ord-ua.com Open in urlscan Pro
104.28.29.13 Public Scan

URL:
http://ord-ua.com/
Submission: On January 20 via manual (January 20th 2019, 3:19:39 pm UTC) from UA

Summary HTTP 33 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 6 countries across 16 domains to perform 33 HTTP transactions. The main IP is 104.28.29.13, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ord-ua.com.

This is the only time ord-ua.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.28.29.13 104.28.29.13	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	104.28.28.13 104.28.28.13	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	5.255.68.228 5.255.68.228	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	195.16.88.12 195.16.88.12	59939 (WIBO-AS) (WIBO-AS)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	88.212.201.207 88.212.201.207	39134 (UNITEDNET) (UNITEDNET)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
33	16

3 104.28.29.13 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ord-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.28.28.13 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ord-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.255.68.228 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: sv107.aiwebhost.com

media.sumy.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.16.88.12 (Czech Republic)

ASN59939 (WIBO-AS, LT)
PTR: server10011.hostlife.net

person.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.207 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host207.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ord-ua.com ord-ua.com	344 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	185 B
4	googlesyndication.com pagead2.googlesyndication.com	172 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.com staticxx.facebook.com www.facebook.com
2	google.de www.google.de adservice.google.de	280 B
2	google.com 1 redirects www.google.com adservice.google.com	353 B
2	facebook.net connect.facebook.net	56 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	i.ua r.i.ua	1 KB
1	googleapis.com ajax.googleapis.com	19 KB
1	bigmir.net c.bigmir.net	1 KB
1	person.org.ua person.org.ua	29 KB
1	media.sumy.ua media.sumy.ua	80 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
33	16

	Domain	Requested by
10	ord-ua.com	ord-ua.com
4	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	counter.yadro.ru	1 redirects
2	connect.facebook.net	ord-ua.com connect.facebook.net
2	www.google-analytics.com	1 redirects ord-ua.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	r.i.ua
1	staticxx.facebook.com	connect.facebook.net
1	www.google.de	ord-ua.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	ajax.googleapis.com	ajax.cloudflare.com
1	c.bigmir.net	ord-ua.com
1	person.org.ua	ord-ua.com
1	media.sumy.ua	ord-ua.com
1	ajax.cloudflare.com	ord-ua.com
33	20

This site contains links to these domains. Also see Links.

Domain
www.bigmir.net
www.liveinternet.ru
www.i.ua

Subject Issuer	Validity	Valid
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
www.google.de Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-12-19` - `2019-03-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://ord-ua.com/
Frame ID: DAD59C6E9934AAD1769976D65C8058D1
Requests: 27 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
Frame ID: 35CBAABA5E81230DDFD05BCE342C0D98
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js
Frame ID: 6DA33C6CFA6D6D4D1102D537C8D255EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/zrt_lookup.html
Frame ID: 83098A41EF40AAA559D2BCC6F290E9A3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Dff82e8e414792c%26domain%3Dord-ua.com%26origin%3Dhttp%253A%252F%252Ford-ua.com%252Ff785211d241ccc%26relation%3Dparent.parent&container_width=386&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259E%25D0%25A0%25D0%2594%2F129168560426531&locale=ru_RU&sdk=joey&show_border=false&show_faces=true
Frame ID: 1B211E029BB1BDBF50503DE9315C4A1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683376902797746&output=html&h=90&slotname=3684434855&adk=1343530153&adf=3936224573&w=845&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=845x90&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563512&bpp=14&bdt=547&fdt=74&idt=72&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=1050341200198&frm=20&pv=2&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=32810&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=166&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.xopp168ccam9&fsb=1&xpc=S65UFxHahd&p=http%3A//ord-ua.com&dtd=91
Frame ID: 128CCF61563E575F42E89248EB341D87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683376902797746&output=html&h=280&slotname=8895136696&adk=2986740942&adf=545360727&w=390&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=390x280&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563526&bpp=7&bdt=560&fdt=89&idt=58&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=845x90&correlator=1050341200198&frm=20&pv=1&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=163882&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.nd39o9lw7k7i&fsb=1&xpc=HtleCpgTUF&p=http%3A//ord-ua.com&dtd=92
Frame ID: 7E768E0ECA793ED3A82A4524FFD80DFA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

