www1.promosafe.com.ua Open in urlscan Pro
91.218.212.22 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www1.promosafe.com.ua/
Submission: On September 12 via automatic, source certstream-suspicious (September 12th 2021, 3:49:43 am UTC) — Scanned from DE

Summary HTTP 76 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 76 HTTP transactions. The main IP is 91.218.212.22, located in Ukraine and belongs to QOS, UA. The main domain is www1.promosafe.com.ua.
TLS certificate: Issued by R3 on September 12th 2021. Valid for: 3 months.

This is the only time www1.promosafe.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	91.218.212.22 91.218.212.22	42352 (QOS) (QOS)
3	2a00:1450:400... 2a00:1450:400d:804::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
18	193.34.169.10 193.34.169.10	43896 (EVO) (EVO)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	193.34.169.17 193.34.169.17	43896 (EVO) (EVO)
1	2a03:2880:f00... 2a03:2880:f00c:19:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:303... 2606:4700:3030::6815:4b03	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	193.34.168.232 193.34.168.232	43896 (EVO) (EVO)
3	193.34.169.9 193.34.169.9	43896 (EVO) (EVO)
1	2606:4700:303... 2606:4700:3034::ac43:d194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	91.218.213.166 91.218.213.166	42352 (QOS) (QOS)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
76	21

16 91.218.212.22 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

www1.promosafe.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
callme2r.voip.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 193.34.169.10 (Ukraine)

ASN43896 (EVO, UA)
PTR: images.prom.ua

images.ua.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.169.17 (Ukraine)

ASN43896 (EVO, UA)
PTR: my.prom.ua

prom.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f00c:19:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:4b03 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.asky.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asky.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.34.168.232 (Ukraine)

ASN43896 (EVO, UA)

gotcha-server.evo.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.34.169.9 (Ukraine)

ASN43896 (EVO, UA)

uaprom-static.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:d194 (United States)

ASN13335 (CLOUDFLARENET, US)

asky.guru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.218.213.166 (Ukraine)

ASN42352 (QOS, UA)
PTR: unallocated.qos.kiev.ua

callme1r.voip.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	prom.st images.ua.prom.st uaprom-static.c.prom.st	250 KB
15	promosafe.com.ua www1.promosafe.com.ua	785 KB
7	voip.com.ua callme2r.voip.com.ua callme1r.voip.com.ua	46 KB
6	gstatic.com fonts.gstatic.com maps.gstatic.com Failed	159 KB
3	asky.guru widget.asky.guru asky.guru	28 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com maps.googleapis.com	145 KB
3	googletagmanager.com www.googletagmanager.com	128 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	google.com www.google.com	2 KB
2	evo.run gotcha-server.evo.run	296 B
1	google.de www.google.de	569 B
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	facebook.net connect.facebook.net	26 KB
1	prom.ua prom.ua	11 KB
1	trafmag.com t.trafmag.com	336 B
0	lirax.net Failed myprom.lirax.net Failed
76	17

	Domain	Requested by
18	images.ua.prom.st	www1.promosafe.com.ua
15	www1.promosafe.com.ua	www1.promosafe.com.ua
6	callme1r.voip.com.ua	callme2r.voip.com.ua callme1r.voip.com.ua
6	fonts.gstatic.com	fonts.googleapis.com
3	uaprom-static.c.prom.st	prom.ua
3	www.googletagmanager.com	www1.promosafe.com.ua www.googletagmanager.com
3	www.google-analytics.com	www1.promosafe.com.ua www.google-analytics.com www.googletagmanager.com
2	www.google.com	uaprom-static.c.prom.st www1.promosafe.com.ua
2	asky.guru	widget.asky.guru
2	gotcha-server.evo.run	www1.promosafe.com.ua
1	maps.googleapis.com	www.google.com
1	www.google.de	www1.promosafe.com.ua
1	ajax.googleapis.com	callme2r.voip.com.ua
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	callme2r.voip.com.ua	www1.promosafe.com.ua
1	widget.asky.guru	www1.promosafe.com.ua
1	connect.facebook.net	www1.promosafe.com.ua
1	prom.ua	www1.promosafe.com.ua
1	fonts.googleapis.com	www1.promosafe.com.ua
1	t.trafmag.com	www1.promosafe.com.ua
0	maps.gstatic.com Failed	www.google.com
0	myprom.lirax.net Failed	www1.promosafe.com.ua
76	23

This site contains links to these domains. Also see Links.

Domain
prom.ua
www.facebook.com
twitter.com
myprom.lirax.net

Subject Issuer	Validity	Valid
www1.promosafe.com.ua R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
images.ua.prom.st R3	`2021-07-18` - `2021-10-16`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
prom.ua R3	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.voip.com.ua R3	`2021-07-25` - `2021-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
evo.run R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
c.prom.st R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www1.promosafe.com.ua/
Frame ID: 130A78E79891366DB0451A7F15041FC7
Requests: 66 HTTP requests in this frame

Frame: https://myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/iframe.html
Frame ID: CCB4C491D75E467D9571AD7155C2461C
Requests: 1 HTTP requests in this frame

Frame: https://prom.ua/map/frame_map/5620360?mode=big
Frame ID: 299E1CC5718732A47F81368B61B61203
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/maps/embed/v1/place?key=AIzaSyCmb9n0w6qRawb0rASKDMc9xg-cMEDbz2c&q=50.01650476205393,36.22270242360236&language=ru&region=ua
Frame ID: 39CA6B7C9D9B7326D8D946B8A823B412
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

"Promosafe UA" - контакты, товары, услуги, цены

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

93 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1616 kB
Transfer

3751 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://prom.ua/

Search URL Search Domain Scan URL

URL: https://prom.ua/how_to_order?source_id=companysite.propaket
Title: Сравнить возможности действующих пакетов

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://www1.promosafe.com.ua/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Promosafe+UA+https%3A%2F%2Fwww1.promosafe.com.ua%2F+%23prom_ua

Search URL Search Domain Scan URL

URL: https://prom.ua/join-now?source_id=company-footer
Title: Сайт создан на платформе Prom.ua

Search URL Search Domain Scan URL

URL: https://myprom.lirax.net/report_abuse
Title: Пожаловаться на контент

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www1.promosafe.com.ua/ 176 KB
178 KB 6143ms
733ms Document
text/html 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL

https://www1.promosafe.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

91.218.212.22 , Ukraine, ASN42352 (QOS, UA),

Reverse DNS

unallocated.qos.kiev.ua

Software

nginx /

Resource Hash

b10bc9c820ce7f6f136e295b76a4dda272fc44670561a0ccb54ff303bda984a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www1.promosafe.com.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 179726
Connection: keep-alive
cache-control: no-cache
pragma: no-cache
set-cookie: cid=306028129339026697657657586587521296482; Max-Age=2592000; Path=/; expires=Tue, 12-Oct-2021 03:49:12 GMT user_tracker=1f8b10e78e610845111a6ca8601c5e0b7cb8c98d|91.218.212.22|2021-09-12; Domain=.prom.ua; Path=/ csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; Domain=www1.promosafe.com.ua; Max-Age=31449600; Path=/; expires=Sun, 11-Sep-2022 03:49:12 GMT; secure; SameSite=None auth=a0dcf3ae3743974ec3ce6ddff89f695257a28a49; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:13 GMT; secure; HttpOnly auth=a0dcf3ae3743974ec3ce6ddff89f695257a28a49; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:13 GMT; secure; HttpOnly; SameSite=None
referrer-policy: no-referrer-when-downgrade
link: </cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css>; rel=preload; as=style; nopush, </cloud-cgi/static/uaprom-static/css/ckeditor-hc28e38c0c895ceb7eb196ea1db4aa68bd.css>; rel=preload; as=style; nopush, </cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css>; rel=preload; as=style; nopush, </cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css>; rel=preload; as=style; nopush, </cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js>; rel=preload; as=script; nopush, </cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js>; rel=preload; as=script; nopush, </cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_old_wp_companysite_vendor_old_2fc40a515e3eae6d1b81.js>; rel=preload; as=script; nopush, </cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js>; rel=preload; as=script; nopush
Strict-Transport-Security: max-age=31536000; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Request-ID: f4018309-72b2-4c02-9f66-5abf601618a0
Set-Cookie: evoauth=w4b146f60469e41ac9eb65e9682822361; Domain=www1.promosafe.com.ua; HttpOnly; Max-Age=31536000; Path=/; SameSite=None; Secure

