urlscan.io logo urlscan.io
SecurityTrails logo

id.mcfr.ua Open in urlscan Pro
3.74.26.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mcfr.ua/
Effective URL: https://id.mcfr.ua/Logon?returnUrl=/
Submission Tags: falconsandbox
Submission: On May 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 3.74.26.12, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is id.mcfr.ua.
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time id.mcfr.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 35.158.152.223 16509 (AMAZON-02)
1 7 3.74.26.12 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 212.193.146.48 34879 (CCT-AS NG...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
28 10
3    35.158.152.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-152-223.eu-central-1.compute.amazonaws.com
mcfr.ua
cdn.mcfr.ua
7    3.74.26.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
id.mcfr.ua
capi.mcfr.ua
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    212.193.146.48 (Russian Federation)

ASN34879 (CCT-AS NGENIX, RU)
PTR: cdn.ngenix.net
cdn.action-mcfr.ru
6    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
10 mcfr.ua
mcfr.ua
id.mcfr.ua
capi.mcfr.ua
cdn.mcfr.ua
598 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9100
3 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
region1.google-analytics.com — Cisco Umbrella Rank: 2587
21 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3863
59 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
179 KB
1 action-mcfr.ru
cdn.action-mcfr.ru — Cisco Umbrella Rank: 934032
37 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 3995
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 200
1 KB
0 yandex.ua Failed
mc.yandex.ua Failed
28 9
Domain Requested by
7 mc.yandex.com 3 redirects id.mcfr.ua
6 www.google-analytics.com www.googletagmanager.com
browser.sentry-cdn.com
id.mcfr.ua
4 id.mcfr.ua 1 redirects id.mcfr.ua
3 mc.yandex.ru 2 redirects id.mcfr.ua
3 www.googletagmanager.com id.mcfr.ua
www.googletagmanager.com
3 capi.mcfr.ua id.mcfr.ua
browser.sentry-cdn.com
2 cdn.mcfr.ua id.mcfr.ua
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.action-mcfr.ru cdn.mcfr.ua
1 browser.sentry-cdn.com id.mcfr.ua
1 cdnjs.cloudflare.com id.mcfr.ua
1 mcfr.ua 1 redirects
0 mc.yandex.ua Failed id.mcfr.ua
28 13

This site contains no links.

Subject Issuer Validity Valid
mcfr.ua
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
cdn.action-mcfr.ru
R3		 2023-04-19 -
2023-07-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://id.mcfr.ua/Logon?returnUrl=/
Frame ID: 771B8DB7C7BE3E061576266EC9988C97
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Вхід у продукти Цифрового видавництва MCFR

Page URL History Show full URLs

  1. http://mcfr.ua/ HTTP 302
    https://id.mcfr.ua/ Page URL
  2. https://id.mcfr.ua/ HTTP 302
    https://id.mcfr.ua/Logon?returnUrl=/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

