&random=899277631&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/812721445/?random=1739656183&cv=9&fst=1624565826852&num=1&value=0&label=sa1dCN7Yl80BEKXKxIMD&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&tiba=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&auid=738932188.1624565826&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QujUYO6kN56p3gP3q5yYDA&cid=CAQSKQCNIrLMMS_pXng9P8A-T9b16K-dYjbP6HGCg5ie7Xa-fiLDpzfQzn9C&eitems=ChEI8NrQhgYQ3PH_h8zEoPf9ARIdAI8ICJo2HVrgOksWms2Qi7bkoENd8qjtIFG0Ht0&random=899277631&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 pageviews
tracker.prom.ua/endpoint/ 0
161 B 96ms
48ms Ping
text/plain 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.prom.ua/endpoint/pageviews
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/bare.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 20:17:07 GMT
server: nginx
access-control-allow-headers: X-CSRFToken, X-PromUserID
access-control-max-age: 2592000
access-control-allow-methods: POST, GET

POST
H2 204 events
tracker.prom.ua/endpoint/ 0
161 B 96ms
48ms Ping
text/plain 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.prom.ua/endpoint/events
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/bare.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Jun 2021 20:17:07 GMT
server: nginx
access-control-allow-headers: X-CSRFToken, X-PromUserID
access-control-max-age: 2592000
access-control-allow-methods: POST, GET

GET
H/1.1 200
OK / Show response
ttt.onthe.io/ 0
287 B 44ms
44ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttt.onthe.io/?k[]=41949:pageviews[event:pageviews,category:n,sub_category:u,sub_sub_category:l,extra_category:l,prom_customer_title:null,prom_customer_id:null,client_id:t-Y4DrsDaC4B67kRx5II67yMXcrH6D6u,visitor_type:new,page_type:auth%3Alogin,prom_or_client_site:portal,owner:Prom.ua,url:%2Fcabinet%2Fsign-in,domain:my.prom.ua,landing_url:%2Fcabinet%2Fsign-in,page:Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B,user_id:8b34b023d.7e0109770_1624565826976,browser:Other,referrer:direct,device:desktop,lifetime:0,user_type:new,source:email2customer_look_order,medium:Email,campaign:after_order_changestatus,cdn_version:211]&s=40d67c0b572c270cf96c57c0d146e8e5&_v=1&1624565826979
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/LoD6SGe8vMTb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 20:17:07 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
ttt.onthe.io/ 0
287 B 72ms
44ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttt.onthe.io/?k[]=41949:visits[event:visits,category:n,sub_category:u,sub_sub_category:l,extra_category:l,prom_customer_title:null,prom_customer_id:null,client_id:t-Y4DrsDaC4B67kRx5II67yMXcrH6D6u,visitor_type:new,page_type:auth%3Alogin,prom_or_client_site:portal,owner:Prom.ua,url:%2Fcabinet%2Fsign-in,domain:my.prom.ua,landing_url:%2Fcabinet%2Fsign-in,page:Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B,user_id:8b34b023d.7e0109770_1624565826976,browser:Other,referrer:direct,device:desktop,lifetime:0,user_type:new,source:email2customer_look_order,medium:Email,campaign:after_order_changestatus,cdn_version:211]&s=40d67c0b572c270cf96c57c0d146e8e5&_v=1&1624565826995
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/LoD6SGe8vMTb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 20:17:07 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3-29

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDVvNmlNRVVFRGhk&muidn=l5o6iMEUEDhd
https://cm.mgid.com/google?muidn=l5o6iMEUEDhd&google_ula={guid},5&google_gid=CAESEBu-oBO85suiQhCH-nNS-xU&google_cver=1

0
403 B

88ms
88ms

Image
text/plain

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=l5o6iMEUEDhd&google_ula={guid},5&google_gid=CAESEBu-oBO85suiQhCH-nNS-xU&google_cver=1
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6648a3437f4a53c1-LHR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ae1445e28000053c1e2278000000001

Redirect headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=l5o6iMEUEDhd&google_ula={guid},5&google_gid=CAESEBu-oBO85suiQhCH-nNS-xU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
ttt.onthe.io/ 0
287 B 106ms
44ms XHR
text/javascript 95.216.24.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ttt.onthe.io/?k[]=41949:debug_visits[event:debug_visits,client_id:t-Y4DrsDaC4B67kRx5II67yMXcrH6D6u,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36,cookie:__io_v_pv_24.5.direct,cookie_set:no,url:%2Fcabinet%2Fsign-in,domain:my.prom.ua,landing_url:%2Fcabinet%2Fsign-in,page:Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B,user_id:8b34b023d.7e0109770_1624565826976,browser:Other,referrer:direct,device:desktop,lifetime:0,user_type:new,source:email2customer_look_order,medium:Email,campaign:after_order_changestatus,cdn_version:211]&s=40d67c0b572c270cf96c57c0d146e8e5&_v=1&1624565827006
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/LoD6SGe8vMTb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.150 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.150.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Jun 2021 20:17:07 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 FBQ_3ef396cc7dd674f88459.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 933 B
1 KB 85ms
84ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/FBQ_3ef396cc7dd674f88459.es6.js
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: 1c7645a369fd1f191d1239ab11eb23ba8ff676ac268de0c58f05f202ce9df5ea