GET
H/1.1 200
OK member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/ 129 KB
24 KB 220ms
77ms Stylesheet
text/css 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: e0c38c0085132829e7babe43615dd4a95303ccc60f855de99694344496d2d870

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx00000000000000182e29d-00611261ce-9df5ad2-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 23482
X-CDN-RURI: /css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css http_x_cdn_ruri
Last-Modified: Mon, 09 Aug 2021 11:18:27 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Servant: habu misam
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET ckeditor-hc28e38c0c895ceb7eb196ea1db4aa68bd.css
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/ 0
0

GET
H/1.1 200
OK wp_companysite_7a0f8eb4b93237a8bd9a.css
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/ 357 KB
45 KB 354ms
157ms Stylesheet
text/css 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: b3450a8d4d857d9ea2a871a4033f9f3538361b35f21f3cf0bb4869a1c4246fa7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx0000000000000003179e3-006130c7d3-d6abc79-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 44446
X-CDN-RURI: /js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css http_x_cdn_ruri
Last-Modified: Wed, 01 Sep 2021 03:12:04 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
X-Servant: nginx-cache-02 eunomia
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_7a0f8eb4b93237a8bd9a.css
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK default-c507bf74b065b252a4eb457231807a44.css
www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/ 127 KB
128 KB 261ms
64ms Stylesheet
text/css 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ba7edf4380502c106cdcd8b0c0dc335846e5c059aebe7b9958108d4c46ac002a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
X-Cache-Key: cdnuaprom-uc.c.prom.st/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
X-Cache-Status: HIT MISS
x-envoy-upstream-service-time: 394
X-UC-New: true
Connection: keep-alive
Content-Length: 0000129966
X-CDN-RURI: /production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css http_x_cdn_ruri
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
X-URI1: uaprom-uc.c.prom.st/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
Access-Control-Allow-Origin: *
X-Servant: himehabu altair
x-minion-role: target
Content-Type: text/css
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-minion-expiration: Sat, 11 Sep 2021 15:20:01 GMT

GET
H/1.1 200
OK wp_companysite_runtime_4ed680b972240dc95c26.js Show response
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/ 6 KB
3 KB 252ms
52ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2e47ade2685931a5648bf376af828c4b7fdb07ef1debe1c35380b823d9d15193

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx0000000000000004fa60c-006139f80b-d9aed11-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js
X-Cache-Status: MISS MISS HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 2079
X-CDN-RURI: /js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js http_x_cdn_ruri
Last-Modified: Wed, 08 Sep 2021 03:09:42 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Servant: lancehead callisto
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_runtime_4ed680b972240dc95c26.js
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js Show response
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/ 439 KB
143 KB 276ms
56ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: a66b67255c0477ca3b84496e1d65042bfcb6fa0ba5d414e42f1633461853c62d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx000000000000000077a8d-00611e654c-d9aed11-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 145557
X-CDN-RURI: /js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js http_x_cdn_ruri
Last-Modified: Wed, 18 Aug 2021 03:16:45 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Servant: lancehead misam
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_vendor_wp_companysite_vendor_291a85bdc302259818c9.js
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET wp_companysite_vendor_old_wp_companysite_vendor_old_2fc40a515e3eae6d1b81.js
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/ 0
0

GET
H/1.1 200
OK wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js Show response
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/ 444 KB
129 KB 744ms
459ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 7c232f60c4cff389420b7b5fae8fd23e435e2d3986506cc3a20e78c613338899

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx00000000000000040715e-0061374330-d6abc79-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js
X-Cache-Status: MISS MISS HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 130947
X-CDN-RURI: /js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js http_x_cdn_ruri
Last-Modified: Mon, 06 Sep 2021 03:12:26 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Servant: ferdelance callisto
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_wp_companysite_7c67d3aac53dc831c3bc.js
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK adv_teasers.js Show response
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/ 20 B
1 KB 43ms
43ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js?rev=35c238ecb88547ae69d0c85c5c2b724c13b51759
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:13 GMT
Content-Encoding: gzip
x-amz-request-id: tx00000000000000001605a-005fb41f80-1a02d94-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/js/adv_teasers.js?rev=9afb09609ba60eed7a30f9d0f020fe0775d3bea2 cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/adv_teasers.js?rev=35c238ecb88547ae69d0c85c5c2b724c13b51759
X-Cache-Status: EXPIRED EXPIRED HIT
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
X-Cache-Source: local
Content-Length: 40
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Fri, 13 Nov 2020 11:24:18 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Servant: whiptails callisto
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/js/adv_teasers.js
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 5091ms
20ms Script
text/javascript 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 532
date: Sun, 12 Sep 2021 03:40:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 12 Sep 2021 05:40:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 5112ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T7S2G9Q21Q

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8237221e3a98be5f6d6a1e2f0f6d6894b9e8e96f638a1f7f05a4374feac61d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51682
x-xss-protection: 0
expires: Sun, 12 Sep 2021 03:49:23 GMT

GET
H/1.1 200
OK gotcha-min.js Show response
www1.promosafe.com.ua/cloud-cgi/static/gotcha/ 3 KB
2 KB 40ms
39ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/gotcha/gotcha-min.js
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ef5ffca7f773e80ab3d6982b6771e2d196d5ee76c26867d69a28d5770b01b4eb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
Content-Encoding: gzip
x-amz-request-id: tx0000000000000003f8a8b-0061363929-d9f8474-openstack-1
X-Cache-Key: cdngotcha.c.prom.st/gotcha-min.js cwww1.promosafe.com.ua/cloud-cgi/static/gotcha/gotcha-min.js
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 1302
X-CDN-RURI: /gotcha-min.js http_x_cdn_ruri
Last-Modified: Wed, 02 Jun 2021 15:43:33 GMT
Server: nginx
Cache-Control: public,max-age=259200
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Servant: habu callisto
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: gotcha.c.prom.st//gotcha-min.js
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK solve.js Show response
www1.promosafe.com.ua/cloud-cgi/static/power/ 34 KB
12 KB 43ms
40ms Script
application/javascript 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/power/solve.js
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
Content-Encoding: gzip
X-Cache-Key: cdnpower.c.prom.st/solve.js cwww1.promosafe.com.ua/cloud-cgi/static/power/solve.js
X-Cache-Status: HIT HIT HIT
X-Cache-Source: local
Connection: keep-alive
Content-Length: 11492
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Fri, 23 Aug 2019 15:27:56 GMT
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
X-URI1: power.c.prom.st//solve.js
Access-Control-Allow-Origin: *
X-Servant: habu eunomia
Cache-Control: public,max-age=31536000,immutable
X-Cache-Type: main
Content-Type: application/javascript
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 5121ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-127989488

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b2ebc4acf8bbcf9194659b04e041c92b27886fd0087ceb0b135448262a50c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39234
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Sep 2021 03:49:23 GMT

GET bare.js
myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/ 0
0

GET
H/1.1 200
OK logo-small-white-hc8838ea476b97e8179c0578788a9c93bf.png
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/portal/UA/ 603 B
2 KB 41ms
39ms Image
image/png 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/portal/UA/logo-small-white-hc8838ea476b97e8179c0578788a9c93bf.png
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 618860d4bd6460891ba2c4b849047a7ca62297a50066baeb5eaccff3237c2cc7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
x-amz-request-id: tx0000000000000006edfa0-005fca75da-202a85e-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/image/portal/UA/logo-small-white-hc8838ea476b97e8179c0578788a9c93bf.png cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/portal/UA/logo-small-white-hc8838ea476b97e8179c0578788a9c93bf.png
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
X-Cache-Source: local
Content-Length: 603
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Fri, 13 Nov 2020 11:26:08 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Servant: lancehead altair
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/image/portal/UA/logo-small-white-hc8838ea476b97e8179c0578788a9c93bf.png
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 2221629253_w200_h80_spetsodyag-ta-bezpeka.jpg
images.ua.prom.st/ 3 KB
3 KB 5331ms
35ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2221629253_w200_h80_spetsodyag-ta-bezpeka.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 445778ed5c44628cd8dc739a2ab46384e37bbb47ff4187b0cc6c918e3fc8361b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 102
x-image-meta: 9a0557e197f3a2673806c172f0e81bb919baa5c3_1
content-length: 2898