28
Requests

82 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

10
IPs

3
Countries

911 kB
Transfer

3252 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mcfr.ua/ HTTP 302
    https://id.mcfr.ua/ Page URL
  2. https://id.mcfr.ua/ HTTP 302
    https://id.mcfr.ua/Logon?returnUrl=/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mcfr.ua/ HTTP 302
  • https://id.mcfr.ua/
Request Chain 24
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.T-fqyp2DguMuCuCRGS6MkLJyVgaaQWQs6avZfUpzA4j_j16gJ_zCcJG2nZSCOMCI.MgyP6Mjo8p6hNlscVVI_y2KJ_NU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.BO6rcqa0QdXNX6nl0aL31eU1LnfCG4jEvaCIFsBB9lmUkesHy_HVs1LYc-bpr6i3Nmu5Dp7JnRo_9XZ7tmDvDNCSpT1w_RrICcmjh1C6lzU%2C.oLejqvNnVBNrEjM_eGg73ZkGpU0%2C
Request Chain 27
  • https://mc.yandex.com/watch/21795139?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A274459628970%3Ahid%3A194962683%3Az%3A0%3Ai%3A20230505110728%3Aet%3A1683284848%3Ac%3A1%3Arn%3A832969312%3Arqn%3A1%3Au%3A1683284848282105539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C156%2C1%2C140%2C139%2C1%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1683284847434%3Arqnl%3A1%3Ast%3A1683284849%3At%3A%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/21795139/1?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A274459628970%3Ahid%3A194962683%3Az%3A0%3Ai%3A20230505110728%3Aet%3A1683284848%3Ac%3A1%3Arn%3A832969312%3Arqn%3A1%3Au%3A1683284848282105539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C156%2C1%2C140%2C139%2C1%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1683284847434%3Arqnl%3A1%3Ast%3A1683284849%3At%3A%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 30
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.aG3XhoBbfyz-gohqkoqoBswTAWg7o-fBDonQFZrBKSEWh-nyDqI4G2zgulXWs7D7.loMLHCiGgLxS81D8n0u9U-exPCQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.ZLQahA1JKoA_T-dDvDLvOLk46DNm4f_4JEsC8LvPuN8J_4vn7mNCTMJMaW95BccEJYO0uTbmFbqGTgLSNLM742RoOTJ7fBgpwcyov60DOA4%2C.TfugLgPRf6qM13j_TKQtBrURyhk%2C

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
id.mcfr.ua/
Redirect Chain
  • http://mcfr.ua/
  • https://id.mcfr.ua/
3 KB
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://id.mcfr.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a6fd70aaeb2c4f59924ab5d31a6dcb0bfaa182fe13f4578bdfb08eaceb7c5390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 05 May 2023 11:07:27 GMT
server
nginx
x-operation-id
7b9c235297eaa6e4e7208e807da72fdd 7b9c235297eaa6e4e7208e807da72fdd

Redirect headers

Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Fri, 05 May 2023 11:07:26 GMT
Location
https://id.mcfr.ua
Server
nginx
X-Operation-Id
e7f1395fab8595f1b85e1ea7b941142c
callback
capi.mcfr.ua/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.mcfr.ua/callback
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c72b2737b7437641dcfdf8cd91396c9c981acde2babd1ecb3acbf0f0092ef39f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
content-encoding
gzip
server
nginx
x-operation-id
879aad5111d3bfe0762023077add39b8, 879aad5111d3bfe0762023077add39b8
access-control-max-age
30
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://id.mcfr.ua
access-control-expose-headers
Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Connection, Content-Encoding, Content-Language, Content-Length, Content-Type, Date, Set-Cookie, Server, Status, X-Forwarded-For, X-Operation-Id, X-XSS-Protection
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept, Accept-Charset, Accept-Encoding, Accept-Language, Cache-Control, Content-Type, Cookie, DNT, Pragma, Referer, User-Agent, X-Forwarded-For
auth_sync
id.mcfr.ua/_api/auth/logics/ 		0
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.mcfr.ua/_api/auth/logics/auth_sync?robin=3a34e2af460140869293561fd7db07b77e699a3e53a54c178afbe31035dcdb5a
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
server
nginx
x-operation-id
bede65ed6d908fd766a537d6b80948d6, bede65ed6d908fd766a537d6b80948d6
content-type
text/plain
Primary Request Logon
id.mcfr.ua/
Redirect Chain
  • https://id.mcfr.ua/
  • https://id.mcfr.ua/Logon?returnUrl=/
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.mcfr.ua/Logon?returnUrl=/
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
34d1a914df12a34e506bffce4e0b6fab272e3c46851f14e82a38d3150d980dce
Security Headers
Name Value
Content-Security-Policy frame-src *

Request headers

Referer
https://id.mcfr.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Fri, 05 May 2023 11:07:27 GMT
server
nginx
vary
Accept-Encoding
x-operation-id
1b4001e38b2c60aee152d57f120e00a1 1b4001e38b2c60aee152d57f120e00a1 1b4001e38b2c60aee152d57f120e00a1