33
Requests

42 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

16
IPs

6
Countries

752 kB
Transfer

1289 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://www.i.ua/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 15

http://connect.facebook.net/ru_RU/all.js HTTP 307
https://connect.facebook.net/ru_RU/all.js

Request Chain 18

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1281818312&t=pageview&_s=1&dl=http%3A%2F%2Ford-ua.com%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%A0%D0%94%3A%20%D0%9F%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1628959686&gjid=691886856&cid=1819640463.1547997563&tid=UA-39913839-1&_gid=1141793439.1547997563&_r=1&z=1648060593 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1281818312&t=pageview&_s=1&dl=http%3A%2F%2Ford-ua.com%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%A0%D0%94%3A%20%D0%9F%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1628959686&gjid=691886856&cid=1819640463.1547997563&tid=UA-39913839-1&_gid=1141793439.1547997563&_r=1&z=1648060593 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_gid=1141793439.1547997563&gjid=691886856&_v=j72&z=1648060593 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593&slf_rd=1&random=2359366960

Request Chain 20

http://counter.yadro.ru/hit?t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148 HTTP 302
http://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
ord-ua.com/ 26 KB
9 KB 265ms
136ms Document
text/html 104.28.29.13
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.29.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: edada145ffa98eb89b62f6b9acce97a90cd351ce932c8d0eb0debbdf63489b15

Request headers

Host: ord-ua.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:22 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562; expires=Mon, 20-Jan-20 15:19:22 GMT; path=/; domain=.ord-ua.com; HttpOnly
Vary: Accept-Language, Cookie
Content-Language: en
Server: cloudflare
CF-RAY: 49c284dfb6d16a4f-LHR
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
ord-ua.com/static/ord/css/ 7 KB
2 KB 129ms
129ms Stylesheet
text/css 104.28.29.13
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://ord-ua.com/static/ord/css/main.css?201603111122
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.29.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c952f1eb59efa239dbc813c6a7764369915fc01b6e19996061b41a9860725384

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Cf-Bgj: minify
Server: cloudflare
Cf-Polished: origSize=10530
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 49c284e0971a6a4f-LHR
Expires: Tue, 19 Feb 2019 15:19:22 GMT

GET
H/1.1 200
OK logo.gif
ord-ua.com/static/img/ 1 KB
2 KB 222ms
105ms Image
image/gif 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/static/img/logo.gif
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c45c1ff03d2c15551948fec508be91e8e1e52662286d27faf03e2710684081

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e143da723b-AMS
Content-Length: 1457
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 11 KB
4 KB 11ms
9ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Requested by

Host: ord-ua.com
URL: http://ord-ua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 20 Jan 2019 15:19:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 17:37:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c3f6bce-2ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 49c284e09ab6bedf-FRA
expires: Tue, 22 Jan 2019 15:19:22 GMT

GET
H/1.1 200
OK klochko_771x517.jpg
media.sumy.ua/wp-content/uploads/2019/01/ 80 KB
80 KB 120ms
18ms Image
image/jpeg 5.255.68.228
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.sumy.ua/wp-content/uploads/2019/01/klochko_771x517.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 5.255.68.228 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: sv107.aiwebhost.com
Software: Apache /
Resource Hash: 75d9fe2e635fc4a5d776d51dbd83d0cc509384d68a8372736bfd4280ab6a3626

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
Last-Modified: Thu, 17 Jan 2019 17:28:23 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 81586

