URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Submission: On February 13 via manual from US

Summary

This website contacted 9 IPs in 3 countries across 5 domains to perform 19 HTTP transactions. The main IP is 91.198.36.14, located in Ukraine and belongs to DIGITAL-VENTURES, UA. The main domain is g.i.ua.
This is the only time g.i.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 91.198.36.14 43405 (DIGITAL-V...)
8 91.198.36.27 43405 (DIGITAL-V...)
1 91.198.36.18 43405 (DIGITAL-V...)
2 185.187.81.40 43332 (IDSTRATEG...)
3 6 149.202.199.193 16276 (OVH)
1 91.198.36.16 43405 (DIGITAL-V...)
1 1 193.239.68.97 39468 (BIGMIR-IN...)
1 193.239.71.100 39468 (BIGMIR-IN...)
2 2a00:1450:400... 15169 (GOOGLE)
19 9
Apex Domain
Subdomains
Transfer
11 i.ua
g.i.ua
i3.i.ua
i.i.ua
r.i.ua
106 KB
6 gemius.pl
kpmediagaua.hit.gemius.pl
12 KB
2 doubleclick.net
stats.g.doubleclick.net
17 KB
2 bigmir.net
c.bigmir.net
i.bigmir.net
791 B
2 zmctrack.net
s.zmctrack.net
55 KB
19 5
Domain Requested by
8 i3.i.ua g.i.ua
6 kpmediagaua.hit.gemius.pl 3 redirects g.i.ua
2 stats.g.doubleclick.net
2 s.zmctrack.net g.i.ua
1 i.bigmir.net
1 c.bigmir.net 1 redirects
1 r.i.ua g.i.ua
1 i.i.ua g.i.ua
1 g.i.ua
19 9

This site contains links to these domains. Also see Links.

Domain
www.i.ua
works.bepress.com
help.i.ua
Subject Issuer Validity Valid
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA
2019-04-25 -
2020-04-24
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2019-09-11 -
2021-09-24
2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months crt.sh

This page contains 2 frames:

Primary Page: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Frame ID: 0EDC8E6D58903A5B33CAF8CF745F1757
Requests: 19 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: B68EA0A27076DF66323428CDA7ACD201
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Unix/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: %
Detected patterns
  • script /hit\.gemius\.pl\/xgemius\.js/i
  • script /hit\.gemius\.pl/i
  • script /xgemius\.js/i

Page Statistics

19
Requests

32 %
HTTPS

11 %
IPv6

5
Domains

9
Subdomains

9
IPs

3
Countries

188 kB
Transfer

354 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://kpmediagaua.hit.gemius.pl/fpdata.js?href=g.i.ua HTTP 301
  • https://kpmediagaua.hit.gemius.pl/_sslredir/fpdata.js?href=g.i.ua
Request Chain 16
  • http://kpmediagaua.hit.gemius.pl/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57&vis=1 HTTP 301
  • https://kpmediagaua.hit.gemius.pl/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57&vis=1 HTTP 301
  • https://kpmediagaua.hit.gemius.pl/__/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57&vis=1
Request Chain 17
  • http://c.bigmir.net/?s134156&t6&n0.21691870788619871&c1&d24&r1600&f HTTP 302
  • http://i.bigmir.net/cnt/06.gif
Request Chain 18
  • http://stats.g.doubleclick.net/dc.js HTTP 307
  • https://stats.g.doubleclick.net/dc.js
Request Chain 19
  • http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=363706495&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%25253A%25252F%25252Fworks.bepress.com%25252Fwrinkles-the-clown%25252F1%25252F&utmht=1581585778307&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1842844698.1581585778.1581585778.1581585778.1%3B%2B__utmz%3D11729771.1581585778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1448524632&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=363706495&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%25253A%25252F%25252Fworks.bepress.com%25252Fwrinkles-the-clown%25252F1%25252F&utmht=1581585778307&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1842844698.1581585778.1581585778.1581585778.1%3B%2B__utmz%3D11729771.1581585778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1448524632&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
g.i.ua/
15 KB
8 KB
Document
General
Full URL
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.14 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
www.i.ua
Software
Apache/1.3.42 (Unix) mod_deflate/1.0.21 /
Resource Hash
b54b332dac8de8139597bcf156b474a7b88fa60364a73905ce3ce3f1d498250e