GET
H2 200 1557679485_1557679485.jpg
images.ua.prom.st/ 2 KB
2 KB 5331ms
36ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557679485_1557679485.jpg?PIMAGE_ID=1557679485
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 60723e562d58cdea2dff44049c61a59a914e6295f69cdfcc23db9ab4c4427418

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 30
x-image-meta: 838bdde7060d17a03dbbdca7734dc98e91869e8f_11
content-length: 2202

GET
H2 200 1557680868_1557680868.jpg
images.ua.prom.st/ 2 KB
2 KB 5429ms
134ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557680868_1557680868.jpg?PIMAGE_ID=1557680868
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 48d407920b3a4255b845abaa2153058e05fad03a611316bfea81a6b320438cb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 75
x-image-meta: 6a97dd3f3b4c905ad98cd7c468d4954ee420c8e1_11
content-length: 1768

GET
H2 200 1557682853_1557682853.jpg
images.ua.prom.st/ 2 KB
3 KB 5392ms
136ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557682853_1557682853.jpg?PIMAGE_ID=1557682853
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: fb1b1af32aa3899e4e830b42d2dcd54d82be0a116127b3c98b816330c8a8e577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 18
x-image-meta: cf67d3fbe71a38d79f6de831ae6155b6249bd6cb_11
content-length: 2367

GET
H2 200 1557683978_1557683978.jpg
images.ua.prom.st/ 3 KB
3 KB 5319ms
65ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557683978_1557683978.jpg?PIMAGE_ID=1557683978
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: d9758226ccc9e70a62c60b981ddd51bcf2a30b16a4cd64e872c4ec48dfb5bcfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 20
x-image-meta: fd45ba9f5a4847b9fd8a7a5ceccbe4428b3a1899_11
content-length: 2683

GET
H2 200 1557675072_1557675072.jpg
images.ua.prom.st/ 2 KB
2 KB 5317ms
65ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557675072_1557675072.jpg?PIMAGE_ID=1557675072
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: a67d5584966c417756ee534968a69dbf60232d0ee2897857322785dd3c9240be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 17
x-image-meta: 635f2fdc3414f86a46317ae71be18291b72684ed_11
content-length: 2029

GET
H2 200 1557675480_1557675480.jpg
images.ua.prom.st/ 1 KB
2 KB 36ms
35ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557675480_1557675480.jpg?PIMAGE_ID=1557675480
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: b8681c2583f88687255cf2345388369be51c36f5474b55c78070b6480b3a8795

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 51
x-image-meta: 18ca49f874eb86877dd3389de298630ce4fa8b8b_11
content-length: 1359

GET
H2 200 1557677180_1557677180.jpg
images.ua.prom.st/ 2 KB
3 KB 37ms
36ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557677180_1557677180.jpg?PIMAGE_ID=1557677180
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 6d844ab2bd54a74de6b4238feaf5bf7d60cdf2573d1bb5d39d5509b80aa880d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 70
x-image-meta: a6e3b1835437920941c3a782f6f14b30ffe8ed66_11
content-length: 2376

GET
H2 200 1557677399_1557677399.jpg
images.ua.prom.st/ 2 KB
2 KB 139ms
138ms Image
image/jpeg 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/1557677399_1557677399.jpg?PIMAGE_ID=1557677399
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 42e797a55ac3ac02c784b7ef2382320a0c198e41cbaa938a77ef587150917726

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/jpeg
x-image-source: Watermarked original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 138
x-image-meta: 8572dba25c5fdc2c21596efdb12d0f9b33cb37e9_11
content-length: 1874

GET
H/1.1 200
OK facebook_ico-hcc8afd1f95bd6658a62e806ffffbc2e91.png
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/ 1 KB
2 KB 45ms
45ms Image
image/png 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/facebook_ico-hcc8afd1f95bd6658a62e806ffffbc2e91.png
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 2a3d0807499ca307f92f3edbf14c6f351db4943b983db7899ae81186a8f3985c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
x-amz-request-id: tx0000000000000006f0704-005fca75d2-202a855-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/image/icon/facebook_ico-hcc8afd1f95bd6658a62e806ffffbc2e91.png cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/facebook_ico-hcc8afd1f95bd6658a62e806ffffbc2e91.png
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
X-Cache-Source: local
Content-Length: 1245
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Fri, 13 Nov 2020 11:24:43 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Servant: himehabu altair
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/image/icon/facebook_ico-hcc8afd1f95bd6658a62e806ffffbc2e91.png
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H/1.1 200
OK twitter_ico-hc98ec350abb8e97c32854bd38950d7b41.png
www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/ 1 KB
2 KB 37ms
37ms Image
image/png 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/twitter_ico-hc98ec350abb8e97c32854bd38950d7b41.png
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 65723da634e8f956383ab1904941bf9a3c0419765defa46512a5b7064f4ca085

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www1.promosafe.com.ua/
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
x-amz-request-id: tx0000000000000006472ea-005fc8b86e-202a85e-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/image/icon/twitter_ico-hc98ec350abb8e97c32854bd38950d7b41.png cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-static/image/icon/twitter_ico-hc98ec350abb8e97c32854bd38950d7b41.png
X-Cache-Status: HIT HIT HIT
X-Amz-Storage-Class: STANDARD
Connection: keep-alive
X-Cache-Source: local
Content-Length: 1251
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Fri, 13 Nov 2020 11:24:43 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Servant: whiptails altair
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/image/icon/twitter_ico-hc98ec350abb8e97c32854bd38950d7b41.png
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 tracking.js Show response
t.trafmag.com/ 31 B
336 B 5066ms
22ms Script
text/javascript 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://t.trafmag.com/tracking.js?c=promua&ref=https://www1.promosafe.com.ua/
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: e22081f44b77a40a0477079ca47fdb3266af5b299f4be71fefab789b462dfdf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Sun, 12 Sep 2021 03:49:23 GMT
server: nginx
p3p: CP="NON DSP COR CURa TIA"
cache-control: no-cache
content-type: text/javascript; charset=utf-8;
content-length: 31
expires: Sun, 31 Jan 2017 17:17:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 5045ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5bc80201d208f16bc81a2fafacab9b99503d04afe96b8f2524e9ae6768ccb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 03:49:18 GMT
server: ESF
date: Sun, 12 Sep 2021 03:49:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Sep 2021 03:49:18 GMT

GET iframe.html
myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/ Frame CCB4 0
0