Redirect headers

content-type
application/octet-stream
date
Fri, 05 May 2023 11:07:27 GMT
location
https://id.mcfr.ua/Logon?returnUrl=/
server
nginx
x-operation-id
00151b8696294e299de5cf0546298dfc 00151b8696294e299de5cf0546298dfc 00151b8696294e299de5cf0546298dfc
reset.css
cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.css
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
666348
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
470
last-modified
Mon, 04 May 2020 16:13:23 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f23-444"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P6Q1pz%2F1Xo4hrEBm8zhfDLOAu2KlOQ6u1zfFlLJWg1ljNcHheCUmcUFicq1hLgidiNwixFpZ0wd5oEFCB%2Boaw6hW4LS%2FOx5emX2BHOToI73R0txOJGlff4ZDosE4q1RZryZJ7xrFiICj0CdoOyHvOw1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c28851a8fae37f1-FRA
expires
Wed, 24 Apr 2024 11:07:27 GMT
main.d50f22cfafa80d161cf5.css
cdn.mcfr.ua/prod/mi/id2-forms/ce52d3c0/assets//h/ 		101 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mcfr.ua/prod/mi/id2-forms/ce52d3c0/assets//h/main.d50f22cfafa80d161cf5.css
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-223.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ba0915e70d2409b19f547694aaf64e1ae168145ec18425a4beee9a64024a2c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 13:39:05 GMT
server
nginx
x-operation-id
1b984680641df5862ea5a37624e697d3, 1b984680641df5862ea5a37624e697d3
x-amz-request-id
tx000001d7a6d162b366be4-006454e36f-3a68e5-msk2
etag
W/"8a67aa07775f467ad294465d5fe39ad4"
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-allow-headers
Cookies,Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Manager-Info
js
www.googletagmanager.com/gtag/ 		115 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36540947-1
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4c5998d18757e6551545eaf508efca6d8c17d4c36e3f423893ecd30940a4c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45774
x-xss-protection
0
last-modified
Fri, 05 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 May 2023 11:07:28 GMT
bundle.min.js
browser.sentry-cdn.com/5.9.0/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.9.0/bundle.min.js
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e460456c2d2bba38a792897d969d75230536b1e21b097eed2a33adb2041f464e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://id.mcfr.ua/
Origin
https://id.mcfr.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 13 Nov 2019 19:49:27 GMT
server
Fastly
age
3266536
etag
"3a1f969eb2c9aaee83092d9df241152a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16851
expires
Wed, 27 Mar 2024 15:45:11 GMT
main.d50f22cfafa80d161cf5.js
cdn.mcfr.ua/prod/mi/id2-forms/ce52d3c0/assets//h/ 		2 MB
554 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mcfr.ua/prod/mi/id2-forms/ce52d3c0/assets//h/main.d50f22cfafa80d161cf5.js
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.152.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-152-223.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8155efdfaf9e2585e4c4f62e6aef4db15c4e53e16d57ca34d67c209dc4fe50ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 13:39:05 GMT
server
nginx
x-operation-id
3bebab9f13a18d2d0771fb9e37f680a7, 3bebab9f13a18d2d0771fb9e37f680a7
x-amz-request-id
tx00000db223ef2de1ffc81-006454e36f-3ed849-msk2
etag
W/"d6aaa0a8b903168cc399327a63685a20"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
access-control-allow-credentials
true
access-control-allow-headers
Cookies,Authorization,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,X-Manager-Info
gtm.js
www.googletagmanager.com/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M48WTG2
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6708f2cabf6b4b7bb4d0c501542d33a332df2523ed38e744dd6d39e915ba9245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53998
x-xss-protection
0
last-modified
Fri, 05 May 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 May 2023 11:07:28 GMT
watch.js
mc.yandex.ru/metrika/ 		164 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ea2125f45b490e13302f2eca2042661f03def550043ea9c5317102b35f0408ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 10:37:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454b222-e5cf"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58831
expires
Fri, 05 May 2023 12:07:28 GMT
truncated
/ 		614 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc296b9b364e0f566128ab692096711fbab2096f6e5436384c1fa10e3e923288