GET
H/1.1 200
OK medium_medium_atomstancc.jpg
ord-ua.com/media/uploads/2019/01/atomstancc_jpg_versions/medium_atomstancc_jpg_versions/ 12 KB
12 KB 225ms
109ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/atomstancc_jpg_versions/medium_atomstancc_jpg_versions/medium_medium_atomstancc.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95cb16fee1cb0bc26ee767a4d670881c0f562ee69cb73d9071af94bbd65e8daa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e14159724d-AMS
Content-Length: 12461
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK medium_IMG-20190117-WA0001.jpg
ord-ua.com/media/uploads/2019/01/img-20190117-wa0001_jpg_versions/ 70 KB
70 KB 232ms
115ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/img-20190117-wa0001_jpg_versions/medium_IMG-20190117-WA0001.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c814a5c12facc37a31eaf6aef1a4987cd2325fa807109e9835bcb381980d3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e141887247-AMS
Content-Length: 71842
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK medium_zykovmelnnnn_odt_42fa400e.jpg
ord-ua.com/media/uploads/2019/01/zykovmelnnnn_odt_42fa400e_jpg_versions/ 32 KB
32 KB 223ms
107ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/zykovmelnnnn_odt_42fa400e_jpg_versions/medium_zykovmelnnnn_odt_42fa400e.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c286fc169330f3bae3bd4ae471ea2052a87be041762e9b760be7391315a480d1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e141b47241-AMS
Content-Length: 32902
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK medium_big_dregergandzjukkk_html_316a402d.png
ord-ua.com/media/uploads/2019/01/dregergandzjukkk_html_316a402d_png_versions/big_dregergandzjukkk_html_316a402d_png_versions/ 114 KB
114 KB 255ms
127ms Image
image/png 104.28.29.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/dregergandzjukkk_html_316a402d_png_versions/big_dregergandzjukkk_html_316a402d_png_versions/medium_big_dregergandzjukkk_html_316a402d.png
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.29.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0443328bd36a8c1dffed846739045a48c221534eac3faf7cf9ac8f841b4310

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e167746a4f-LHR
Content-Length: 116286
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK 2220_771x517-37.jpg
person.org.ua/wp-content/uploads/2019/01/ 29 KB
29 KB 103ms
39ms Image
image/jpeg 195.16.88.12
WIBO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://person.org.ua/wp-content/uploads/2019/01/2220_771x517-37.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 195.16.88.12 , Czech Republic, ASN59939 (WIBO-AS, LT),
Reverse DNS: server10011.hostlife.net
Software: nginx/1.14.0 /
Resource Hash: d14f3d78fb2a8aa9e85f9e9f2cfcbcfae7c3d535d980ec35b9c5378657def260

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
Last-Modified: Sat, 12 Jan 2019 15:26:16 GMT
Server: nginx/1.14.0
ETag: "5c3a0718-73ec"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29676

GET
H/1.1 200
OK medium_shevchuk.jpg
ord-ua.com/media/uploads/2019/01/shevchuk_jpg_versions/ 15 KB
15 KB 145ms
134ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/shevchuk_jpg_versions/medium_shevchuk.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3b126c570b7a9e92886ab51ad7566db624c86acf4a054a3bf5cb7e16d54500f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e175246a9d-LHR
Content-Length: 15376
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK medium_medium_svjatporohhhh.jpg
ord-ua.com/media/uploads/2019/01/svjatporohhhh_jpg_versions/medium_svjatporohhhh_jpg_versions/ 34 KB
34 KB 110ms
109ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/svjatporohhhh_jpg_versions/medium_svjatporohhhh_jpg_versions/medium_medium_svjatporohhhh.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09dda626ca696ec86da60ace2f5e2e7ffaf46da1c43d6b47212b6e4aef126dcf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562; _ga=GA1.2.1819640463.1547997563; _gid=GA1.2.1141793439.1547997563; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e1f17f724d-AMS
Content-Length: 34955
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK medium_gubkozzzz.jpg
ord-ua.com/media/uploads/2019/01/gubkozzzz_jpg_versions/ 52 KB
52 KB 153ms
111ms Image
image/jpeg 104.28.28.13
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ord-ua.com/media/uploads/2019/01/gubkozzzz_jpg_versions/medium_gubkozzzz.jpg
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 104.28.28.13 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17f12a2451a4f6ec1b912a38203ccb5b0c7c494ad34dd79dbd34a228126bff3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: ord-ua.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://ord-ua.com/
Cookie: __cfduid=dd912364a217b028c32ce2c5dc4d8b7ba1547997562
Connection: keep-alive
Cache-Control: no-cache
Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
CF-Cache-Status: HIT
Server: cloudflare
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 49c284e1f3f0723b-AMS
Content-Length: 52803
Expires: Tue, 19 Feb 2019 15:19:23 GMT