GET
H/1.1 200
OK site-hc5cb3a5e101d5f67168a8d74dac3829fa.png
www1.promosafe.com.ua/image/png_sprites/ 83 KB
84 KB 61ms
61ms Image
image/png 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www1.promosafe.com.ua/image/png_sprites/site-hc5cb3a5e101d5f67168a8d74dac3829fa.png
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: 52d0b9e1f1bb01e1e92d9a9b892edec42bfc91b63a8736202ab715766680c1ff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/member_common-hc7df5914e95b0c75898c3e27fe75ced72.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
x-amz-request-id: tx0000000000000006b4c6f-0060c702a5-85d6ae2-openstack-1
X-Cache-Key: cdnuaprom-static.c.prom.st/image/png_sprites/site-hc5cb3a5e101d5f67168a8d74dac3829fa.png cwww1.promosafe.com.ua/image/png_sprites/site-hc5cb3a5e101d5f67168a8d74dac3829fa.png
X-Cache-Status: MISS MISS HIT
X-Amz-Storage-Class: STANDARD
X-Trouble: IAMHERE
Connection: keep-alive
X-Cache-Source: local
Content-Length: 84854
X-CDN-RURI: http_x_cdn_ruri
Last-Modified: Mon, 14 Jun 2021 03:04:49 GMT
Server: nginx
Cache-Control: public,max-age=31536000,immutable
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Servant: whiptails eunomia
x-rgw-object-type: Normal
X-Cache-Type: main
X-URI1: uaprom-static.c.prom.st/image/png_sprites/site-hc5cb3a5e101d5f67168a8d74dac3829fa.png
set-cookie: auth=2a3242ee03131d3a8fa89dcdeb553010cc64fdec; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:18 GMT; secure; HttpOnly auth=2a3242ee03131d3a8fa89dcdeb553010cc64fdec; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:18 GMT; secure; HttpOnly; SameSite=None
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 5081ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 19:24:37 GMT
x-content-type-options: nosniff
age: 289486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 19:24:37 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2
fonts.gstatic.com/s/ubuntu/v15/ 18 KB
18 KB 5084ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjtGyNL4U.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b18e9aef52e9405612bd233a8053fd0ddf9f9ce93114050fe5679dd139b1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 21:54:59 GMT
x-content-type-options: nosniff
age: 280464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18160
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 21:54:59 GMT

GET
H/1.1 200
OK glyphs.woff
www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/fonts/ 27 KB
28 KB 49ms
48ms Font
font/woff 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/fonts/glyphs.woff?4cca8662399f56eb99bbb67f1053ad63
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: nginx /
Resource Hash: ce87eb02217333e96c0cce767743d998386733cfc39bf3086fc16ef360756141

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www1.promosafe.com.ua
Accept-Encoding: gzip, deflate, br
Host: www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
Cookie: cid=306028129339026697657657586587521296482; csrf_token_company_site=0fb5c07bf7e8497fa9b6029ded26c657; evoauth=w4b146f60469e41ac9eb65e9682822361
Connection: keep-alive
Referer: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/css/default-c507bf74b065b252a4eb457231807a44.css
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:18 GMT
X-Cache-Key: cdnuaprom-uc.c.prom.st/production/design_template/993/fonts/glyphs.woff cwww1.promosafe.com.ua/cloud-cgi/static/uaprom-uc/production/design_template/993/fonts/glyphs.woff?4cca8662399f56eb99bbb67f1053ad63
X-Cache-Status: HIT MISS
x-envoy-upstream-service-time: 262
X-UC-New: true
Connection: keep-alive
Content-Length: 0000027364
X-CDN-RURI: /production/design_template/993/fonts/glyphs.woff http_x_cdn_ruri
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
X-URI1: uaprom-uc.c.prom.st/production/design_template/993/fonts/glyphs.woff
Access-Control-Allow-Origin: *
X-Servant: sidewinder misam
x-minion-role: target
Content-Type: font/woff
Access-Control-Allow-Headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-minion-expiration: Sat, 11 Sep 2021 07:45:28 GMT

GET
H2 200 4iCu6KVjbNBYlgoKej7wl0mwFg.woff2
fonts.gstatic.com/s/ubuntu/v15/ 23 KB
23 KB 5087ms
18ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCu6KVjbNBYlgoKej7wl0mwFg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c3737389977992b4f03a51a8c509c3bcdb4516e142436ec84270789d784aa16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:37:52 GMT
x-content-type-options: nosniff
age: 565891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23740
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:37:52 GMT

GET
H2 200 4iCs6KVjbNBYlgoKew72j00.woff2
fonts.gstatic.com/s/ubuntu/v15/ 20 KB
20 KB 5086ms
20ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKew72j00.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a15a8ff176120e1c703611f2ae7ae419a041205bad18ce4f6864b95aa6f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 07:02:39 GMT
x-content-type-options: nosniff
age: 74804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20816
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 07:02:39 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 5075ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:44:55 GMT
x-content-type-options: nosniff
age: 439468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 01:44:55 GMT

GET
H2 200 4iCu6KVjbNBYlgoKej70l0k.woff2
fonts.gstatic.com/s/ubuntu/v15/ 35 KB
35 KB 5073ms
23ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCu6KVjbNBYlgoKej70l0k.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,400i,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4f396a8aaf313e0798f971317151c0716b476f90b8fe539280a094efd420157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:17:00 GMT
x-content-type-options: nosniff
age: 441143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35832
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 01:17:00 GMT

GET
H2 200 5620360 Show response
prom.ua/map/frame_map/ Frame 299E 26 KB
11 KB 5245ms
73ms Document
text/html 193.34.169.17
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://prom.ua/map/frame_map/5620360?mode=big

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.169.17 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

my.prom.ua

Software

nginx /

Resource Hash

eaa1ef2a0c1c3c4ec08cfcd50ebbc87d4b2cec33b5b08310a5b6a0e8419c477e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: prom.ua
:scheme: https
:path: /map/frame_map/5620360?mode=big
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www1.promosafe.com.ua/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/

Response headers

server: nginx
date: Sun, 12 Sep 2021 03:49:23 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
pragma: no-cache
set-cookie: ext_referer=aHR0cHM6Ly93d3cxLnByb21vc2FmZS5jb20udWEv; Domain=.prom.ua; Path=/ cid=313884696911594645553462574630696468581; Domain=.prom.ua; Max-Age=2592000; Path=/; expires=Tue, 12-Oct-2021 03:49:23 GMT user_tracker=d350dc56f84f935704f6a55598221a1eb47c41ce|136.243.198.86|2021-09-12; Domain=.prom.ua; Path=/ csrf_token=6f8eb11e14ec4e269c3437f13ca762ca; Domain=.prom.ua; Max-Age=31449600; Path=/; expires=Sun, 11-Sep-2022 03:49:23 GMT; secure; SameSite=None auth=03acf3eedcc1791b0b94f9bf0083621ce1129d5f; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:23 GMT; secure; HttpOnly auth=03acf3eedcc1791b0b94f9bf0083621ce1129d5f; Domain=.prom.ua; Max-Age=31536000; Path=/; expires=Mon, 12-Sep-2022 03:49:23 GMT; secure; HttpOnly; SameSite=None utmsrc=; Domain=.prom.ua; Max-Age=2592000; Path=/; Secure utmcmpg=; Domain=.prom.ua; Max-Age=2592000; Path=/; Secure utmmdm=; Domain=.prom.ua; Max-Age=2592000; Path=/; Secure evoauth=wffbbaa59362b42c796d0a8814141b198; Domain=prom.ua; HttpOnly; Max-Age=31536000; Path=/; SameSite=None; Secure
referrer-policy: no-referrer-when-downgrade
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-request-id: c87fff14-25a5-46ed-bcac-a531807c50a0
content-encoding: gzip

GET
H2 200 2177236937_w325_h250_kostyum-rabochij-vinner.jpg
images.ua.prom.st/ 16 KB
16 KB 139ms
138ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2177236937_w325_h250_kostyum-rabochij-vinner.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 6e24bb29cfed6c45104aaaf4e5287b156e5695b6cc902e0a5a64810bf1ca2221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 89
x-image-meta: e0dda9888b23bc214c6986ef415327499991fc97_0
content-length: 15888

GET
H2 200 2761719886_w325_h250_botinki-zaschitnye-raven.jpg
images.ua.prom.st/ 16 KB
16 KB 71ms
69ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2761719886_w325_h250_botinki-zaschitnye-raven.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: ee075a55ccaa386be54cb8817e27396e81bfe1b3daa4999a829f06858cbe126f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 50
x-image-meta: 040cedc83b05aa252b28169a5f3ef74ba1e925e3_0
content-length: 16606

GET
H2 200 2509014118_w325_h250_kostyum-universalnyj-personal.jpg
images.ua.prom.st/ 4 KB
4 KB 72ms
70ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2509014118_w325_h250_kostyum-universalnyj-personal.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: fee68cafa62e01be53ee54d583cbc04947321e12630d599258a6f29ee2f990ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 27
x-image-meta: d29c0eae8f62505b0299993672bd540b014855a3_0
content-length: 4128