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		419 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5978574f38659347cd5aaa72727c66e13e73c43d8ca8eec4a9c5ff817915403

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		748 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
777551d54051bdb33e308475a6ae56bf4c64fbf58d849c3c8f7419d24b1cb03b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94b7515a808dcc16cfff58bf3fd68ddd6e971ea7817c6203855cce37e808e647

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
proximanova-semibold-webfont.woff
cdn.action-mcfr.ru/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.action-mcfr.ru/fonts/proximanova-semibold-webfont.woff
Requested by
Host: cdn.mcfr.ua
URL: https://cdn.mcfr.ua/prod/mi/id2-forms/ce52d3c0/assets//h/main.d50f22cfafa80d161cf5.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.193.146.48 , Russian Federation, ASN34879 (CCT-AS NGENIX, RU),
Reverse DNS
cdn.ngenix.net
Software
nginx /
Resource Hash
959585ddcd887676b28628f1ec3f0d98e017fbed9093eb783a619a4e559a3c06

Request headers

Referer
https://cdn.mcfr.ua/
Origin
https://id.mcfr.ua
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
x-ngenix-cache
HIT
last-modified
Wed, 23 Sep 2020 13:15:42 GMT
server
nginx
x-amz-request-id
tx0000000000000353bc76a-00633d67b8-5972f618-default
etag
"120c319df94de87a2ffd54dd240366eb"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
content-length
37888
x-ngenix-storage
ADC
truncated
/ 		399 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
636e603adc5f8cbce62c8688f6a6c4b73cd551f6cab76b0d93169059716d1b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36540947-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 May 2023 11:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
144
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 05 May 2023 13:05:04 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R7FMFVTT7G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M48WTG2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d323f543afeedc8cf7e979f182fc87c91fda709785ed2448c6e7f0dc9b1732c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 May 2023 11:07:28 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-R7FMFVTT7G&gtm=45je3530&_p=809451848&cid=994051474.1683284848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1683284848&sct=1&seg=0&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&dr=https%3A%2F%2Fid.mcfr.ua%2F&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R7FMFVTT7G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 11:07:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id.mcfr.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=809451848&t=pageview&_s=1&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAACAAI~&jid=652189892&gjid=1810064499&cid=994051474.1683284848&tid=UA-36540947-1&_gid=2090378992.1683284848&_r=1&gtm=457e3530&jsscut=1&z=1883992833
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://id.mcfr.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 May 2023 11:07:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id.mcfr.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=809451848&t=pageview&_s=1&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAACAAI~&jid=1623225373&gjid=922884039&cid=994051474.1683284848&tid=UA-36540947-2&_gid=2090378992.1683284848&_r=1&_slc=1&gtm=45He3530n81M48WTG2&z=1360191342
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://id.mcfr.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 May 2023 11:07:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://id.mcfr.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=809451848&t=pageview&_s=2&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAACAAI~&jid=&gjid=&cid=994051474.1683284848&tid=UA-36540947-1&_gid=2090378992.1683284848&gtm=457e3530&jsscut=1&z=1761639596
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 23:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43264
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=809451848&t=pageview&_s=3&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAACAAI~&jid=&gjid=&cid=994051474.1683284848&tid=UA-36540947-1&_gid=2090378992.1683284848&gtm=457e3530&jsscut=1&z=258711132
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 23:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43264
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=809451848&t=pageview&_s=4&dl=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&ul=en-us&de=UTF-8&dt=%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAACAAI~&jid=&gjid=&cid=994051474.1683284848&tid=UA-36540947-1&_gid=2090378992.1683284848&gtm=457e3530&jsscut=1&z=230535381
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 May 2023 23:06:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43264
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9992.T-fqyp2DguMuCuCRGS6MkLJyVgaaQWQs6avZfUpzA4j_j16gJ_zCcJG2nZSCOMCI.MgyP6Mjo8p6hNlscVVI_y2KJ_NU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9992.BO6rcqa0QdXNX6nl0aL31eU1LnfCG4jEvaCIFsBB9lmUkesHy_HVs1LYc-bpr6i3Nmu5Dp7JnRo_9XZ7tmDvDNCSpT1w_RrICcmjh1C6lzU%2C.oLejqvNnVBNrEjM_eGg73ZkGpU0%2C
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9992.BO6rcqa0QdXNX6nl0aL31eU1LnfCG4jEvaCIFsBB9lmUkesHy_HVs1LYc-bpr6i3Nmu5Dp7JnRo_9XZ7tmDvDNCSpT1w_RrICcmjh1C6lzU%2C.oLejqvNnVBNrEjM_eGg73ZkGpU0%2C
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9992.BO6rcqa0QdXNX6nl0aL31eU1LnfCG4jEvaCIFsBB9lmUkesHy_HVs1LYc-bpr6i3Nmu5Dp7JnRo_9XZ7tmDvDNCSpT1w_RrICcmjh1C6lzU%2C.oLejqvNnVBNrEjM_eGg73ZkGpU0%2C
date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_check
mc.yandex.ua/ 		0
0
advert.gif
mc.yandex.com/metrika/ 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: id.mcfr.ua
URL: https://id.mcfr.ua/Logon?returnUrl=/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05 May 2023 10:37:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6454b222-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 05 May 2023 12:07:28 GMT
1
mc.yandex.com/watch/21795139/
Redirect Chain
  • https://mc.yandex.com/watch/21795139?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3...
  • https://mc.yandex.com/watch/21795139/1?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf...
447 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/21795139/1?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A274459628970%3Ahid%3A194962683%3Az%3A0%3Ai%3A20230505110728%3Aet%3A1683284848%3Ac%3A1%3Arn%3A832969312%3Arqn%3A1%3Au%3A1683284848282105539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C156%2C1%2C140%2C139%2C1%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1683284847434%3Arqnl%3A1%3Ast%3A1683284849%3At%3A%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e93dd1ee5a967f891da7ca7f88162288a082f77baf671e4ddc3c3066220fa34d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 05-May-2023 11:07:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://id.mcfr.