Request headers

Host
g.i.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Server
Apache/1.3.42 (Unix) mod_deflate/1.0.21
Vary
Accept-Encoding
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=windows-1251
Content-Encoding
gzip
login.y130200.css
i3.i.ua/css/i2/blue/sprite/
41 KB
10 KB
Stylesheet
General
Full URL
http://i3.i.ua/css/i2/blue/sprite/login.y130200.css
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
48874ded463795664b7459b06b15c3fd690d24bbe32bb845dd50cf31dabaf4b7

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Dec 2019 14:36:40 GMT
Server
nginx/1.2.2
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Length
9901
Expires
Fri, 12 Feb 2021 09:22:57 GMT
util.y169000.js
i3.i.ua/js/
14 KB
15 KB
Script
General
Full URL
http://i3.i.ua/js/util.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Wed, 12 Oct 2016 10:16:54 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14697
Expires
Fri, 12 Feb 2021 09:22:57 GMT
JSHttpRequest.y169000.js
i3.i.ua/js/
13 KB
14 KB
Script
General
Full URL
http://i3.i.ua/js/JSHttpRequest.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Thu, 06 Apr 2017 10:11:42 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13522
Expires
Fri, 12 Feb 2021 09:22:57 GMT
md5.y169000.js
i3.i.ua/js/
9 KB
9 KB
Script
General
Full URL
http://i3.i.ua/js/md5.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Sun, 26 Aug 2012 10:37:44 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8827
Expires
Fri, 12 Feb 2021 09:22:57 GMT
global.y169000.js
i3.i.ua/js/i/
25 KB
25 KB
Script
General
Full URL
http://i3.i.ua/js/i/global.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Mon, 14 May 2018 09:28:34 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25256
Expires
Fri, 12 Feb 2021 09:22:57 GMT
loader.y169000.js
i3.i.ua/js/
5 KB
5 KB
Script
General
Full URL
http://i3.i.ua/js/loader.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
c41ccb016b62881dba0565c109efe14fd72ad30697886830206eea0273ab9231

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Sun, 26 Aug 2012 10:37:44 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4835
Expires
Fri, 12 Feb 2021 09:22:57 GMT
autoload.y169000.js
i3.i.ua/js/i/
13 KB
13 KB
Script
General
Full URL
http://i3.i.ua/js/i/autoload.y169000.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
a4f40a352da327dc942d57692de6524f7a88459c0e873a99bf353da6f94b0e4e

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Thu, 25 Apr 2019 10:38:43 GMT
Server
nginx/1.2.2
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13118
Expires
Fri, 12 Feb 2021 09:22:57 GMT
logo.png
i3.i.ua/v2/logo/
4 KB
5 KB
Image
General
Full URL
http://i3.i.ua/v2/logo/logo.png
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.27 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
vi.i.ua
Software
nginx/1.2.2 /
Resource Hash
38b70b139bc628cbcad9a4341ad86179ab9cd63f3bc029b2ded1747c8bd0dd8f

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Last-Modified
Thu, 22 Dec 2011 13:02:52 GMT
Server
nginx/1.2.2
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4529
Expires
Fri, 12 Feb 2021 09:22:57 GMT
3_1_2.png
i.i.ua/r/
2 KB
2 KB
Image
General
Full URL
http://i.i.ua/r/3_1_2.png
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.18 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i.i.ua
Software
nginx/1.2.0 /
Resource Hash
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:56 GMT
Last-Modified
Thu, 28 Sep 2006 16:33:08 GMT
Server
nginx/1.2.0
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2196
Expires
Fri, 12 Feb 2021 09:22:56 GMT
z
s.zmctrack.net/ Frame B68E
688 B
1 KB
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
a0a1eda0b1a2bc6b2ffe4b75dc56f624e0e949eaeb6331ce83863f6694a44950

Request headers

Origin
http://g.i.ua
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Feb 2020 09:22:57 GMT
server
openresty
status
200
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
http://g.i.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
cache-control
no-cache, no-store
x-check
ac034e3c3d190c95d32a8cc89f9f67e9
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
688
expires
Thu, 01 Jan 1970 00:00:01 GMT
xgemius.js
kpmediagaua.hit.gemius.pl/
33 KB
9 KB
Script
General
Full URL
http://kpmediagaua.hit.gemius.pl/xgemius.js
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
5e67614b605aa85211e3954399cef8e6ad27040f2d3b659ca40d84165088fec3

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Feb 2020 06:37:34 GMT
Server
GHC
Vary
Accept-Encoding,Origin
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
none
Content-Type
application/x-javascript
Keep-Alive
timeout=10
Content-Length
9082
Expires
Thu, 13 Feb 2020 21:22:57 GMT
s
r.i.ua/
43 B
471 B
Image
General
Full URL
http://r.i.ua/s?u1&p0&n0.6434649849970051&c1&d24&w1600&h1200&rg.i.ua/%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
HTTP/1.1
Server
91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
r.i.ua
Software
nginx /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:22:57 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Expires
0
truncated
/
118 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e

Request headers

Referer
http://i3.i.ua/css/i2/blue/sprite/login.y130200.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c3ab2e0d6d5cbeb6b4cd1b38a0c7de1bc2f46528fc777de20d17292cb04cb64

Request headers

Referer
http://i3.i.ua/css/i2/blue/sprite/login.y130200.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
faf4YTVVAAUDVlZVVFAABVcDDFEABQVQ-VFQAUAEADAcMU1RVA1dJOE5DWARBCVoFF1sXBlAVagBHBloPF00XBVQVVEMPGhcCWgxYCEFDD0MCVgJYAVIAAFEHDQQMBFMEAVgBWAQFAwIMVQRWB1UBAAxWAFgCWVNSF00XExdbAhxIVA0HBFkEUAxQAVhUVVQABQBT...
s.zmctrack.net/ Frame B68E
134 KB
54 KB
XHR
General
Full URL
https://s.zmctrack.net/faf4YTVVAAUDVlZVVFAABVcDDFEABQVQ-VFQAUAEADAcMU1RVA1dJOE5DWARBCVoFF1sXBlAVagBHBloPF00XBVQVVEMPGhcCWgxYCEFDD0MCVgJYAVIAAFEHDQQMBFMEAVgBWAQFAwIMVQRWB1UBAAxWAFgCWVNSF00XExdbAhxIVA0HBFkEUAxQAVhUVVQABQBTUQAHAlQEVgBQVFQDAANXBlcCUlZWAwIDVwRXAFBUVAEAAlUGVgNSVFdUAAAAUw-ANAARUBAcMWQFQVFBUWAVVUwAAAAJRBAcAVFRWA1ADVAYAAldWVwNSA1YEAgBXVFcBUAJUBgADVVRWVFIAV1MADQAEAAQADFQBB1RZVFAFUFNYAFUCAAQAAFE
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
ba975d4fe0d9bb239e986cf22819dfe6a7e3c2bf9c25426d8524ef9aae9d4d1b

Request headers

Origin
http://g.i.ua
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
empty

Response headers

date
Thu, 13 Feb 2020 09:22:57 GMT
content-encoding
gzip
status
200
x-check
128da2dced832beef7834468a0fb34ba
x-meta-controller-version
Argon controller (commit: 9a7eb44e)
content-length
54470
last-modified
Tue, 17 Sep 2019 15:15:22 GMT
server
openresty
etag
"5d80f88a-d4c6"
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
max-age=31536000
x-meta-data
{"method":"get_argon","data":{"commit":"7779435adf8e9efe49491d6c9417244a975978f3","r":7}}
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
expires
Fri, 12 Feb 2021 09:22:57 GMT
fpdata.js
kpmediagaua.hit.gemius.pl/_sslredir/
Redirect Chain
  • http://kpmediagaua.hit.gemius.pl/fpdata.js?href=g.i.ua
  • https://kpmediagaua.hit.gemius.pl/_sslredir/fpdata.js?href=g.i.ua
262 B
460 B
Script
General
Full URL
https://kpmediagaua.hit.gemius.pl/_sslredir/fpdata.js?href=g.i.ua
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
b16355f33e722f1fe45f6ef1885c687ef5a786be23d8a0aae70cc28f20553e0b

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 09:22:58 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
private, max-age=2592000
accept-ranges
none
content-type
application/x-javascript
content-length
262
expires
Sat, 14 Mar 2020 09:22:58 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:22:57 GMT
Server
GHC
P3P
CP="NOI DSP COR NID PSAo OUR IND"
Location
https://kpmediagaua.hit.gemius.pl/_sslredir/fpdata.js?href=g.i.ua
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
none
Keep-Alive
timeout=10
Content-Length
0
Expires
Wed, 12 Feb 2020 09:22:57 GMT
rexdot.js
kpmediagaua.hit.gemius.pl/__/_sslredir/_1581585778135/
Redirect Chain
  • http://kpmediagaua.hit.gemius.pl/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i....
  • https://kpmediagaua.hit.gemius.pl/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3...
  • https://kpmediagaua.hit.gemius.pl/__/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=htt...
169 B
426 B
Script
General
Full URL
https://kpmediagaua.hit.gemius.pl/__/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57&vis=1
Requested by
Host: g.i.ua
URL: http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
149.202.199.193 , France, ASN16276 (OVH, FR),
Reverse DNS
ua1.host.hit.gemius.pl
Software
GHC /
Resource Hash
ee4a3bde30eb758100755401607322911ea6f832d5d42321a386d2225d2433f9

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 09:22:58 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
200
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 12 Feb 2020 09:22:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 09:22:58 GMT
server
GHC
location
/__/_sslredir/_1581585778135/rexdot.js?l=100&id=zaqaCKOZ4_pxD3bwj4hcpseCnO4wwNfh3MTiaF2w8JX.P7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=http%3A%2F%2Fg.i.ua%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%253A%252F%252Fworks.bepress.com%252Fwrinkles-the-clown%252F1%252F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=0&lsdata=-NOTSUP&fpdata=QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57&vis=1
p3p
CP="NOI DSP COR NID PSAo OUR IND"
status
301
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
none
content-length
0
expires
Wed, 12 Feb 2020 09:22:58 GMT
06.gif
i.bigmir.net/cnt/
Redirect Chain
  • http://c.bigmir.net/?s134156&t6&n0.21691870788619871&c1&d24&r1600&f
  • http://i.bigmir.net/cnt/06.gif
43 B
326 B
Image
General
Full URL
http://i.bigmir.net/cnt/06.gif
Protocol
HTTP/1.1
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 09:22:58 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
43
Expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 09:22:58 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://www.bigmir.net/w3c/p3p.xml", CP="NON ADM DEV PSA PSD OUR UNI COM NAV INT TAI IVA IND"
Location
//i.bigmir.net/cnt/06.gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
dc.js
stats.g.doubleclick.net/
Redirect Chain
  • http://stats.g.doubleclick.net/dc.js
  • https://stats.g.doubleclick.net/dc.js
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4328
date
Thu, 13 Feb 2020 08:10:50 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17093
expires
Thu, 13 Feb 2020 10:10:50 GMT

Redirect headers

Location
https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason
HSTS
__utm.gif
stats.g.doubleclick.net/r/
Redirect Chain
  • http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I...
  • https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0...
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=363706495&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%25253A%25252F%25252Fworks.bepress.com%25252Fwrinkles-the-clown%25252F1%25252F&utmht=1581585778307&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1842844698.1581585778.1581585778.1581585778.1%3B%2B__utmz%3D11729771.1581585778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1448524632&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://g.i.ua/?userID=6897361&userID=6897361&_url=https%3A%2F%2Fworks.bepress.com%2Fwrinkles-the-clown%2F1%2F
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 13 Feb 2020 09:22:58 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=227600541&utmhn=g.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%C2%A0I.UA%C2%A0&utmhid=363706495&utmr=-&utmp=%2F%3FuserID%3D6897361%26userID%3D6897361%26_url%3Dhttps%25253A%25252F%25252Fworks.bepress.com%25252Fwrinkles-the-clown%25252F1%25252F&utmht=1581585778307&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1842844698.1581585778.1581585778.1581585778.1%3B%2B__utmz%3D11729771.1581585778.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1448524632&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate number| lmJsVersion string| lmJsPath number| JS_LANG_ID boolean| I_VER2 string| JS_ERROR_NOTIFY function| browseIt object| b function| trim function| stripTags function| checkAll function| checkDate function| frPr object| toggleDisplay_hiddenObj function| toggleDisplay function| dce function| dct function| dge function| getItemIndex function| arrayPos function| peUtilClearContainer function| strCmp function| striCmp function| DBG function| nalert function| formatStToSafeGET function| inputLimit function| getPosition function| getPosition2 function| getOffsetRect function| mouseCoords function| getWindowInfo function| itemSpelling function| addToBody function| util_htmlspecialchars function| sprintf function| utilSetCookie function| utilGetCookie function| hrefSSG object| UtilLite number| nalertCount boolean| UTIL_LOADED boolean| UTIL_READY function| Subsys_JsHttpRequest_Js number| hexcase string| b64pad number| chrsz function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 string| ref function| i_showFloat function| i_showFloat2 function| i_showFloat3 function| i_lForm2 function| i_lForm undefined| i_blinkMail undefined| i_blinkMailTimer undefined| i_blinkMailStep function| i_blinkM undefined| i_reqMail string| i_chkEmlUrl function| i_checkNewMail function| i_checkNewMailResponse number| i_checkInterval undefined| i_reqSCode function| i_updateSCode function| i_removeDefVal function| i_keypress function| i_showSections function| i_showPeopleOnline function| i_showPeopleOnline2 function| i_poSetLoading function| i_poSetLoading2 function| i_poHideBadObjects function| i_poReady function| i_closePeopleOnline function| i_closePeopleOnline2 function| i_getBottomPos function| i_s function| bannerInternalFooterJS function| i_checkOpenstat function| i_closeDisclaimer object| poToggledObjects object| lmModules object| lmQueue boolean| lmTimerHndl object| lmNotifyController boolean| lmLoading boolean| lmNotified function| lmIsModuleStatus function| lmSetModuleStatus function| lmCallAfterModulesStatus function| lmCallAfterModulesReady function| lmCallAfterModulesLoaded function| lmCheckModulesStatus string| LM_S_READY string| LM_S_LOADED string| LM_S_LOADING object| Autoload function| ILoadScript string| pp_gemius_identifier function| gemius_pending object| _gaq string| iS object| iD string| iR string| iT string| iH number| iI string| bmQ object| bmD object| bmS string| bmF function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| k string| v object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| _gat object| gaGlobal

2 Cookies

Domain/Path Name / Value
.i.ua/ Name: __gfp_64b
Value: QPXHmnLIX28O1onNv3SB7yV4yHHdXu0SMfj0hZV4r2v.57
g.i.ua/ Name: b
Value: b

4 Console Messages

Source Level URL
Text
console-api log URL: http://i3.i.ua/js/i/autoload.y169000.js(Line 80)
Message:
== DOMLoaded ==
console-api log URL: http://i3.i.ua/js/i/autoload.y169000.js(Line 80)
Message:
Autoload._init: initialize
console-api log URL: http://i3.i.ua/js/i/autoload.y169000.js(Line 80)
Message:
== ONLOAD ==
console-api log URL: http://i3.i.ua/js/i/autoload.y169000.js(Line 80)
Message:
== TIMEOUT ==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bigmir.net
g.i.ua
i.bigmir.net
i.i.ua
i3.i.ua
kpmediagaua.hit.gemius.pl
r.i.ua
s.zmctrack.net
stats.g.doubleclick.net
149.202.199.193
185.187.81.40
193.239.68.97
193.239.71.100
2a00:1450:400c:c00::9a
91.198.36.14
91.198.36.16
91.198.36.18
91.198.36.27
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36
1c3ab2e0d6d5cbeb6b4cd1b38a0c7de1bc2f46528fc777de20d17292cb04cb64
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38b70b139bc628cbcad9a4341ad86179ab9cd63f3bc029b2ded1747c8bd0dd8f
48874ded463795664b7459b06b15c3fd690d24bbe32bb845dd50cf31dabaf4b7
5e67614b605aa85211e3954399cef8e6ad27040f2d3b659ca40d84165088fec3
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5
a0a1eda0b1a2bc6b2ffe4b75dc56f624e0e949eaeb6331ce83863f6694a44950
a4f40a352da327dc942d57692de6524f7a88459c0e873a99bf353da6f94b0e4e
b16355f33e722f1fe45f6ef1885c687ef5a786be23d8a0aae70cc28f20553e0b
b54b332dac8de8139597bcf156b474a7b88fa60364a73905ce3ce3f1d498250e
ba975d4fe0d9bb239e986cf22819dfe6a7e3c2bf9c25426d8524ef9aae9d4d1b
c41ccb016b62881dba0565c109efe14fd72ad30697886830206eea0273ab9231
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e
dc0df8d67a1cd007a197171d3c5594dbc0635e47e18c67ba3487ce90f183e474
ee4a3bde30eb758100755401607322911ea6f832d5d42321a386d2225d2433f9