GET
H/1.1 200
OK /
c.bigmir.net/ 1 KB
1 KB 129ms
40ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?v157497&s157497&t23
Requested by: Host: ord-ua.com
URL: http://ord-ua.com/
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 737b299c7e9496e2ba6879499a72b50e3149c0249417700e666a23c9abcad18a

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jan 2019 15:19:23 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.1/ 54 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.3.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 21 Dec 2018 05:45:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 2626405
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 19334
X-XSS-Protection: 1; mode=block
Expires: Sat, 21 Dec 2019 05:45:58 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

43 KB
17 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ord-ua.com
URL: http://ord-ua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Nov 2018 21:10:09 GMT
server: Golfe2
age: 1817
date: Sun, 20 Jan 2019 14:49:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17404
expires: Sun, 20 Jan 2019 16:49:06 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/all.js
https://connect.facebook.net/ru_RU/all.js

3 KB
3 KB

17ms
6ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js

Requested by

Host: ord-ua.com
URL: http://ord-ua.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

41b31aa26da42db039a838f256ab5ef2289197cb836de14043639617d1c39256

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iAcH755NPjcfrL8JMqsZCg==
status: 200
vary: Accept-Encoding
content-length: 1747
x-xss-protection: 0
x-fb-debug: 61EhpNIi6n8aS8FMMevPdnjG1Zf79Of1DRga06rfRJR2PTlYT+V+HTNeG6IrCptAOQQnJSMv2PTHFVSj7eH9KA==
x-fb-content-md5: 229d470ca3370ee6a3e0ae26954e480c
date: Sun, 20 Jan 2019 15:19:23 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "945bbdaeddc6af02d111d04a342efab7"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Sun, 20 Jan 2019 15:35:41 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/all.js#xfbml=1&status=0
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 79 KB
30 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b5bfea6af26707309cd12282a27d0eaad5c449181b46415d8d5992f735b2899e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 6750563100542434316
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 29818
X-XSS-Protection: 1; mode=block
Expires: Sun, 20 Jan 2019 15:19:23 GMT

GET
H2 200 all.js Show response
connect.facebook.net/ru_RU/ 170 KB
53 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/all.js?hash=7ab86a601e1d0a914b632a5d225e3377&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

06d40b5e57a90bc3e0e0fbc340b3218a2b505f75d1a9504e77fd6ed74145016a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jVbm2IoHzYvYGY2oZVTEgQ==
status: 200
vary: Accept-Encoding
content-length: 53888
x-xss-protection: 0
x-fb-debug: UQ9enruALVudhzxihk49pByP6mQga6qGghFkq5z4cW9rGQQswRceXN/7sJRcKvcebopxZmI68A0LuF49LN6U8A==
x-fb-content-md5: ea242a9d7009088c62a892fea96f22fa
date: Sun, 20 Jan 2019 15:19:23 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "48560d3dd8f68a262a16ca7544c6bf0e"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Mon, 20 Jan 2020 14:27:41 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j72&a=1281818312&t=pageview&_s=1&dl=http%3A%2F%2Ford-ua.com%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%A0%D0%94%3A%20%D0%9F%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0%...
https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1281818312&t=pageview&_s=1&dl=http%3A%2F%2Ford-ua.com%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%A0%D0%94%3A%20%D0%9F%D1%83%D0%B1%D0%BB%D0%B8%D0%BA%D0...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_gid=1141793439.1547997563&gjid=691886856&_v=j72&z=1648060593
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593&slf_rd=1&random=2359366960