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/FBQ_3ef396cc7dd674f88459.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178; timezone_offset=120; _ga=GA1.1.1104856924.1624565826; _gcl_au=1.1.738932188.1624565826; __io_nav_state41949=%7B%22current%22%3A%22%2Fcabinet%2Fsign-in%22%2C%22currentDomain%22%3A%22my.prom.ua%22%2C%22previousDomain%22%3A%22%22%7D; _fbp=fb.1.1624565826845.1060154293; utmcmpg=after_order_changestatus; MgidSensorNVis=1; MgidSensorHref=https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus; __io_visit_pageviews_flag=1; __io_moon_utm_prom1=io_source%7D%3A%7B%7D*%7Bio_utm%7D%3A%7B%7D*%7Bsource%7D%3A%7Bemail2customer_look_order%7D*%7Bmedium%7D%3A%7BEmail%7D*%7Bcampaign%7D%3A%7Bafter_order_changestatus%7D*%7Bterm%7D%3A%7B%7D*%7Bcontent%7D%3A%7B; __io_first_source=direct; __io_v_pv_24.5.direct=1; __io=8b34b023d.7e0109770_1624565826976; __io_lv=1624565826978; __io_visit_expire.24.day=1624565827006; _ga_F7T5DFHXY0=GS1.1.1624565826.1.0.1624565827.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:07 GMT
content-encoding: br
x-amz-request-id: tx0000000000000002ff89c-0060b45972-85d6b90-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-FBQ_3ef396cc7dd674f88459.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/FBQ_3ef396cc7dd674f88459.es6.js
x-cache-status: HIT HIT HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 449
last-modified: Mon, 31 May 2021 03:15:03 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 besida_config_92757d2e641d02e31549.es6.js Show response
my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/ 10 KB
4 KB 48ms
48ms Script
application/javascript 193.34.169.16
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/besida_config_92757d2e641d02e31549.es6.js
Requested by: Host: my.prom.ua
URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/portable_runtime_e9857b0f64e72dcd60f6.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.169.16 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: my.prom.ua
Software: nginx /
Resource Hash: cf4923ee2600fe11b2e5e43aa61003787cf7644e88902d1ee5c54d7b12255fae

Request headers

:path: /cloud-cgi/static/uaprom-static/js/build/portal-portable/besida_config_92757d2e641d02e31549.es6.js
pragma: no-cache
cookie: evoauth=wab64a3b1c43344eb9a7c4235c98a2673; cid=85128255232918805294540347517030941642; user_tracker=d9bf77310ca217c802274d8b523a3b5de54c36b9|185.229.191.102|2021-06-24; csrf_token=8e8bd733374a46e2bcd2cc3d0a029be0; auth=e598486e963b346bab852b062d7edd22b3779178; timezone_offset=120; _ga=GA1.1.1104856924.1624565826; _gcl_au=1.1.738932188.1624565826; __io_nav_state41949=%7B%22current%22%3A%22%2Fcabinet%2Fsign-in%22%2C%22currentDomain%22%3A%22my.prom.ua%22%2C%22previousDomain%22%3A%22%22%7D; _fbp=fb.1.1624565826845.1060154293; utmcmpg=after_order_changestatus; MgidSensorNVis=1; MgidSensorHref=https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus; __io_visit_pageviews_flag=1; __io_moon_utm_prom1=io_source%7D%3A%7B%7D*%7Bio_utm%7D%3A%7B%7D*%7Bsource%7D%3A%7Bemail2customer_look_order%7D*%7Bmedium%7D%3A%7BEmail%7D*%7Bcampaign%7D%3A%7Bafter_order_changestatus%7D*%7Bterm%7D%3A%7B%7D*%7Bcontent%7D%3A%7B; __io_first_source=direct; __io_v_pv_24.5.direct=1; __io=8b34b023d.7e0109770_1624565826976; __io_lv=1624565826978; __io_visit_expire.24.day=1624565827006; _ga_F7T5DFHXY0=GS1.1.1624565826.1.0.1624565827.0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: my.prom.ua
referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 24 Jun 2021 20:17:07 GMT
content-encoding: br
x-amz-request-id: tx0000000000000010e0b69-0060d170a8-9c1e935-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/portal-portable/br-encoded-besida_config_92757d2e641d02e31549.es6.js cmy.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/besida_config_92757d2e641d02e31549.es6.js
x-cache-status: MISS MISS HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 3132
last-modified: Mon, 21 Jun 2021 03:06:55 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: ferdelance betelgeuse
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryTd4fWdgjAipW5yoT