GET
H2 200 2845046496_w325_h250_botinki-zaschitnye-bctitan-t.jpg
images.ua.prom.st/ 13 KB
13 KB 70ms
69ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2845046496_w325_h250_botinki-zaschitnye-bctitan-t.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 3d71cf8dc1cecdd75cee08bae4d565e2a1828996ce0a11a3e939990539c3f887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 50
x-image-meta: 12472cba19331d06a35f77fd69e35d89856872ed_0
content-length: 13052

GET
H2 200 2937702852_w325_h250_kostyum-rabochij-tornado.jpg
images.ua.prom.st/ 7 KB
8 KB 37ms
36ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2937702852_w325_h250_kostyum-rabochij-tornado.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 8248952c3899c181021efe302125b3cfc7edeb87920616672c0d2fd048009373

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 35
x-image-meta: 1dd339f19cad95b182f1a48fa129e1324f87cba4_0
content-length: 7672

GET
H2 200 2931719787_w325_h250_kostyum-rabochij-ekspert.jpg
images.ua.prom.st/ 5 KB
5 KB 138ms
137ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2931719787_w325_h250_kostyum-rabochij-ekspert.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 377945eefb57a0b9be45ee385665696e7f4188f15dbeaaf71519eafdf82917df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 40
x-image-meta: e3482e0e8636761854494c6ad0613569d203b2bc_0
content-length: 5202

GET
H2 200 2397173281_w325_h250_krossovki-zaschitnye-street.jpg
images.ua.prom.st/ 10 KB
10 KB 37ms
36ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2397173281_w325_h250_krossovki-zaschitnye-street.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 841e20668de1be512712ed84eef945014ffe6b5cbf245b999b745ec463c60780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 31
x-image-meta: 139e3c1561964ac134d01b0bab79261c4c79bc12_0
content-length: 10440

GET
H2 200 2648871501_w325_h250_kostyum-rabochij-talaj.jpg
images.ua.prom.st/ 4 KB
4 KB 138ms
137ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/2648871501_w325_h250_kostyum-rabochij-talaj.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: 1bd952fabf7140f518524c9842425fca9f2bfdc79c8b766ecb44653f1bde07ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 51
x-image-meta: 8349315468e58387ddee83e0608eefc4881c04ed_0
content-length: 3972

GET
H2 200 3219813248_w325_h250_polukombinezon-rabochij-universalnyj.jpg
images.ua.prom.st/ 4 KB
4 KB 72ms
71ms Image
image/webp 193.34.169.10
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ua.prom.st/3219813248_w325_h250_polukombinezon-rabochij-universalnyj.jpg
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.10 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.prom.ua
Software: nginx /
Resource Hash: ba1d4cea0249562a4ecc4440a590f26556f4b9b25df53ae6ea27f88674174311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
last-modified: Fri, 21 Feb 2014 08:24:20 GMT
server: nginx
etag: "CacheForever"
content-type: image/webp
x-image-source: Resized original: local
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 87
x-image-meta: e8df05ef2a06150a25bca4f42b510d9cba29a11c_0
content-length: 4158

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 5521ms
170ms Script
application/x-javascript 2a03:2880:f00c:19:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:19:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: D1t8NA9z4A0EjzxMKEQH9wL+rIbh26PnrEAlFn3xu+w45IdVk4+f6QkGOnytv2V2SeTpMzxkbkb/Kci3MgJJyA==
x-fb-trip-id: 548340344
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 12 Sep 2021 03:49:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 askyguru.js Show response
widget.asky.guru/ 82 KB
27 KB 5156ms
34ms Script
application/javascript 2606:4700:3030::6815:4b03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.asky.guru/askyguru.js
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe4d1da510bc5eb8f34a416d4f2d04e4204279c59ff3a990d613f8cc7f8ea0b

Request headers

Referer: https://www1.promosafe.com.ua/
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-goog-hash: crc32c=pNdJkQ==, md5=MHD5b7u6XKYUyoXtbjuaAg==
date: Sun, 12 Sep 2021 03:49:28 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtwv3H727WwThafEfRyyCjYwsuEItGzOGR1DnutXsKM0H0vTHZ4Xy89w71yw5QRNW5iyj_ahqZ-xGop2oquBBxrr3vQBA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26579
last-modified: Wed, 06 Jan 2021 12:15:17 GMT
server: cloudflare
etag: "3070f96fbbba5ca614ca85ed6e3b9a02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYc70tRJjl0ySCmvhD0vyGKVxZ%2FvRvSYboNh3gL6ghbGERAGhTg%2Bd9iVHKlIcSLUShMnIb6kVV05uxWU16bYGDPZljUkfj%2BFg%2FMx9NcT5adrJBT7y85VeLuejht2WurJvGtsGQadOBuMz%2BfYY5Sa"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1609935317322885
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=86400, no-transform
x-goog-stored-content-length: 26579
accept-ranges: bytes
cf-ray: 68d62a86990e16ee-FRA
expires: Mon, 12 Sep 2022 03:22:29 GMT

GET
H/1.1 200
OK 4f6fef691c84e6316ceb456c4736cbaf Show response
callme2r.voip.com.ua/lirawidget/script/ 33 KB
9 KB 5683ms
134ms Script
text/html 91.218.212.22
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.212.22 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c2a9fc12afb1f4c691d5e70094972127b263103f4145028c7bc2393fd750040f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:29 GMT
Content-Encoding: gzip
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 9217

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 42ms
42ms XHR
text/plain 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1045133419&t=pageview&_s=1&dl=https%3A%2F%2Fwww1.promosafe.com.ua%2F&ul=en-us&de=UTF-8&dt=%22Promosafe%20UA%22%20-%20%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D1%8B%2C%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%2C%20%D1%86%D0%B5%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2144071504&gjid=1966540393&cid=1816210613.1631418559&tid=UA-186174491-2&_gid=1743084755.1631418559&_r=1&_slc=1&z=707220560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www1.promosafe.com.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www1.promosafe.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 41ms
41ms Ping
text/plain 2a00:1450:400d:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-T7S2G9Q21Q&gtm=2oe910&_p=1045133419&sr=1600x1200&ul=en-us&cid=1816210613.1631418559&_s=1&dl=https%3A%2F%2Fwww1.promosafe.com.ua%2F&dt=%22Promosafe%20UA%22%20-%20%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D1%8B%2C%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%2C%20%D1%86%D0%B5%D0%BD%D1%8B&sid=1631418563&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7S2G9Q21Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.promosafe.com.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www1.promosafe.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-127989488&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T7S2G9Q21Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8234343fe5a5834eebbbf8d8bcff3d749d05b37051ba26f9fb524606321e1d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39231
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Sep 2021 03:49:23 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 5078ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-127989488

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
server: cafe
etag: 8182713160943572198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 12 Sep 2021 03:49:28 GMT

OPTIONS
H2 204 log
gotcha-server.evo.run/ Frame 0
0 5200ms
37ms Preflight 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Protocol: H2
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id
Origin: https://www1.promosafe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sun, 12 Sep 2021 03:49:28 GMT
access-control-allow-origin: https://www1.promosafe.com.ua
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id
x-envoy-upstream-service-time: 0

POST
H2 204 log Show response
gotcha-server.evo.run/ 0
296 B 52ms
52ms XHR
text/plain 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://gotcha-server.evo.run/log
Requested by: Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/gotcha/gotcha-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.34.168.232 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www1.promosafe.com.ua/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
X-Request-ID: f4018309-72b2-4c02-9f66-5abf601618a0
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 12 Sep 2021 03:49:28 GMT
server: nginx
access-control-max-age: 600
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-origin: https://www1.promosafe.com.ua
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: X-CSRFToken,X-PromUserID,Content-Type,X-Requested-With,X-Image-Hashes,X-Debug-Key,x-request-id