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Fri, 05-May-2023 11:07:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05-May-2023 11:07:28 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/21795139/1?wmode=7&page-url=https%3A%2F%2Fid.mcfr.ua%2FLogon%3FreturnUrl%3D%2F&page-ref=https%3A%2F%2Fid.mcfr.ua%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aiwhcse2c9umatouo0rfee7%3Afp%3A645%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1012%3Acn%3A1%3Adp%3A0%3Als%3A274459628970%3Ahid%3A194962683%3Az%3A0%3Ai%3A20230505110728%3Aet%3A1683284848%3Ac%3A1%3Arn%3A832969312%3Arqn%3A1%3Au%3A1683284848282105539%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C0%2C156%2C1%2C140%2C139%2C1%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1683284847434%3Arqnl%3A1%3Ast%3A1683284849%3At%3A%D0%92%D1%85%D1%96%D0%B4%20%D1%83%20%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B8%20%D0%A6%D0%B8%D1%84%D1%80%D0%BE%D0%B2%D0%BE%D0%B3%D0%BE%20%D0%B2%D0%B8%D0%B4%D0%B0%D0%B2%D0%BD%D0%B8%D1%86%D1%82%D0%B2%D0%B0%20MCFR&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://id.mcfr.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 05-May-2023 11:07:28 GMT
gauge-raw_set-many
capi.mcfr.ua/metrics/backend/api/v1/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.mcfr.ua/metrics/backend/api/v1/gauge-raw_set-many
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://id.mcfr.ua/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 May 2023 11:07:29 GMT
server
nginx
x-operation-id
25e02d32589658fcc7c01feb14b40f58, 25e02d32589658fcc7c01feb14b40f58, 25e02d32589658fcc7c01feb14b40f58
access-control-max-age
30
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://id.mcfr.ua
access-control-expose-headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
content-length
0
gauge-raw_set-many
capi.mcfr.ua/metrics/backend/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://capi.mcfr.ua/metrics/backend/api/v1/gauge-raw_set-many
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.26.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-26-12.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://id.mcfr.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Content-Type,Cookie,DNT,Pragma,Referer,User-Agent,X-Forwarded-For
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://id.mcfr.ua
access-control-expose-headers
Access-Control-Allow-Credentials,Access-Control-Allow-Headers,Access-Control-Allow-Methods,Access-Control-Allow-Origin,Access-Control-Expose-Headers,Access-Control-Max-Age,Accept,Accept-Charset,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Encoding,Content-Language,Content-Length,Content-Type,Date,Set-Cookie,Server,Status,X-Forwarded-For,X-Operation-Id,X-XSS-Protection
access-control-max-age
30
content-length
0
content-type
application/octet-stream
date
Fri, 05 May 2023 11:07:28 GMT
server
nginx
x-operation-id
adbfa90f5d129b25afc0ae8635c78cd6 adbfa90f5d129b25afc0ae8635c78cd6 adbfa90f5d129b25afc0ae8635c78cd6
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9992.aG3XhoBbfyz-gohqkoqoBswTAWg7o-fBDonQFZrBKSEWh-nyDqI4G2zgulXWs7D7.loMLHCiGgLxS81D8n0u9U-exPCQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.ZLQahA1JKoA_T-dDvDLvOLk46DNm4f_4JEsC8LvPuN8J_4vn7mNCTMJMaW95BccEJYO0uTbmFbqGTgLSNLM742RoOTJ7fBgpwcyov60DOA4%2C.TfugLgPRf6qM13j_TK...
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.ZLQahA1JKoA_T-dDvDLvOLk46DNm4f_4JEsC8LvPuN8J_4vn7mNCTMJMaW95BccEJYO0uTbmFbqGTgLSNLM742RoOTJ7fBgpwcyov60DOA4%2C.TfugLgPRf6qM13j_TKQtBrURyhk%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://id.mcfr.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9992.ZLQahA1JKoA_T-dDvDLvOLk46DNm4f_4JEsC8LvPuN8J_4vn7mNCTMJMaW95BccEJYO0uTbmFbqGTgLSNLM742RoOTJ7fBgpwcyov60DOA4%2C.TfugLgPRf6qM13j_TKQtBrURyhk%2C
date
Fri, 05 May 2023 11:07:28 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sync_cookie_image_check_secondary
mc.yandex.ua/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.ua
URL
https://mc.yandex.ua/sync_cookie_image_check
Domain
mc.yandex.ua
URL
https://mc.yandex.ua/sync_cookie_image_check_secondary

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| __assets_base_url__ string| __browser_application_language__ object| __store__ object| _actionConfig object| dataLayer function| gtag object| Sentry object| __SENTRY__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| Ya object| yaCounter21795139 object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _

21 Cookies

Domain/Path Name / Value
.mcfr.ua/ Name: robin
Value: 3a34e2af460140869293561fd7db07b77e699a3e53a54c178afbe31035dcdb5a
.id.mcfr.ua/ Name: robin
Value: 3a34e2af460140869293561fd7db07b77e699a3e53a54c178afbe31035dcdb5a
.mcfr.ua/ Name: _ga_R7FMFVTT7G
Value: GS1.1.1683284848.1.0.1683284848.0.0.0
.mcfr.ua/ Name: _ga
Value: GA1.2.994051474.1683284848
.mcfr.ua/ Name: _gid
Value: GA1.2.2090378992.1683284848
.mcfr.ua/ Name: _gat_gtag_UA_36540947_1
Value: 1
.id.mcfr.ua/ Name: _ga
Value: GA1.3.994051474.1683284848
.id.mcfr.ua/ Name: _gid
Value: GA1.3.2090378992.1683284848
.id.mcfr.ua/ Name: _gat_gtmActionLK
Value: 1
.mcfr.ua/ Name: _ym_uid
Value: 1683284848282105539
.mcfr.ua/ Name: _ym_d
Value: 1683284848
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2072119441fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 103173340fake
.mcfr.ua/ Name: _ym_isad
Value: 2
mc.yandex.com/ Name: yabs-sid
Value: 754443291683284848
.yandex.com/ Name: i
Value: zxLM35rqOYfUIgM7B1TD4qwny5gDDY1ke0HdOPiKQu6/U0eQJWb4dDkexKmZwwU4a6HDKqnC4dR73aOBrwCb6lZxtOU=
.yandex.com/ Name: yandexuid
Value: 3980374271683284848
.yandex.com/ Name: yuidss
Value: 3980374271683284848
.yandex.com/ Name: ymex
Value: 1714820848.yc.1683284848#1714820848.yrts.1683284848#1714820848.yrtsi.1683284848
.yandex.com/ Name: bh
Value: KgI/MA==
.mcfr.ua/ Name: _ym_visorc
Value: w

2 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.ua/sync_cookie_image_check
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://mc.yandex.ua/sync_cookie_image_check_secondary
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
capi.mcfr.ua
cdn.action-mcfr.ru
cdn.mcfr.ua
cdnjs.cloudflare.com
id.mcfr.ua
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
mcfr.ua
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
mc.yandex.ua
2001:4860:4802:34::36
212.193.146.48
2606:4700::6811:180e
2a00:1450:4001:827::200e
2a00:1450:4001:830::2008
2a02:6b8::1:119
2a04:4e42:200::729
3.74.26.12
35.158.152.223
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
34d1a914df12a34e506bffce4e0b6fab272e3c46851f14e82a38d3150d980dce
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
636e603adc5f8cbce62c8688f6a6c4b73cd551f6cab76b0d93169059716d1b96
6708f2cabf6b4b7bb4d0c501542d33a332df2523ed38e744dd6d39e915ba9245
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
777551d54051bdb33e308475a6ae56bf4c64fbf58d849c3c8f7419d24b1cb03b
8155efdfaf9e2585e4c4f62e6aef4db15c4e53e16d57ca34d67c209dc4fe50ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
94b7515a808dcc16cfff58bf3fd68ddd6e971ea7817c6203855cce37e808e647
959585ddcd887676b28628f1ec3f0d98e017fbed9093eb783a619a4e559a3c06
a5978574f38659347cd5aaa72727c66e13e73c43d8ca8eec4a9c5ff817915403
a6fd70aaeb2c4f59924ab5d31a6dcb0bfaa182fe13f4578bdfb08eaceb7c5390
ba0915e70d2409b19f547694aaf64e1ae168145ec18425a4beee9a64024a2c4e
c4c5998d18757e6551545eaf508efca6d8c17d4c36e3f423893ecd30940a4c55
c72b2737b7437641dcfdf8cd91396c9c981acde2babd1ecb3acbf0f0092ef39f
d323f543afeedc8cf7e979f182fc87c91fda709785ed2448c6e7f0dc9b1732c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e460456c2d2bba38a792897d969d75230536b1e21b097eed2a33adb2041f464e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e93dd1ee5a967f891da7ca7f88162288a082f77baf671e4ddc3c3066220fa34d
ea2125f45b490e13302f2eca2042661f03def550043ea9c5317102b35f0408ed
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
fc296b9b364e0f566128ab692096711fbab2096f6e5436384c1fa10e3e923288