files.dp.ua Open in urlscan Pro
91.193.130.140 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://files.dp.ua/file?source=18110209013543851288
Submission: On November 02 via manual (November 2nd 2018, 7:37:42 am UTC) from UA

Summary HTTP 37 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 37 HTTP transactions. The main IP is 91.193.130.140, located in Dnepropetrovsk, Ukraine and belongs to UCMA-AS, UA. The main domain is files.dp.ua.

This is the only time files.dp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	91.193.130.140 91.193.130.140	44894 (UCMA-AS) (UCMA-AS)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:204... 2600:9000:2043:3000:c:3b62:9ac0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	88.212.196.123 88.212.196.123	39134 (UNITEDNET) (UNITEDNET)
1 1	2606:4700:30:... 2606:4700:30::6818:7b9d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::6818:7a9d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
8	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
37	12

7 91.193.130.140 (Dnepropetrovsk, Ukraine)

ASN44894 (UCMA-AS, UA)
PTR: 140.130.dts.net.ua

files.dp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2043:3000:c:3b62:9ac0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d31j93rd8oukbv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.196.123 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host63.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:7b9d (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

count.yandeg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::6818:7a9d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

count.yandeg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com	208 KB
8	doubleclick.net googleads.g.doubleclick.net
7	files.dp.ua files.dp.ua	81 KB
6	yandex.ru 1 redirects mc.yandex.ru	47 KB
2	yandeg.ru 1 redirects count.yandeg.ru	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	bigmir.net c.bigmir.net	937 B
1	cloudfront.net d31j93rd8oukbv.cloudfront.net	133 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
37	11

	Domain	Requested by
9	pagead2.googlesyndication.com	files.dp.ua pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	files.dp.ua	files.dp.ua pagead2.googlesyndication.com
6	mc.yandex.ru	1 redirects files.dp.ua mc.yandex.ru
2	count.yandeg.ru	1 redirects files.dp.ua
2	counter.yadro.ru	1 redirects files.dp.ua
2	www.google-analytics.com	files.dp.ua
1	c.bigmir.net	files.dp.ua
1	d31j93rd8oukbv.cloudfront.net	files.dp.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
37	11

This site contains links to these domains. Also see Links.

Domain
files.zp.ua
radio.mega.dp.ua
vk.com
www.facebook.com
connect.ok.ru
connect.mail.ru
plus.google.com
twitter.com
web.skype.com
telegram.me
bigfile.cc
www.liveinternet.ru
yandeg.ru
www.bigmir.net

Subject Issuer	Validity	Valid
*.google.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-10-16` - `2019-01-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
sni158043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-30` - `2019-05-08`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://files.dp.ua/file?source=18110209013543851288
Frame ID: 2BE8CE9A990270707A38761C4FC3B7B7
Requests: 34 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js
Frame ID: 183A2C65933D6D370E46BFAC4FD3A11B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: 59C1D66EFD1860A5CCAB9FFEB3695FD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&adk=1812271804&adf=3025194257&lmt=1541144251&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1541144251837&bpp=23&bdt=203&fdt=139&idt=136&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=4972642870494&frm=20&pv=2&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=764090&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&uci=0.s56xkgf93njj&fsb=1&dtd=165
Frame ID: F5F1F385BC2A12BCE908F443A93F8369
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: B7D6A5723B12AE139D53548C13930EFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=5427526352&adk=4193746731&adf=1810271952&w=980&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251860&bpp=14&bdt=225&fdt=157&idt=113&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=34318522&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.n3pq0q8y3n35&fsb=1&xpc=zJNXh8J7uz&p=http%3A//files.dp.ua&dtd=164
Frame ID: DAD77DBD7742041C293F81D08507054C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: FEEF49CD1B05576847C678BF95597C82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=2488053153&adk=560204778&adf=2191844855&w=1024&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1024x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251896&bpp=5&bdt=262&fdt=186&idt=77&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=281&ady=274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.pp900rk35e0t&fsb=1&xpc=pOr1ZMXnkr&p=http%3A//files.dp.ua&dtd=189
Frame ID: AD3BEFE7C193F7A212F5BCB13DC7B63B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html
Frame ID: 5BD7C9B52DF025860CD3A8C4FBC0EAC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=60&slotname=2488053153&adk=1786889798&adf=717698281&w=720&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=720x60&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251902&bpp=4&bdt=267&fdt=199&idt=71&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90%2C1024x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&uci=3.qg9py9p5x1h9&fsb=1&xpc=qK0PmgGe5n&p=http%3A//files.dp.ua&dtd=202
Frame ID: 8A401E0EC1B404F94360031FAFC9FBE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