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Jun 2021 20:17:07 GMT
content-type: text/plain
access-control-allow-origin: https://my.prom.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarylb0Mw851vB6AzN6D

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 24 Jun 2021 20:17:07 GMT
content-type: text/plain
access-control-allow-origin: https://my.prom.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 14ms
14ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-F7T5DFHXY0&gtm=2oe6g0&_p=177476584&sr=1600x1200&ul=en-us&cid=1104856924.1624565826&dl=https%3A%2F%2Fmy.prom.ua%2Fcabinet%2Fsign-in%3Fnext%3D%2Fcabinet%2Fuser%2Forder%2Fview%2F50689664%3Futm_source%3Demail2customer_look_order%26utm_medium%3DEmail%26utm_campaign%3Dafter_order_changestatus&dt=Prom.ua%20%E2%80%94%20%D0%BC%D0%B0%D1%80%D0%BA%D0%B5%D1%82%D0%BF%D0%BB%D0%B5%D0%B9%D1%81%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sid=1624565826&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F7T5DFHXY0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 24 Jun 2021 20:17:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.prom.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 04:37:41	Name: IDE Value: AHWqTUl1ggUnVXngrWTAcHR8cELvv1Q5VnqxGVysEiHsBVEt_odG8d1mj0bU71Mqta0
.prom.ua/	1970-01-19 19:17:32	Name: __io_visit_expire.24.day Value: 1624565827006
my.prom.ua/	1970-01-20 04:01:41	Name: __io Value: 8b34b023d.7e0109770_1624565826976
my.prom.ua/	1970-01-19 21:25:41	Name: MgidSensorNVis Value: 1
.prom.ua/	1970-01-19 19:59:17	Name: utmcmpg Value: after_order_changestatus
.prom.ua/	1970-01-19 19:16:07	Name: __io_v_pv_24.5.direct Value: 1
.prom.ua/	1970-01-19 19:16:06	Name: __io_nav_state41949 Value: %7B%22current%22%3A%22%2Fcabinet%2Fsign-in%22%2C%22currentDomain%22%3A%22my.prom.ua%22%2C%22previousDomain%22%3A%22%22%7D
.prom.ua/	1970-01-19 21:25:41	Name: _gcl_au Value: 1.1.738932188.1624565826
.prom.ua/	1970-01-19 21:25:41	Name: _fbp Value: fb.1.1624565826845.1060154293
my.prom.ua/	1970-01-19 21:25:41	Name: MgidSensorHref Value: https://my.prom.ua/cabinet/sign-in?next=/cabinet/user/order/view/50689664?utm_source=email2customer_look_order&utm_medium=Email&utm_campaign=after_order_changestatus
.prom.ua/	1970-01-20 04:01:41	Name: evoauth Value: wab64a3b1c43344eb9a7c4235c98a2673
.prom.ua/	1970-01-20 12:47:17	Name: _ga Value: GA1.1.1104856924.1624565826
my.prom.ua/	1969-12-31 23:59:59	Name: timezone_offset Value: 120
.prom.ua/	1970-01-20 04:01:41	Name: __io_first_source Value: direct
.prom.ua/	1969-12-31 23:59:59	Name: user_tracker Value: d9bf77310ca217c802274d8b523a3b5de54c36b9\|185.229.191.102\|2021-06-24
.prom.ua/	1970-01-20 04:01:41	Name: __io_moon_utm_prom1 Value: io_source%7D%3A%7B%7D%7Bio_utm%7D%3A%7B%7D%7Bsource%7D%3A%7Bemail2customer_look_order%7D%7Bmedium%7D%3A%7BEmail%7D%7Bcampaign%7D%3A%7Bafter_order_changestatus%7D%7Bterm%7D%3A%7B%7D%7Bcontent%7D%3A%7B
.prom.ua/	1970-01-20 04:01:41	Name: auth Value: e598486e963b346bab852b062d7edd22b3779178
.prom.ua/	1970-01-20 12:47:17	Name: _ga_F7T5DFHXY0 Value: GS1.1.1624565826.1.0.1624565826.0
my.prom.ua/	1970-01-20 04:01:41	Name: __io_lv Value: 1624565826978
.prom.ua/	1970-01-19 19:59:17	Name: cid Value: 85128255232918805294540347517030941642
.prom.ua/	1970-01-20 04:01:41	Name: __io_visit_pageviews_flag Value: 1
.prom.ua/	1970-01-20 04:00:15	Name: csrf_token Value: 8e8bd733374a46e2bcd2cc3d0a029be0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://my.prom.ua/cloud-cgi/static/uaprom-static/js/build/portal-portable/vendors~portable_86d30f051fc022c6c3c0.es6.js(Line 2) Message: Error: You are calling concat on a terminating link, which will have no effect