42 B
109 B

18ms
17ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593&slf_rd=1&random=2359366960

Requested by

Host: ord-ua.com
URL: http://ord-ua.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Jan 2019 15:19:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Jan 2019 15:19:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39913839-1&cid=1819640463.1547997563&jid=1628959686&_v=j72&z=1648060593&slf_rd=1&random=2359366960
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j-GHT1gpo6-.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 35CB 0
0 28ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=7ab86a601e1d0a914b632a5d225e3377&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/j-GHT1gpo6-.js?version=43
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://ord-ua.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ord-ua.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 14 Jan 2020 21:35:29 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: G3Eq/9sONI9u3iNXbBco6LnDXzSgA+O3kiJIKlg/et/W1cE+NPM8H3FFsL5oDSigkr6USMyIDVxG5ZSQ4ikJoA==
content-length: 12076
date: Sun, 20 Jan 2019 15:19:23 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148
http://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148

244 B
613 B

53ms
53ms

Image
image/gif

88.212.201.207
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148
Protocol: HTTP/1.1
Server: 88.212.201.207 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host207.rax.ru
Software: 0W/0.8c /
Resource Hash: ce3af061a66fca92a0dd0dfb981eca0a3d81b99989a9e51744181cf0389d5f77

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jan 2019 15:19:23 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: Close
Content-Type: image/gif
Content-Length: 244
Expires: Fri, 19 Jan 2018 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Jan 2019 15:19:23 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: http://counter.yadro.ru/hit?q;t14.16;r;s1600*1200*24;uhttp%3A//ord-ua.com/;0.3625553176235148
Cache-control: no-cache
Content-Type: text/html
Content-Length: 32
Expires: Fri, 19 Jan 2018 21:00:00 GMT

GET
H/1.1 200
OK s
r.i.ua/ 777 B
1 KB 96ms
43ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://r.i.ua/s?u202108&p30&n0.6677745619983977&c1&d24&w1600&h1200&rord-ua.com/
Protocol: HTTP/1.1
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: a5b378a45430b3e9f37b0ddf0e5429736b70603a61a25bb1288830bafbb8d268

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 20 Jan 2019 15:19:23 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ord-ua.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 20 Jan 2019 15:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 19ms
19ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ord-ua.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 20 Jan 2019 15:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ 191 KB
71 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e7d95ea1007652be7201648fca8c26e1644de3d9d7c7b5e74da6dc672f8490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 12788114164006826820
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 72299
X-XSS-Protection: 1; mode=block
Expires: Sun, 20 Jan 2019 15:19:23 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/ Frame 6DA3 191 KB
71 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e7d95ea1007652be7201648fca8c26e1644de3d9d7c7b5e74da6dc672f8490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 20 Jan 2019 15:19:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 12788114164006826820
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 72299
X-XSS-Protection: 1; mode=block
Expires: Sun, 20 Jan 2019 15:19:23 GMT

GET
H2 200 ca-pub-5683376902797746.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
236 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5683376902797746.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 20 Jan 2019 04:15:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 19 Jan 2019 20:30:40 GMT
server: sffe
age: 39854
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Sun, 20 Jan 2019 16:15:09 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/ Frame 8309 0
0 9ms
6ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190114/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190114/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://ord-ua.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ord-ua.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 17 Jan 2019 18:15:11 GMT
expires: Thu, 31 Jan 2019 18:15:11 GMT
content-type: text/html; charset=UTF-8
etag: 14090563764879558401
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6959
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 248652
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 like_box.php
www.facebook.com/plugins/ Frame 1B21 0
0 332ms
314ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Dff82e8e414792c%26domain%3Dord-ua.com%26origin%3Dhttp%253A%252F%252Ford-ua.com%252Ff785211d241ccc%26relation%3Dparent.parent&container_width=386&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259E%25D0%25A0%25D0%2594%2F129168560426531&locale=ru_RU&sdk=joey&show_border=false&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=7ab86a601e1d0a914b632a5d225e3377&ua=modern_es6