37
Requests

57 %
HTTPS

75 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

487 kB
Transfer

1125 kB
Size

10
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://files.zp.ua/images
Title: Загрузить изображение

Search URL Search Domain Scan URL

URL: http://radio.mega.dp.ua/
Title: Слушать радио

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&title=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&description=&image=&utm_source=share2
Title: Р’РљРѕРЅС‚Р°РєС‚Рµ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=sp&u=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&title=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&description=&picture=&utm_source=share2
Title: Facebook

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&title=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&description=&imageUrl=&utm_source=share2
Title: РћРґРЅРѕРєР»Р°СЃСЃРЅРёРєРё

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&title=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&description=&utm_source=share2
Title: РњРѕР№ РњРёСЂ

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&utm_source=share2
Title: Google+

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&hashtags=&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://web.skype.com/share?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&utm_source=share2
Title: Skype

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&text=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&utm_source=share2
Title: telegram

Search URL Search Domain Scan URL

URL: http://bigfile.cc/
Title: Международный файлообменник

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://yandeg.ru/
Title:

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u0442%u043E%u043F-%u0444%u0430%u0439%u043B%u043E%u043E%u0431%u043C%u0435%u043D%u043D%u0438%u043A;0.8986047799777199 HTTP 302
http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u0442%u043E%u043F-%u0444%u0430%u0439%u043B%u043E%u043E%u0431%u043C%u0435%u043D%u043D%u0438%u043A;0.8986047799777199

Request Chain 15

http://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806 HTTP 301
https://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806?&autch=1

Request Chain 34

https://mc.yandex.ru/watch/42556859?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A176769805%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Awn%3A46099%3Ahl%3A2%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA HTTP 302
https://mc.yandex.ru/watch/42556859/1?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A176769805%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Awn%3A46099%3Ahl%3A2%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA

37 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set file Show response
files.dp.ua/ 15 KB
5 KB 886ms
797ms Document
text/html 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 2d631736bd94bf360f9bb8332caa720e87597e3d19f54a5a150f065efdbc8917

Request headers

Host: files.dp.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:27 GMT
Server: Apache/2.4.25 (Debian)
Set-Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5094
Keep-Alive: timeout=10
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK style.css
files.dp.ua/css/ 16 KB
4 KB 49ms
48ms Stylesheet
text/css 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://files.dp.ua/css/style.css
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: c316fe1276b5c72d191fdc35f2e36774ca9dff3e7b36d916b6820b8b4f613506

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://files.dp.ua/file?source=18110209013543851288
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2017 08:41:18 GMT
Server: Apache/2.4.25 (Debian)
ETag: "3e6c-55cfbf3abb375-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 3429
Expires: Sun, 02 Dec 2018 07:37:27 GMT

GET
H/1.1 200
OK jquery.js Show response
files.dp.ua/js/ 138 KB
40 KB 106ms
57ms Script
application/javascript 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://files.dp.ua/js/jquery.js
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 609afaf14a91be2b51ddd8873a5724179fa017c0e72a933552d559aae8748ff2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://files.dp.ua/file?source=18110209013543851288
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2017 08:41:19 GMT
Server: Apache/2.4.25 (Debian)
ETag: "2285c-55cfbf3b96f15-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 40396
Expires: Sun, 04 Nov 2018 07:37:27 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 75 KB
28 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