GET
H2 200 wp_companysite_map_runtime_666ec2fbba628226a1a0.js Show response
uaprom-static.c.prom.st/js/build/vas-site/ Frame 299E 1 KB
1 KB 5184ms
34ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_map_runtime_666ec2fbba628226a1a0.js
Requested by: Host: prom.ua
URL: https://prom.ua/map/frame_map/5620360?mode=big
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: a510992fb5f2650568fd756b39bf8773e7804ac2528785f645ba4ad82931be11

Request headers

Referer: https://prom.ua/map/frame_map/5620360?mode=big
Origin: https://prom.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:28 GMT
content-encoding: br
x-amz-request-id: tx0000000000000004aa543-0060c03af2-85d6b90-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/vas-site/br-encoded-wp_companysite_map_runtime_666ec2fbba628226a1a0.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 665
x-cdn-ruri: /js/build/vas-site/br-encoded-wp_companysite_map_runtime_666ec2fbba628226a1a0.js
last-modified: Wed, 09 Jun 2021 03:06:04 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-01
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 wp_companysite_map_vendor_wp_companysite_map_vendor_1aa64ca2d370633aa856.js Show response
uaprom-static.c.prom.st/js/build/vas-site/ Frame 299E 415 KB
116 KB 5184ms
34ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_map_vendor_wp_companysite_map_vendor_1aa64ca2d370633aa856.js
Requested by: Host: prom.ua
URL: https://prom.ua/map/frame_map/5620360?mode=big
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7b89daec2b92c326eb5dd5b8f8cefd76b0354392c51e422b9d1dcd8e6eefbab0

Request headers

Referer: https://prom.ua/map/frame_map/5620360?mode=big
Origin: https://prom.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:28 GMT
content-encoding: br
x-amz-request-id: tx000000000000000026c86-00611c8411-d9aed11-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/vas-site/br-encoded-wp_companysite_map_vendor_wp_companysite_map_vendor_1aa64ca2d370633aa856.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 118033
x-cdn-ruri: /js/build/vas-site/br-encoded-wp_companysite_map_vendor_wp_companysite_map_vendor_1aa64ca2d370633aa856.js
last-modified: Wed, 18 Aug 2021 03:16:16 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 wp_companysite_map_wp_companysite_map_3225dcdee5f2665f39fb.js Show response
uaprom-static.c.prom.st/js/build/vas-site/ Frame 299E 110 KB
30 KB 5282ms
132ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_map_wp_companysite_map_3225dcdee5f2665f39fb.js
Requested by: Host: prom.ua
URL: https://prom.ua/map/frame_map/5620360?mode=big
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 908312dcce8c19c09c1b78b9ffb6298b71766119bbfd7e49a32a5c2bae1874bd

Request headers

Referer: https://prom.ua/map/frame_map/5620360?mode=big
Origin: https://prom.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:28 GMT
content-encoding: br
x-amz-request-id: tx00000000000000010f17c-00612369ac-d9f8474-openstack-1
x-cache-key: cdnuaprom-static.c.prom.st/js/build/vas-site/br-encoded-wp_companysite_map_wp_companysite_map_3225dcdee5f2665f39fb.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-trouble: IAMHERE
x-cache-source: local
content-length: 29708
x-cdn-ruri: /js/build/vas-site/br-encoded-wp_companysite_map_wp_companysite_map_3225dcdee5f2665f39fb.js
last-modified: Mon, 23 Aug 2021 08:48:11 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: nginx-cache-01
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 question Show response
asky.guru/report/v0/ 20 B
852 B 83ms
66ms XHR
application/json 2606:4700:3034::ac43:d194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asky.guru/report/v0/question?token=yoVDNswwkemepZRn
Requested by: Host: widget.asky.guru
URL: https://widget.asky.guru/askyguru.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c

Request headers

Accept: application/json, text/*
Referer: https://www1.promosafe.com.ua/
X-Script-Version: 1.3.4
Accept-Language: de-DE,de;q=0.9
X-Script-LSR: 820638480794155
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:49:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Cookie, Accept-Language, X-Script-Version, X-Script-LSR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fs8CG7tK5mUukdhYCwWf8dvLIBIMxNlfMSfvDvSbUUBeDWdWRvdkmxwI7VwIXbYwWVnJdINgHJf2DErOaQdQGLCh5SLncRkcdWfY5g3oXXQQ21BMpHTHTGDdJfYpQ7sIkLmS3A%2FrzaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www1.promosafe.com.ua
access-control-expose-headers: ETag
access-control-allow-credentials: true
x-envoy-upstream-service-time: 12
cf-ray: 68d62aa6b9c74a7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20

OPTIONS
H2 200 question
asky.guru/report/v0/ Frame 0
0 5075ms
61ms Preflight
application/octet-stream 2606:4700:3030::6815:4b03
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asky.guru/report/v0/question?token=yoVDNswwkemepZRn
Protocol: H2
Server: 2606:4700:3030::6815:4b03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-script-lsr,x-script-version
Origin: https://www1.promosafe.com.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 12 Sep 2021 03:49:33 GMT
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: https://www1.promosafe.com.ua
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET
access-control-allow-headers: X-SCRIPT-LSR,X-SCRIPT-VERSION
x-envoy-upstream-service-time: 3
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aP8T4Mlak%2B914RHE5lxniOPBJScDLZ0UKQJwdSX3bjBll58DeI4CTP11hx9FvTe1WgHuXnDK4LR1c2UQ3f5Yf3YuK%2F57fHQQg1RqJLw7sUq4pbufmiBp5GtXqaIGquQIggiP9h6L9lY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68d62aa63f5216ee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/127989488/ 2 KB
2 KB 5116ms
45ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/127989488/?random=1631418568786&cv=9&fst=1631418568786&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.promosafe.com.ua%2F&tiba=%22Promosafe%20UA%22%20-%20%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D1%8B%2C%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%2C%20%D1%86%D0%B5%D0%BD%D1%8B&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

930e7dcc86f2b23a860f1ed2dfd01f7673a76d401b6d5fcdaf07e2ac89b9af7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 place Show response
www.google.com/maps/embed/v1/ Frame 39CA 2 KB
1 KB 5350ms
320ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed/v1/place?key=AIzaSyCmb9n0w6qRawb0rASKDMc9xg-cMEDbz2c&q=50.01650476205393,36.22270242360236&language=ru&region=ua

Requested by

Host: uaprom-static.c.prom.st
URL: https://uaprom-static.c.prom.st/js/build/vas-site/wp_companysite_map_wp_companysite_map_3225dcdee5f2665f39fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

d2516f672702f303504af6b754e019bd78d91d1d52256bccd2ba4d481a359848

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-ozOI+l7lMxoamOLm79SwYw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed/v1/place?key=AIzaSyCmb9n0w6qRawb0rASKDMc9xg-cMEDbz2c&q=50.01650476205393,36.22270242360236&language=ru&region=ua
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://prom.ua/map/frame_map/5620360?mode=big
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prom.ua/map/frame_map/5620360?mode=big

Response headers

content-type: text/html; charset=UTF-8
date: Sun, 12 Sep 2021 03:49:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ozOI+l7lMxoamOLm79SwYw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1010
x-xss-protection: 0
server-timing: gfet4t7; dur=306
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
94 KB 5039ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: callme2r.voip.com.ua
URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 09:54:03 GMT
x-content-type-options: nosniff
age: 64531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 09:54:03 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/127989488/ 42 B
569 B 326ms
18ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/127989488/?random=1631418568786&cv=9&fst=1631415600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.promosafe.com.ua%2F&tiba=%22Promosafe%20UA%22%20-%20%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D1%8B%2C%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%2C%20%D1%86%D0%B5%D0%BD%D1%8B&async=1&fmt=3&is_vtc=1&random=1085750355&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/127989488/ 42 B
569 B 5074ms
17ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/127989488/?random=1631418568786&cv=9&fst=1631415600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww1.promosafe.com.ua%2F&tiba=%22Promosafe%20UA%22%20-%20%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D1%8B%2C%20%D1%82%D0%BE%D0%B2%D0%B0%D1%80%D1%8B%2C%20%D1%83%D1%81%D0%BB%D1%83%D0%B3%D0%B8%2C%20%D1%86%D0%B5%D0%BD%D1%8B&async=1&fmt=3&is_vtc=1&random=1085750355&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Sep 2021 03:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK color.min.js Show response
callme1r.voip.com.ua/lirawidget/ 12 KB
4 KB 5386ms
39ms Script
application/javascript 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/color.min.js?rand=299
Requested by: Host: callme2r.voip.com.ua
URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 36604f68f42e2c41767ec9ec59556a361fa2d67cd6a71900bc053e92c88e5952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2020 11:01:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4130