console-api	error	URL: https://my.prom.ua/cloud-cgi/static/clerk/v4.3.1/iframe.html(Line 6) Message: E005
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1717139881860563.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10048520.fls.doubleclick.net
8974896.fls.doubleclick.net
a.mgid.com
adservice.google.com
affiliates.prom.ua
cdn.onthe.io
cm.g.doubleclick.net
cm.mgid.com
connect.facebook.net
esputnik.com
googleads.g.doubleclick.net
gotcha-server.evo.run
my.prom.ua
tracker.prom.ua
ttt.onthe.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
104.19.135.78
116.202.11.240
142.250.186.70
142.250.74.194
193.200.65.70
193.34.168.232
193.34.169.16
216.58.212.162
216.58.212.166
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:ac8:b900:9f9d:9921:e3e4:2545
95.216.24.150
0adec344ba42ae21ee1561f97b015f8ed64beaca82a79f0893e7d14fa671ebc2
0d1cb1d429075ed79589fa18de496f54b56ef7f37ac69654059be8ee80e5a5d0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c7645a369fd1f191d1239ab11eb23ba8ff676ac268de0c58f05f202ce9df5ea
1f6c95495a979fa39ddece3f10ee0ad18c2e6a2be8a68a6e7e56f861a319ab0b
35b2f2d564d2ffcffacafe8f85444dcecd8e7b1bd4fe9b59732106a0a42fda14
49ec6606dd86e86708d6f79da60da8d73dc099b2527240fbb8433bd79007fc51
4dc431ea4e867a29c4ee291fcbef7a2b8d9bddb12a7d0c7a2e0653e480eaf140
50e71538e125d952a41d135d44b7e0697c815b2de01a3ba66700c9e73e1efe35
6d144edbc1b15ef769a5bee04b9856feff30eff2f1b64b523c49f1df2ffe362e
7190b935af5914824af9416b2a53e0faa6448b267b0f12ae4f8d3da565928ebe
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7642023e797743f36cd028e14919344762f9fbc2f3e2801374d9f669f0bac879
76d537804ba3bb4c2e4e979b615398e8ab66a03388d3caf64dd146f1b04c8069
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
80813bf815fa94eb55ec80fcd1542098c18f6cac7334ec017cf9656835646d3e
835a3f9f16d6b865bc47f8955aa45da0adb979b89d4880fe69c90497dcac46c2
8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849
92bbd4fc80653e1e5145cd49c5c1dc1ba5134c85bbec421fd76f1737df715db4
93d036a80ade3370292290a4d53abe8103767ac860910a788c18a6c802c02910
96f25b53b6030ec227eefa7600a124087ddd6326f87ff2a7840264a4af9a16c8
9942b1916281c01f4a269aad7a2ad63d88e9e2942086c13152d91d3184f64e9d
9b0ef96647b17049a0c4429546cdfe1b76553544a6777f7454820e706a11cbe5
9e5aaedf6fd67313d00bed5fadc519907cf38ea975e575efad47c45536092720
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b127181486c082afd048feabd5f69153c3993ccccc57085e4018609ed68f43c3
cf0908a8b2345dfa2ac642a4f1ccb75de22391bf82c3c706584cd39fcb6e7fd0
cf4923ee2600fe11b2e5e43aa61003787cf7644e88902d1ee5c54d7b12255fae
d307f9e027995de74be3a615898308b2f48d3ad0b1e872b20cf4e913df1303c3
d81d3a59d349b2aec35bf3ef4f5fcb4f645c31404b3de98565187fa047310196
de2298be0785396c05b03fa2b0e92b050d56f10418c274461551b344ae63fe83
def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f221ec293323155d097f42608705156b62db4bff83d28781a772864214598a98
f4014c4c5b37520e8267f886c3ee84cd93c6ac7b996ecaba30dfa315942bed86
fdd482be9cc2a05fd70b30d9446f8271f70bad09a05c10f6a033d996bf55e2ac

my.prom.ua Open in urlscan Pro 193.34.169.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

52 %IPv6

14 Domains

22 Subdomains

18 IPs

6 Countries

859 kBTransfer

3973 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

my.prom.ua Open in urlscan Pro
193.34.169.16 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

52 %
IPv6

14
Domains

22
Subdomains

18
IPs

6
Countries

859 kB
Transfer

3973 kB
Size

22
Cookies

59 HTTP transactions
0 data transactions