242f7902796535a2bcd3539b84b94173fd4d324b792d53851dde5b050833c5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 02 Nov 2018 07:37:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8877203323440856829
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 28095
X-XSS-Protection: 1; mode=block
Expires: Fri, 02 Nov 2018 07:37:31 GMT

GET
H/1.1 200
OK share.js Show response
files.dp.ua/js/ 90 KB
29 KB 157ms
55ms Script
application/javascript 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://files.dp.ua/js/share.js
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 1c52ebcc107f3514c351054a6f8da9ef2e59d2ab7698d356ef4a6c96645ebac9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://files.dp.ua/file?source=18110209013543851288
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Nov 2017 08:41:19 GMT
Server: Apache/2.4.25 (Debian)
ETag: "167bc-55cfbf3ba6915-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 29482
Expires: Sun, 04 Nov 2018 07:37:28 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=files.dp.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Nov 2018 07:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=files.dp.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Nov 2018 07:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ 201 KB
75 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

75de0503a616ec5da0f414038f8f93bf6a1140342a78364656c297a1c32508a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 02 Nov 2018 07:37:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8785820319102569331
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 76292
X-XSS-Protection: 1; mode=block
Expires: Fri, 02 Nov 2018 07:37:31 GMT

GET
H/1.1 200
OK bb.png
files.dp.ua/img/ 115 B
464 B 53ms
53ms Image
image/png 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.dp.ua/img/bb.png
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 37b78e20b3e25c2ca13c88554cded1523380fc9757994c0699fab1d7d6c5d3b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://files.dp.ua/css/style.css
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:28 GMT
Last-Modified: Thu, 02 Nov 2017 08:41:18 GMT
Server: Apache/2.4.25 (Debian)
ETag: "73-55cfbf3b52955"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 115
Expires: Sat, 02 Nov 2019 07:37:28 GMT

GET
H/1.1 200
OK find.png
files.dp.ua/img/ 615 B
965 B 48ms
48ms Image
image/png 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.dp.ua/img/find.png
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 679541fd5a2e744e9aa9afcaf1eb4040579fb8a4f91eb8c408b23e6094fce916

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://files.dp.ua/css/style.css
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:28 GMT
Last-Modified: Thu, 02 Nov 2017 08:41:18 GMT
Server: Apache/2.4.25 (Debian)
ETag: "267-55cfbf3b06695"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 615
Expires: Sat, 02 Nov 2019 07:37:28 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ Frame 183A 201 KB
75 KB 31ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

75de0503a616ec5da0f414038f8f93bf6a1140342a78364656c297a1c32508a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 02 Nov 2018 07:37:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8785820319102569331
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 76292
X-XSS-Protection: 1; mode=block
Expires: Fri, 02 Nov 2018 07:37:31 GMT

GET
S 200 ca-pub-6026413138957186.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
435 B 25ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-6026413138957186.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 02 Nov 2018 05:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Nov 2018 23:01:39 GMT
server: sffe
age: 6317
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Fri, 02 Nov 2018 17:52:14 GMT

GET
H/1.1 200
OK up.png
files.dp.ua/img/ 611 B
961 B 52ms
51ms Image
image/png 91.193.130.140
UCMA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://files.dp.ua/img/up.png
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 91.193.130.140 Dnepropetrovsk, Ukraine, ASN44894 (UCMA-AS, UA),
Reverse DNS: 140.130.dts.net.ua
Software: Apache/2.4.25 (Debian) /
Resource Hash: 3dc99fc8d1ef078c279425a696fe792552823352c4a767cc41608a3508d5a2b2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://files.dp.ua/css/style.css
Cookie: PHPSESSID=gid23eco4ruu6g0svkl9ckal97
Connection: keep-alive
Cache-Control: no-cache
Referer: http://files.dp.ua/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:28 GMT
Last-Modified: Thu, 02 Nov 2017 08:41:18 GMT
Server: Apache/2.4.25 (Debian)
ETag: "263-55cfbf3ae43b5"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10
Content-Length: 611
Expires: Sat, 02 Nov 2019 07:37:28 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Oct 2018 19:41:26 GMT
server: Golfe2
age: 4092
date: Fri, 02 Nov 2018 06:29:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17301
expires: Fri, 02 Nov 2018 08:29:19 GMT

GET
S 200 watch_ua.js Show response
d31j93rd8oukbv.cloudfront.net/metrika/ 132 KB
133 KB 56ms
8ms Script
application/javascript 2600:9000:2043:3000:c:3b62:9ac0:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2043:3000:c:3b62:9ac0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e44bda24ac5a6e494fabb4179e28c3e42bd4cbea32d0eb9e1c89221260f95402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 01 Nov 2018 10:51:41 GMT
via: 1.1 1280e48937eca7de58e32cd35415f48a.cloudfront.net (CloudFront)
age: 2750
x-cache: Hit from cloudfront
status: 200
content-length: 135369
last-modified: Thu, 01 Nov 2018 10:06:56 GMT
server: nginx/1.12.2
etag: "5bdad040-210c9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 8k_XV1GQNcy_79Zbs-ljCUrfxyDYKP-0JojOEU3JzptnZBGGWZaKXQ==
expires: Thu, 01 Nov 2018 11:51:41 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%u0...
http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%...

132 B
501 B

43ms
42ms

Image
image/gif

88.212.196.123
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u0442%u043E%u043F-%u0444%u0430%u0439%u043B%u043E%u043E%u0431%u043C%u0435%u043D%u043D%u0438%u043A;0.8986047799777199
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 88.212.196.123 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host63.rax.ru
Software: 0W/0.8c /
Resource Hash: fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: Close
Content-Type: image/gif
Content-Length: 132
Expires: Wed, 01 Nov 2017 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:31 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: http://counter.yadro.ru/hit?q;t44.6;r;s1600*1200*24;uhttp%3A//files.dp.ua/file%3Fsource%3D18110209013543851288;h%u041B%u0443%u0447%u0448%u0438%u0439%20%u0438%20%u0431%u044B%u0441%u0442%u0440%u044B%u0439%20%u0442%u043E%u043F-%u0444%u0430%u0439%u043B%u043E%u043E%u0431%u043C%u0435%u043D%u043D%u0438%u043A;0.8986047799777199
Cache-control: no-cache
Content-Type: text/html
Content-Length: 32
Expires: Wed, 01 Nov 2017 21:00:00 GMT

GET
S

200

cnt.php
count.yandeg.ru/
Redirect Chain

http://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806
https://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806?&autch=1

1 KB
2 KB

96ms
67ms

Image
image/png

2606:4700:30::6818:7a9d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806?&autch=1
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:30::6818:7a9d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/7.2.10
Resource Hash: 12602b24e33cba4a81ca24d9556fc122a0fbd2ba2fa6e0c550a5dcfd056c83f7

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Nov 2018 07:37:32 GMT
content-type: image/png
server: cloudflare
x-powered-by: PHP/7.2.10
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
x-time-exec: 0.045916080474854
cache-control: no-cache, must-revalidate
cf-ray: 4734efb73cd197f2-FRA

Redirect headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:31 GMT
Content-Type: text/html; charset=UTF-8
Server: cloudflare
X-Powered-By: PHP/7.2.10
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://count.yandeg.ru/cnt.php?id=355508&img=9&h=http%3A//files.dp.ua/file%3Fsource%3D18110209013543851288&ref=&s=1600*1200*24&rand=0.8275790388819806?&autch=1
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 4734efb6b685c2d3-FRA

GET
H/1.1 200
OK /
c.bigmir.net/ 481 B
937 B 96ms
45ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://c.bigmir.net/?v16951118&s16949541&t8&c1&n32811&w0&y0&d24&r1600
Requested by: Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288
Protocol: HTTP/1.1
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 3ef439c0687b5b475008213d72cd68020ace451d3e116c0e98ca174b23f50760

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:31 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://www.bigmir.net/w3c/p3p.xml", CP="NON ADM DEV PSA PSD OUR UNI COM NAV INT TAI IVA IND"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Keep-Alive: timeout=5
Expires: 0

GET
H/1.1 200
OK watch.js Show response
mc.yandex.ru/metrika/ 128 KB
44 KB 63ms
24ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/js/share.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

c4a502722e9af7e34a837c87692bba2a765122a6c7cd32fd0be7ac0cfcb441cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Nov 2018 10:06:56 GMT
Server: nginx/1.12.2
ETag: "5bdad040-ad53"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 44371
Expires: Fri, 02 Nov 2018 08:37:31 GMT

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 379fe9eb56cf944ed0d091ded994a7b6df3de0ea55e744f7d110af39d1f0e5f3

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24e783c578e733e71830561d8e8e41c7ef7a3aea2a50f22074a7c006b7739a35

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e79dfb766bb6f1d28b9b9b2b84f72544ad1ffb487e3db1218954907bbcf05f40

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 541 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b0d1cd3d1dcb59411292024dea9eec4387c04446b35f7be8365170308f5468a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 629 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fcf18a19588804a8cb78413404c8da8a6bdfe22629ceb0b5003fee082128977

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 623 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 966 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
S 200 collect
www.google-analytics.com/r/ 35 B
108 B 14ms
13ms Image
image/gif 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j71&a=1251586954&t=pageview&_s=1&dl=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&ul=en-us&de=UTF-8&dt=%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1859518571&gjid=1204532034&cid=930820937.1541144252&tid=UA-91378330-1&_gid=883067614.1541144252&_r=1&z=389400067

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Nov 2018 07:37:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame 59C1 0
0 34ms
6ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181031/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 01 Nov 2018 19:06:53 GMT
expires: Thu, 15 Nov 2018 19:06:53 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 45039
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F5F1 0
0 47ms
44ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&adk=1812271804&adf=3025194257&lmt=1541144251&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1541144251837&bpp=23&bdt=203&fdt=139&idt=136&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=4972642870494&frm=20&pv=2&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=764090&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&uci=0.s56xkgf93njj&fsb=1&dtd=165

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6026413138957186&output=html&adk=1812271804&adf=3025194257&lmt=1541144251&plat=1%3A32776%2C2%3A33800%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1541144251837&bpp=23&bdt=203&fdt=139&idt=136&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=4972642870494&frm=20&pv=2&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=764090&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=0&uci=0.s56xkgf93njj&fsb=1&dtd=165
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Nov 2018 07:37:32 GMT
server: cafe
cache-control: private
content-length: 468
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Nov-2018 07:52:32 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 02 Nov 2018 07:37:32 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/ 75 KB
28 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 31 Oct 2018 14:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28222
x-xss-protection: 1; mode=block
server: cafe
etag: 2884000118126310004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 14 Nov 2018 14:19:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame B7D6 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181031/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 01 Nov 2018 19:06:53 GMT
expires: Thu, 15 Nov 2018 19:06:53 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 45039
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame DAD7 0
0 157ms
156ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=5427526352&adk=4193746731&adf=1810271952&w=980&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251860&bpp=14&bdt=225&fdt=157&idt=113&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=34318522&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.n3pq0q8y3n35&fsb=1&xpc=zJNXh8J7uz&p=http%3A//files.dp.ua&dtd=164

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=5427526352&adk=4193746731&adf=1810271952&w=980&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=980x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251860&bpp=14&bdt=225&fdt=157&idt=113&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=34318522&dssz=23&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=310&ady=61&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=1&uci=1.n3pq0q8y3n35&fsb=1&xpc=zJNXh8J7uz&p=http%3A//files.dp.ua&dtd=164
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Nov 2018 07:37:32 GMT
server: cafe
cache-control: private
content-length: 383
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Nov-2018 07:52:32 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 02 Nov 2018 07:37:32 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/42556859/
Redirect Chain

https://mc.yandex.ru/watch/42556859?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%...
https://mc.yandex.ru/watch/42556859/1?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3As...