GET
H/1.1 200
OK widgetpopup.js Show response
callme1r.voip.com.ua/lirawidget/ 16 KB
4 KB 5423ms
77ms Script
application/javascript 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/widgetpopup.js?rand=299
Requested by: Host: callme2r.voip.com.ua
URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 70f135d998ca01f45aebbf404e3f58c418df1e7697aacfbd6236146a0fa82737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2020 11:01:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3430

GET
H/1.1 200
OK 4f6fef691c84e6316ceb456c4736cbaf Show response
callme1r.voip.com.ua/lirawidget/script/ct/ 0
290 B 5462ms
112ms Script
text/html 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/script/ct/4f6fef691c84e6316ceb456c4736cbaf?rand=299&clientId=1816210613.1631418559&yaClientId=&ct_c=undefined&sbjs_current_src=(direct)&sbjs_current_mdm=(none)&sbjs_current_cmp=(none)&sbjs_current_trm=(none)&roistat_visit=&url=https%3A%2F%2Fwww1.promosafe.com.ua%2F&referrer=
Requested by: Host: callme2r.voip.com.ua
URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Sep 2021 03:49:39 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 39CA 152 KB
49 KB 5040ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=ru&region=UA&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed/v1/place?key=AIzaSyCmb9n0w6qRawb0rASKDMc9xg-cMEDbz2c&q=50.01650476205393,36.22270242360236&language=ru&region=ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

925e46a0564a983ce693a14db6b9ef72202e4b03a4cf29517179b330f40312e2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 03:41:14 GMT
content-encoding: gzip
server: mafe
age: 505
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49928
x-xss-protection: 0
expires: Sun, 12 Sep 2021 04:11:14 GMT

GET init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/46/4/intl/ru_ALL/ Frame 39CA 0
0

GET
H/1.1 200
OK supportwidget.js Show response
callme1r.voip.com.ua/lirawidget/ 122 KB
17 KB 50ms
49ms Script
application/javascript 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/supportwidget.js?rand=299
Requested by: Host: callme2r.voip.com.ua
URL: https://callme2r.voip.com.ua/lirawidget/script/4f6fef691c84e6316ceb456c4736cbaf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 06592f6216f76a5b8d7391a2b584f145eead56efd321d0b25730637865221a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2020 11:01:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17525

GET
H/1.1 200
OK lira-widget.min.css
callme1r.voip.com.ua/lirawidget/ 88 KB
8 KB 34ms
34ms Stylesheet
text/css 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/lira-widget.min.css?rand=299
Requested by: Host: callme1r.voip.com.ua
URL: https://callme1r.voip.com.ua/lirawidget/supportwidget.js?rand=299
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e4f05414e4238b5b95c7a7835e1310ecc9325ae82f415ef7e068a2cee56db189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www1.promosafe.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Apr 2020 11:01:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7687

GET
H/1.1 200
OK lira-widget.ttf
callme1r.voip.com.ua/lirawidget/assets/icomoon/fonts/ 2 KB
3 KB 266ms
71ms Font
application/font-sfnt 91.218.213.166
QOS

General

Check archive.org

Show headers Download Go to

Full URL: https://callme1r.voip.com.ua/lirawidget/assets/icomoon/fonts/lira-widget.ttf?qpqj67
Requested by: Host: callme1r.voip.com.ua
URL: https://callme1r.voip.com.ua/lirawidget/lira-widget.min.css?rand=299
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.218.213.166 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: unallocated.qos.kiev.ua
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: f93ead50016345825c7d66d404f8014693257c60d9731c2e43cb3e8603000090

Request headers

Referer: https://callme1r.voip.com.ua/lirawidget/lira-widget.min.css?rand=299
Origin: https://www1.promosafe.com.ua
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 12 Sep 2021 03:49:40 GMT
Last-Modified: Sat, 04 Apr 2020 11:01:31 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Type: application/font-sfnt
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2484

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/ckeditor-hc28e38c0c895ceb7eb196ea1db4aa68bd.css

Domain: www1.promosafe.com.ua
URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_old_wp_companysite_vendor_old_2fc40a515e3eae6d1b81.js

Domain: myprom.lirax.net
URL: https://myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/bare.js

Domain: myprom.lirax.net
URL: https://myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/iframe.html

Domain: maps.gstatic.com
URL: https://maps.gstatic.com/maps-api-v3/embed/js/46/4/intl/ru_ALL/init_embed.js