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fj-GHT1gpo6-.js%3Fversion%3D43%23cb%3Dff82e8e414792c%26domain%3Dord-ua.com%26origin%3Dhttp%253A%252F%252Ford-ua.com%252Ff785211d241ccc%26relation%3Dparent.parent&container_width=386&header=true&href=https%3A%2F%2Fwww.facebook.com%2Fpages%2F%25D0%259E%25D0%25A0%25D0%2594%2F129168560426531&locale=ru_RU&sdk=joey&show_border=false&show_faces=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://ord-ua.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ord-ua.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: 3TtQH5RpTIE59G0jVt/XFdM/rfy71ftiZN3yxxg2Mcy3jHL0UhGm5CKBCccNbRsxpkDmr8Qvya+MaG11cXVfTA==
date: Sun, 20 Jan 2019 15:19:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 128C 0
0 204ms
203ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683376902797746&output=html&h=90&slotname=3684434855&adk=1343530153&adf=3936224573&w=845&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=845x90&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563512&bpp=14&bdt=547&fdt=74&idt=72&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=1050341200198&frm=20&pv=2&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=32810&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=166&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.xopp168ccam9&fsb=1&xpc=S65UFxHahd&p=http%3A//ord-ua.com&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12638665672057831743/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12638665672057831743/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6tkqfU_N8CFROC3godX8UIJg&gqi=e5FEXM25JZrXgAf3xaz4AQ&layout=/sadbundle/%24csp%253Der3%24/12638665672057831743/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5683376902797746&output=html&h=90&slotname=3684434855&adk=1343530153&adf=3936224573&w=845&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=845x90&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563512&bpp=14&bdt=547&fdt=74&idt=72&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&correlator=1050341200198&frm=20&pv=2&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=32810&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=166&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.xopp168ccam9&fsb=1&xpc=S65UFxHahd&p=http%3A//ord-ua.com&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://ord-ua.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ord-ua.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12638665672057831743/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12638665672057831743/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI6tkqfU_N8CFROC3godX8UIJg&gqi=e5FEXM25JZrXgAf3xaz4AQ&layout=/sadbundle/%24csp%253Der3%24/12638665672057831743/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 20 Jan 2019 15:19:23 GMT
server: cafe
content-length: 26778
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Jan-2019 15:34:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sun, 20 Jan 2019 15:19:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99ee9f2892285b8e23095c13dcffb7c1ea5cd9252f7908fc1d6961eb2e05a382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ord-ua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 20 Jan 2019 15:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jan 2019 14:29:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27977
x-xss-protection: 1; mode=block
expires: Sun, 20 Jan 2019 15:19:23 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7E76 0
0 219ms
218ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683376902797746&output=html&h=280&slotname=8895136696&adk=2986740942&adf=545360727&w=390&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=390x280&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563526&bpp=7&bdt=560&fdt=89&idt=58&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=845x90&correlator=1050341200198&frm=20&pv=1&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=163882&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.nd39o9lw7k7i&fsb=1&xpc=HtleCpgTUF&p=http%3A//ord-ua.com&dtd=92

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20190114/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5683376902797746&output=html&h=280&slotname=8895136696&adk=2986740942&adf=545360727&w=390&fwrn=4&fwrnh=100&lmt=1547997563&rafmt=1&guci=1.2.0.0.2.2.0.0&format=390x280&url=http%3A%2F%2Ford-ua.com%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1547997563526&bpp=7&bdt=560&fdt=89&idt=58&shv=r20190114&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=845x90&correlator=1050341200198&frm=20&pv=1&ga_vid=1819640463.1547997563&ga_sid=1547997564&ga_hid=1281818312&ga_fc=0&iag=0&icsg=163882&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1011&ady=113&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=2&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.nd39o9lw7k7i&fsb=1&xpc=HtleCpgTUF&p=http%3A//ord-ua.com&dtd=92
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://ord-ua.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://ord-ua.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 20 Jan 2019 15:19:23 GMT
server: cafe
content-length: 3101
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Jan-2019 15:34:23 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Sun, 20 Jan 2019 15:19:23 GMT
cache-control: private