0
-1 B

13ms
13ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/42556859/1?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A176769805%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Awn%3A46099%3Ahl%3A2%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
Last-Modified: Fri, 02-Nov-2018 07:37:32 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: http://files.dp.ua
Strict-Transport-Security: max-age=31536000
Location: /watch/42556859/1?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A176769805%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Awn%3A46099%3Ahl%3A2%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 02-Nov-2018 07:37:32 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
Last-Modified: Fri, 02-Nov-2018 07:37:32 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: http://files.dp.ua
Strict-Transport-Security: max-age=31536000
Location: /watch/42556859/1?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A176769805%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Awn%3A46099%3Ahl%3A2%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 02-Nov-2018 07:37:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame FEEF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181031/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 01 Nov 2018 19:06:53 GMT
expires: Thu, 15 Nov 2018 19:06:53 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 45039
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame AD3B 0
0 185ms
183ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=2488053153&adk=560204778&adf=2191844855&w=1024&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1024x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251896&bpp=5&bdt=262&fdt=186&idt=77&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=281&ady=274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.pp900rk35e0t&fsb=1&xpc=pOr1ZMXnkr&p=http%3A//files.dp.ua&dtd=189

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6026413138957186&output=html&h=90&slotname=2488053153&adk=560204778&adf=2191844855&w=1024&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=1024x90&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251896&bpp=5&bdt=262&fdt=186&idt=77&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=281&ady=274&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&uci=2.pp900rk35e0t&fsb=1&xpc=pOr1ZMXnkr&p=http%3A//files.dp.ua&dtd=189
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Nov 2018 07:37:32 GMT
server: cafe
cache-control: private
content-length: 385
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUnMTEYatlZZfqm4KlYIERXU2Q1yaMeCykkECFgI0tqaYbJ_POqARMfOczo-; expires=Wed, 27-Nov-2019 07:37:32 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 02 Nov 2018 07:37:32 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 13ms
12ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 07:37:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Fri, 02 Nov 2018 08:37:32 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/42556859/ 152 B
1 KB 26ms
13ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

001d07e1fbcccfe8a0700852f711e6e214f4e92af5a5cde86cf7f5f73a226d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
Origin: http://files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02-Nov-2018 07:37:32 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://files.dp.ua
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Fri, 02-Nov-2018 07:37:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/ Frame 5BD7 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181031/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181031/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 01 Nov 2018 19:06:53 GMT
expires: Thu, 15 Nov 2018 19:06:53 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 45039
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8A40 0
0 164ms
162ms Document
text/html 2a00:1450:4001:81b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6026413138957186&output=html&h=60&slotname=2488053153&adk=1786889798&adf=717698281&w=720&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=720x60&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251902&bpp=4&bdt=267&fdt=199&idt=71&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90%2C1024x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&uci=3.qg9py9p5x1h9&fsb=1&xpc=qK0PmgGe5n&p=http%3A//files.dp.ua&dtd=202

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20181031/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6026413138957186&output=html&h=60&slotname=2488053153&adk=1786889798&adf=717698281&w=720&fwrn=4&fwrnh=100&lmt=1541144252&rafmt=1&guci=1.2.0.0.2.2.0.0&format=720x60&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1541144251902&bpp=4&bdt=267&fdt=199&idt=71&shv=r20181031&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C980x90%2C1024x90&nras=1&correlator=4972642870494&frm=20&pv=1&ga_vid=930820937.1541144252&ga_sid=1541144252&ga_hid=1251586954&ga_fc=0&iag=0&icsg=8579770&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=430&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21070025%2C21061796%2C188690904&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&uci=3.qg9py9p5x1h9&fsb=1&xpc=qK0PmgGe5n&p=http%3A//files.dp.ua&dtd=202
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://files.dp.ua/file?source=18110209013543851288
accept-encoding: gzip, deflate
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://files.dp.ua/file?source=18110209013543851288

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Nov 2018 07:37:32 GMT
server: cafe
cache-control: private
content-length: 386
x-xss-protection: 1; mode=block
set-cookie: IDE=AHWqTUn0Lw66k4r83GzLZKd3kpvbPlf8J25UEICIMTXY8KBfl7NitA9KJKxoETWM; expires=Wed, 27-Nov-2019 07:37:32 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Fri, 02 Nov 2018 07:37:32 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 183A 0
427 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6026413138957186&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20181024_142142&afm=0&as_count=3&d_count=0&ng_count=0&am_count=0&atf_count=3&su=files.dp.ua&r=0.1

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 26812653 Show response
mc.yandex.ru/watch/ 133 B
679 B 13ms
13ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/26812653?wmode=7&page-url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288&charset=utf-8&site-info=%7B%22jquery%22%3Atrue%2C%22version%22%3A%221.7.2%22%2C%22shareVersion%22%3A2%7D&browser-info=ti%3A10%3Ans%3A1541144250745%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Ai%3A20181102073732%3Aet%3A1541144252%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A152686746%3Ahid%3A276067144%3Ads%3A42%2C47%2C797%2C1%2C1%2C0%2C0%2C285%2C10%2C%2C%2C%2C1174%3Afp%3A1147%3Agdpr%3A14%3Afu%3A0%3Av%3A1302%3Ast%3A1541144252%3Au%3A1541144252150286831%3At%3A%D0%9B%D1%83%D1%87%D1%88%D0%B8%D0%B9%20%D0%B8%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B9%20%D1%82%D0%BE%D0%BF-%D1%84%D0%B0%D0%B9%D0%BB%D0%BE%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%BD%D0%B8%D0%BA

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7be673f736bff89d0eb0be4324fe6acf90692bf344ce91eda87e76577205cd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
Origin: http://files.dp.ua
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 02-Nov-2018 07:37:32 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://files.dp.ua
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Fri, 02-Nov-2018 07:37:32 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 183A 0
427 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=4193746731&adf=1810271952&fmt=980x90&str=false&ad_y=61&vph=1200&r_nh=0&qid=CK2jw92Ztd4CFY_QdwodcOEE2Q&w=980&h=90&err=1&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 183A 0
427 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1786889798&adf=717698281&fmt=720x60&str=false&ad_y=430&vph=1200&r_nh=0&qid=CJ_8x92Ztd4CFQnQdwod73YNZw&w=720&h=60&err=1&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288

Requested by

Host: files.dp.ua
URL: http://files.dp.ua/file?source=18110209013543851288

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 183A 0
427 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=560204778&adf=2191844855&fmt=1024x90&str=false&ad_y=274&vph=1200&r_nh=0&qid=CNP8xt2Ztd4CFVTydwodIyIE0Q&w=1024&h=90&err=1&url=http%3A%2F%2Ffiles.dp.ua%2Ffile%3Fsource%3D18110209013543851288

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://files.dp.ua/file?source=18110209013543851288
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Nov 2018 07:37:32 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.files.dp.ua/	1970-01-18 20:06:56	Name: _ym_isad Value: 2
.files.dp.ua/	1970-01-18 20:05:46	Name: _ym_visorc_42556859 Value: w
.files.dp.ua/	1970-01-19 04:51:20	Name: _ym_d Value: 1541144252
.files.dp.ua/	1970-01-18 20:05:44	Name: _gat Value: 1
.files.dp.ua/	1970-01-19 13:36:56	Name: _ga Value: GA1.3.930820937.1541144252
files.dp.ua/	1969-12-31 23:59:59	Name: b Value: b
.doubleclick.net/	1970-01-19 05:27:20	Name: IDE Value: AHWqTUnMTEYatlZZfqm4KlYIERXU2Q1yaMeCykkECFgI0tqaYbJ_POqARMfOczo-
.files.dp.ua/	1970-01-19 04:51:20	Name: _ym_uid Value: 1541144252150286831
.files.dp.ua/	1970-01-18 20:07:10	Name: _gid Value: GA1.3.883067614.1541144252
files.dp.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: gid23eco4ruu6g0svkl9ckal97

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.bigmir.net
count.yandeg.ru
counter.yadro.ru
d31j93rd8oukbv.cloudfront.net
files.dp.ua
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
www.google-analytics.com
193.239.68.97
2600:9000:2043:3000:c:3b62:9ac0:21
2606:4700:30::6818:7a9d
2606:4700:30::6818:7b9d
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::200e
2a02:6b8::1:119
88.212.196.123
91.193.130.140
001d07e1fbcccfe8a0700852f711e6e214f4e92af5a5cde86cf7f5f73a226d88
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cc98d8e92a98749ce2cc2ecfd5cba57cdffa8e04048f66785646ddd3a2d6f75
12602b24e33cba4a81ca24d9556fc122a0fbd2ba2fa6e0c550a5dcfd056c83f7
1b0d1cd3d1dcb59411292024dea9eec4387c04446b35f7be8365170308f5468a
1c52ebcc107f3514c351054a6f8da9ef2e59d2ab7698d356ef4a6c96645ebac9
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
242f7902796535a2bcd3539b84b94173fd4d324b792d53851dde5b050833c5ad
2462686d344ef1fd4018b47593f655e60e8f0e31c9c6d75e78d2197c3c1f08b7
24e783c578e733e71830561d8e8e41c7ef7a3aea2a50f22074a7c006b7739a35
2d631736bd94bf360f9bb8332caa720e87597e3d19f54a5a150f065efdbc8917
2d6b8ecb2f70ad50610c2956c63e8b068d64b18b39ab2d3736fa5a81c8a2cac9
379fe9eb56cf944ed0d091ded994a7b6df3de0ea55e744f7d110af39d1f0e5f3
37b78e20b3e25c2ca13c88554cded1523380fc9757994c0699fab1d7d6c5d3b6
3dc99fc8d1ef078c279425a696fe792552823352c4a767cc41608a3508d5a2b2
3ef439c0687b5b475008213d72cd68020ace451d3e116c0e98ca174b23f50760
4fcf18a19588804a8cb78413404c8da8a6bdfe22629ceb0b5003fee082128977
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54af46f306964af72da59c1d80240015e8f1bec1d723a259bb0e8944f30786b0
609afaf14a91be2b51ddd8873a5724179fa017c0e72a933552d559aae8748ff2
679541fd5a2e744e9aa9afcaf1eb4040579fb8a4f91eb8c408b23e6094fce916
75de0503a616ec5da0f414038f8f93bf6a1140342a78364656c297a1c32508a0
7be673f736bff89d0eb0be4324fe6acf90692bf344ce91eda87e76577205cd89
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
c316fe1276b5c72d191fdc35f2e36774ca9dff3e7b36d916b6820b8b4f613506
c4a502722e9af7e34a837c87692bba2a765122a6c7cd32fd0be7ac0cfcb441cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44bda24ac5a6e494fabb4179e28c3e42bd4cbea32d0eb9e1c89221260f95402
e79dfb766bb6f1d28b9b9b2b84f72544ad1ffb487e3db1218954907bbcf05f40
f64f60b60f581caadfa1cf9b012ca732c4f4a24c8475027e7b7a225f20ce4278
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48

files.dp.ua Open in urlscan Pro 91.193.130.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

57 %HTTPS

75 %IPv6

11 Domains

11 Subdomains

12 IPs

4 Countries

487 kBTransfer

1125 kBSize

10 Cookies

14 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

files.dp.ua Open in urlscan Pro
91.193.130.140 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

57 %
HTTPS

75 %
IPv6

11
Domains

11
Subdomains

12
IPs

4
Countries

487 kB
Transfer

1125 kB
Size

10
Cookies

37 HTTP transactions
10 data transactions