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www1.promosafe.com.ua/	1970-01-19 21:53:30	Name: cid Value: 306028129339026697657657586587521296482
.www1.promosafe.com.ua/	1970-01-20 05:54:28	Name: csrf_token_company_site Value: 0fb5c07bf7e8497fa9b6029ded26c657
.www1.promosafe.com.ua/	1970-01-20 05:55:54	Name: evoauth Value: w4b146f60469e41ac9eb65e9682822361
.promosafe.com.ua/	1970-01-19 21:11:44	Name: _gid Value: GA1.3.1743084755.1631418559
.promosafe.com.ua/	1970-01-19 21:10:18	Name: _gat Value: 1
.promosafe.com.ua/	1970-01-20 14:41:30	Name: _ga_T7S2G9Q21Q Value: GS1.1.1631418563.1.0.1631418563.0
.promosafe.com.ua/	1970-01-20 14:41:30	Name: _ga Value: GA1.1.1816210613.1631418559
.promosafe.com.ua/	1970-01-19 23:19:54	Name: _gcl_au Value: 1.1.1838797391.1631418564
.trafmag.com/	1970-01-20 14:41:30	Name: vid Value: 19886362085312
.prom.ua/	1970-01-20 05:54:28	Name: csrf_token Value: 6f8eb11e14ec4e269c3437f13ca762ca
.prom.ua/	1970-01-20 05:55:54	Name: auth Value: 03acf3eedcc1791b0b94f9bf0083621ce1129d5f
.prom.ua/	1970-01-20 05:55:54	Name: evoauth Value: wffbbaa59362b42c796d0a8814141b198
.doubleclick.net/	1970-01-19 21:10:19	Name: test_cookie Value: CheckForPermission
asky.guru/	1970-01-20 14:41:30	Name: responder Value: IgPwskx34rFsBb-l-_WlFQaWa5N-5M-KZbKIAGPG60ViajAIanMeuVQXuQIzu2zHeusXxUG1QRA44_LgJ5RheQ
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_migrations Value: 1418474375998%3D1
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_current_add Value: fd%3D2021-09-12%2003%3A49%3A34%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww1.promosafe.com.ua%2F%7C%7C%7Crf%3D%28none%29
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_first_add Value: fd%3D2021-09-12%2003%3A49%3A34%7C%7C%7Cep%3Dhttps%3A%2F%2Fwww1.promosafe.com.ua%2F%7C%7C%7Crf%3D%28none%29
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.www1.promosafe.com.ua/	1970-01-20 01:29:30	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F92.0.4515.159%20Safari%2F537.36
.www1.promosafe.com.ua/	1970-01-19 21:10:20	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fwww1.promosafe.com.ua%2F
www1.promosafe.com.ua/	1970-01-23 12:46:18	Name: lirax_sbsrc Value: %28direct%29
www1.promosafe.com.ua/	1970-01-23 12:46:18	Name: lirax_sbmdm Value: %28none%29
www1.promosafe.com.ua/	1970-01-23 12:46:18	Name: lirax_sbcmp Value: %28none%29
www1.promosafe.com.ua/	1970-01-23 12:46:18	Name: lirax_sbtrm Value: %28none%29
www1.promosafe.com.ua/	1970-01-19 21:11:31	Name: lirax_not_animate_widget_due Value: 0
www1.promosafe.com.ua/	1970-01-19 21:11:31	Name: lirax_save_today_history Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/css/ckeditor-hc28e38c0c895ceb7eb196ea1db4aa68bd.css Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://www1.promosafe.com.ua/cloud-cgi/static/uaprom-static/js/build/vas-site/wp_companysite_vendor_old_wp_companysite_vendor_old_2fc40a515e3eae6d1b81.js Message: Failed to load resource: net::ERR_EMPTY_RESPONSE
network	error	URL: https://myprom.lirax.net/cloud-cgi/static/clerk/v4.3.2/bare.js Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
asky.guru
callme1r.voip.com.ua
callme2r.voip.com.ua
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gotcha-server.evo.run
images.ua.prom.st
maps.googleapis.com
maps.gstatic.com
myprom.lirax.net
prom.ua
t.trafmag.com
uaprom-static.c.prom.st
widget.asky.guru
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www1.promosafe.com.ua
maps.gstatic.com
myprom.lirax.net
www1.promosafe.com.ua
142.250.186.162
193.200.65.5
193.34.168.232
193.34.169.10
193.34.169.17
193.34.169.9
2606:4700:3030::6815:4b03
2606:4700:3034::ac43:d194
2a00:1450:4001:800::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:828::2008
2a00:1450:4001:829::200a
2a00:1450:4001:830::2003
2a00:1450:400d:804::2002
2a00:1450:400d:804::200e
2a03:2880:f00c:19:face:b00c:0:3
91.218.212.22
91.218.213.166
03e56c7ce6f9376e59a5c2b23f326a7b787bb3fb1ff1e87a634aa01b3dcf729c
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
06592f6216f76a5b8d7391a2b584f145eead56efd321d0b25730637865221a46
1b2ebc4acf8bbcf9194659b04e041c92b27886fd0087ceb0b135448262a50c56
1bd952fabf7140f518524c9842425fca9f2bfdc79c8b766ecb44653f1bde07ca
2a3d0807499ca307f92f3edbf14c6f351db4943b983db7899ae81186a8f3985c
2e47ade2685931a5648bf376af828c4b7fdb07ef1debe1c35380b823d9d15193
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
36604f68f42e2c41767ec9ec59556a361fa2d67cd6a71900bc053e92c88e5952
377945eefb57a0b9be45ee385665696e7f4188f15dbeaaf71519eafdf82917df
3d71cf8dc1cecdd75cee08bae4d565e2a1828996ce0a11a3e939990539c3f887
42e797a55ac3ac02c784b7ef2382320a0c198e41cbaa938a77ef587150917726
445778ed5c44628cd8dc739a2ab46384e37bbb47ff4187b0cc6c918e3fc8361b
48d407920b3a4255b845abaa2153058e05fad03a611316bfea81a6b320438cb4
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4fe4d1da510bc5eb8f34a416d4f2d04e4204279c59ff3a990d613f8cc7f8ea0b
52d0b9e1f1bb01e1e92d9a9b892edec42bfc91b63a8736202ab715766680c1ff
5c3737389977992b4f03a51a8c509c3bcdb4516e142436ec84270789d784aa16
60723e562d58cdea2dff44049c61a59a914e6295f69cdfcc23db9ab4c4427418
618860d4bd6460891ba2c4b849047a7ca62297a50066baeb5eaccff3237c2cc7
65723da634e8f956383ab1904941bf9a3c0419765defa46512a5b7064f4ca085
6d844ab2bd54a74de6b4238feaf5bf7d60cdf2573d1bb5d39d5509b80aa880d1
6e24bb29cfed6c45104aaaf4e5287b156e5695b6cc902e0a5a64810bf1ca2221
70f135d998ca01f45aebbf404e3f58c418df1e7697aacfbd6236146a0fa82737
7b89daec2b92c326eb5dd5b8f8cefd76b0354392c51e422b9d1dcd8e6eefbab0
7c232f60c4cff389420b7b5fae8fd23e435e2d3986506cc3a20e78c613338899
8234343fe5a5834eebbbf8d8bcff3d749d05b37051ba26f9fb524606321e1d3d
8237221e3a98be5f6d6a1e2f0f6d6894b9e8e96f638a1f7f05a4374feac61d66
8248952c3899c181021efe302125b3cfc7edeb87920616672c0d2fd048009373
8411537a74fba3094edef647e86059f5138a4e734450c9a43e49214f926de849
841e20668de1be512712ed84eef945014ffe6b5cbf245b999b745ec463c60780
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
908312dcce8c19c09c1b78b9ffb6298b71766119bbfd7e49a32a5c2bae1874bd
925e46a0564a983ce693a14db6b9ef72202e4b03a4cf29517179b330f40312e2
930e7dcc86f2b23a860f1ed2dfd01f7673a76d401b6d5fcdaf07e2ac89b9af7b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a510992fb5f2650568fd756b39bf8773e7804ac2528785f645ba4ad82931be11
a5bc80201d208f16bc81a2fafacab9b99503d04afe96b8f2524e9ae6768ccb04
a66b67255c0477ca3b84496e1d65042bfcb6fa0ba5d414e42f1633461853c62d
a67d5584966c417756ee534968a69dbf60232d0ee2897857322785dd3c9240be
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b10bc9c820ce7f6f136e295b76a4dda272fc44670561a0ccb54ff303bda984a1
b3450a8d4d857d9ea2a871a4033f9f3538361b35f21f3cf0bb4869a1c4246fa7
b4f396a8aaf313e0798f971317151c0716b476f90b8fe539280a094efd420157
b8681c2583f88687255cf2345388369be51c36f5474b55c78070b6480b3a8795
ba1d4cea0249562a4ecc4440a590f26556f4b9b25df53ae6ea27f88674174311
ba7edf4380502c106cdcd8b0c0dc335846e5c059aebe7b9958108d4c46ac002a
c2a9fc12afb1f4c691d5e70094972127b263103f4145028c7bc2393fd750040f
ce87eb02217333e96c0cce767743d998386733cfc39bf3086fc16ef360756141
d2516f672702f303504af6b754e019bd78d91d1d52256bccd2ba4d481a359848
d2a15a8ff176120e1c703611f2ae7ae419a041205bad18ce4f6864b95aa6f6f7
d9758226ccc9e70a62c60b981ddd51bcf2a30b16a4cd64e872c4ec48dfb5bcfd
def3584e39f412e77b3a70f3f1182afa6bc23c0be13afd0b1d1493088e015e97
e0c38c0085132829e7babe43615dd4a95303ccc60f855de99694344496d2d870
e22081f44b77a40a0477079ca47fdb3266af5b299f4be71fefab789b462dfdf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f05414e4238b5b95c7a7835e1310ecc9325ae82f415ef7e068a2cee56db189
e6b18e9aef52e9405612bd233a8053fd0ddf9f9ce93114050fe5679dd139b1bb
eaa1ef2a0c1c3c4ec08cfcd50ebbc87d4b2cec33b5b08310a5b6a0e8419c477e
ee075a55ccaa386be54cb8817e27396e81bfe1b3daa4999a829f06858cbe126f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5ffca7f773e80ab3d6982b6771e2d196d5ee76c26867d69a28d5770b01b4eb
f93ead50016345825c7d66d404f8014693257c60d9731c2e43cb3e8603000090
fb1b1af32aa3899e4e830b42d2dcd54d82be0a116127b3c98b816330c8a8e577
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fee68cafa62e01be53ee54d583cbc04947321e12630d599258a6f29ee2f990ff

www1.promosafe.com.ua Open in urlscan Pro 91.218.212.22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

93 %HTTPS

60 %IPv6

17 Domains

23 Subdomains

21 IPs

6 Countries

1616 kBTransfer

3751 kBSize

27 Cookies

6 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www1.promosafe.com.ua Open in urlscan Pro
91.218.212.22 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

93 %
HTTPS

60 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1616 kB
Transfer

3751 kB
Size

27
Cookies

76 HTTP transactions
0 data transactions