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ord-ua.com/	1970-01-18 21:59:57	Name: _gat Value: 1
.ord-ua.com/	1970-01-18 22:01:23	Name: _gid Value: GA1.2.1141793439.1547997563
.ord-ua.com/	1970-01-19 15:31:09	Name: _ga Value: GA1.2.1819640463.1547997563
.ord-ua.com/	1970-01-19 06:45:33	Name: __cfduid Value: dd912364a217b028c32ce2c5dc4d8b7ba1547997562

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
c.bigmir.net
connect.facebook.net
counter.yadro.ru
googleads.g.doubleclick.net
media.sumy.ua
ord-ua.com
pagead2.googlesyndication.com
person.org.ua
r.i.ua
staticxx.facebook.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
104.28.28.13
104.28.29.13
193.239.68.97
195.16.88.12
2606:4700::6813:c397
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2002
2a00:1450:4001:820::2003
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9b
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
5.255.68.228
88.212.201.207
91.198.36.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06d40b5e57a90bc3e0e0fbc340b3218a2b505f75d1a9504e77fd6ed74145016a
09dda626ca696ec86da60ace2f5e2e7ffaf46da1c43d6b47212b6e4aef126dcf
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
41b31aa26da42db039a838f256ab5ef2289197cb836de14043639617d1c39256
61c45c1ff03d2c15551948fec508be91e8e1e52662286d27faf03e2710684081
737b299c7e9496e2ba6879499a72b50e3149c0249417700e666a23c9abcad18a
75d9fe2e635fc4a5d776d51dbd83d0cc509384d68a8372736bfd4280ab6a3626
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
95cb16fee1cb0bc26ee767a4d670881c0f562ee69cb73d9071af94bbd65e8daa
99ee9f2892285b8e23095c13dcffb7c1ea5cd9252f7908fc1d6961eb2e05a382
a5b378a45430b3e9f37b0ddf0e5429736b70603a61a25bb1288830bafbb8d268
b3b126c570b7a9e92886ab51ad7566db624c86acf4a054a3bf5cb7e16d54500f
b4c814a5c12facc37a31eaf6aef1a4987cd2325fa807109e9835bcb381980d3a
b5bfea6af26707309cd12282a27d0eaad5c449181b46415d8d5992f735b2899e
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
b7e7d95ea1007652be7201648fca8c26e1644de3d9d7c7b5e74da6dc672f8490
c17f12a2451a4f6ec1b912a38203ccb5b0c7c494ad34dd79dbd34a228126bff3
c286fc169330f3bae3bd4ae471ea2052a87be041762e9b760be7391315a480d1
c952f1eb59efa239dbc813c6a7764369915fc01b6e19996061b41a9860725384
cc0443328bd36a8c1dffed846739045a48c221534eac3faf7cf9ac8f841b4310
ce3af061a66fca92a0dd0dfb981eca0a3d81b99989a9e51744181cf0389d5f77
d14f3d78fb2a8aa9e85f9e9f2cfcbcfae7c3d535d980ec35b9c5378657def260
edada145ffa98eb89b62f6b9acce97a90cd351ce932c8d0eb0debbdf63489b15
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

ord-ua.com Open in urlscan Pro 104.28.29.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

33 Requests

42 %HTTPS

61 %IPv6

16 Domains

20 Subdomains

16 IPs

6 Countries

752 kBTransfer

1289 kBSize

4 Cookies

3 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ord-ua.com Open in urlscan Pro
104.28.29.13 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

42 %
HTTPS

61 %
IPv6

16
Domains

20
Subdomains

16
IPs

6
Countries

752 kB
Transfer

1289 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions