koff.org.ua Open in urlscan Pro
194.28.173.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.koff.org.ua/
Effective URL:
https://koff.org.ua/
Submission: On February 17 via api (February 17th 2020, 10:41:51 am UTC) from US

Summary HTTP 120 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 39 IPs in 10 countries across 38 domains to perform 120 HTTP transactions. The main IP is 194.28.173.9, located in Ukraine and belongs to BESTHOSTING-AS, UA. The main domain is koff.org.ua.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 27th 2020. Valid for: 3 months.

This is the only time koff.org.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 40	194.28.173.9 194.28.173.9	42655 (BESTHOSTI...) (BESTHOSTING-AS)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
8	185.99.9.123 185.99.9.123	49063 (DTLN) (DTLN)
2	87.240.137.158 87.240.137.158	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
9	212.42.76.150 212.42.76.150	8856 (UKRNET Kiev) (UKRNET Kiev)
3	212.1.66.239 212.1.66.239	6846 (UKRPACK) (UKRPACK)
4	188.40.58.150 188.40.58.150	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	185.15.175.148 185.15.175.148	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
1	194.67.75.10 194.67.75.10	49352 (LOGOL-AS) (LOGOL-AS)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	89.184.66.89 89.184.66.89	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	159.69.58.69 159.69.58.69	24940 (HETZNER-AS) (HETZNER-AS)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
3	212.1.66.234 212.1.66.234	6846 (UKRPACK) (UKRPACK)
2	89.184.66.172 89.184.66.172	28907 (MIROHOST ...) (MIROHOST Web hosting)
1 1	193.200.65.5 193.200.65.5	6681 (UPLOAD-NET) (UPLOAD-NET)
2	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	136.243.84.75 136.243.84.75	24940 (HETZNER-AS) (HETZNER-AS)
1 1	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	89.184.66.97 89.184.66.97	28907 (MIROHOST ...) (MIROHOST Web hosting)
1 1	194.190.117.94 194.190.117.94	204600 (REPUBLER-AS) (REPUBLER-AS)
2 2	194.190.117.33 194.190.117.33	204600 (REPUBLER-AS) (REPUBLER-AS)
1	80.78.249.254 80.78.249.254	197695 (AS-REG) (AS-REG)
2	81.222.128.216 81.222.128.216	20597 (ELTEL-AS) (ELTEL-AS)
1	144.76.34.244 144.76.34.244	24940 (HETZNER-AS) (HETZNER-AS)
2 2	85.194.242.103 85.194.242.103	57367 (ECO-ATMAN...) (ECO-ATMAN-PL ECO-ATMAN-)
2	194.247.175.23 194.247.175.23	196831 (BEMOBILE-AS) (BEMOBILE-AS)
120	39

40 194.28.173.9 (Ukraine) 2 redirects

ASN42655 (BESTHOSTING-AS, UA)
PTR: s68.r53.com.ua

www.koff.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
koff.org.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.99.9.123 (Moscow, Russian Federation)

ASN49063 (DTLN, RU)
PTR: vrrp2-front.surfy.ru

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.137.158 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv158-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 212.42.76.150 (Ukraine)

ASN8856 (UKRNET Kiev, Ukraine, UA)
PTR: srv150.fwdcdn.com

sinoptik.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sinst.fwdcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.1.66.239 (Ukraine)

ASN6846 (UKRPACK, UA)
PTR: b.c8.net.ua

b.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.40.58.150 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.58.40.188.clients.your-server.de

covivado.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.101.186 (Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.148 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.67.75.10 (Russian Federation)

ASN49352 (LOGOL-AS, RU)

blind.gg.datahub.ubic.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.184.66.89 (Ukraine) 2 redirects

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c8.net.ua

ssp.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.58.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.69.58.69.159.clients.your-server.de

botradar.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.1.66.234 (Ukraine)

ASN6846 (UKRPACK, UA)
PTR: r1.c8.net.ua

c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.184.66.172 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c8.net.ua

match.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands) 1 redirects

ASN6681 (UPLOAD-NET, UA)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.84.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.84.243.136.clients.your-server.de

track.recreativ.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.66.97 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c8.net.ua

r3.c8.net.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.190.117.94 (Russian Federation) 1 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.bspb2.kavanga.ru

spb.bid.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.117.33 (Russian Federation) 2 redirects

ASN204600 (REPUBLER-AS, RU)
PTR: carp.spb2.republer.ru

sync.republer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.78.249.254 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51053.reg.regrucolo.ru

tt.ttarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.34.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.34.76.144.clients.your-server.de

uaadcodedsp.rontar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.194.242.103 (Poland) 2 redirects

ASN57367 (ECO-ATMAN-PL ECO-ATMAN-, PL)
PTR: ip-2.85-194-242-103.net.eco.atman.pl

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.23 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	koff.org.ua 2 redirects www.koff.org.ua koff.org.ua	1 MB
13	c8.net.ua 2 redirects b.c8.net.ua ssp.c8.net.ua c8.net.ua match.c8.net.ua r3.c8.net.ua r.c8.net.ua	39 KB
8	mail.ru 1 redirects ad.mail.ru top-fwz1.mail.ru	6 KB
8	fwdcdn.com sinst.fwdcdn.com	39 KB
8	relap.io relap.io	65 KB
6	doubleclick.net 4 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	1 KB
4	bigmir.net c.bigmir.net i.bigmir.net	1 KB
4	covivado.club covivado.club	12 KB
3	criteo.net static.criteo.net	30 KB
2	bemobile.ua source.mmi.bemobile.ua	24 KB
2	onaudience.com 2 redirects pixel.onaudience.com	786 B
2	adriver.ru ssp.adriver.ru	402 B
2	republer.com 2 redirects sync.republer.com	961 B
2	eyeota.net ps.eyeota.net	658 B
2	youtube.com www.youtube.com
2	botradar.tech botradar.tech	2 KB
2	criteo.com bidder.criteo.com	282 B
2	facebook.com www.facebook.com	147 B
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	979 B
2	1dmp.io 1 redirects sync.1dmp.io	775 B
2	facebook.net connect.facebook.net	61 KB
2	google.de www.google.de adservice.google.de	280 B
2	google.com 1 redirects www.google.com adservice.google.com	363 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	vk.com vk.com	47 KB
2	googlesyndication.com pagead2.googlesyndication.com	129 KB
1	rontar.com uaadcodedsp.rontar.com	1 KB
1	ttarget.ru tt.ttarget.ru	103 B
1	bid.run 1 redirects spb.bid.run	101 B
1	recreativ.ru track.recreativ.ru	109 B
1	trafmag.com 1 redirects t.trafmag.com	462 B
1	i.ua r.i.ua	1 KB
1	ubic.tech blind.gg.datahub.ubic.tech	110 B
1	altergeo.ru 1 redirects cm.p.altergeo.ru	523 B
1	googletagservices.com www.googletagservices.com	27 KB
1	sinoptik.ua sinoptik.ua	885 B
1	googleapis.com fonts.googleapis.com	764 B
0	tns-ua.com Failed pa.tns-ua.com Failed
120	38

	Domain	Requested by
38	koff.org.ua	koff.org.ua pagead2.googlesyndication.com
8	sinst.fwdcdn.com	sinoptik.ua www.googletagservices.com
8	relap.io	koff.org.ua relap.io
6	ad.mail.ru	relap.io
4	ssp.c8.net.ua	2 redirects koff.org.ua
4	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com
4	covivado.club	koff.org.ua covivado.club
3	i.bigmir.net	koff.org.ua
3	static.criteo.net	relap.io koff.org.ua
3	b.c8.net.ua	koff.org.ua b.c8.net.ua
2	source.mmi.bemobile.ua	r.c8.net.ua source.mmi.bemobile.ua
2	pixel.onaudience.com	2 redirects
2	ssp.adriver.ru	koff.org.ua
2	sync.republer.com	2 redirects
2	ps.eyeota.net	koff.org.ua
2	match.c8.net.ua	b.c8.net.ua koff.org.ua
2	c8.net.ua	pagead2.googlesyndication.com
2	www.youtube.com	koff.org.ua
2	botradar.tech	relap.io botradar.tech
2	bidder.criteo.com	static.criteo.net
2	www.facebook.com	koff.org.ua connect.facebook.net
2	dmg.digitaltarget.ru	1 redirects koff.org.ua
2	top-fwz1.mail.ru	1 redirects koff.org.ua
2	sync.1dmp.io	1 redirects relap.io
2	connect.facebook.net	koff.org.ua connect.facebook.net
2	www.google-analytics.com	1 redirects koff.org.ua
2	vk.com	koff.org.ua
2	pagead2.googlesyndication.com	koff.org.ua pagead2.googlesyndication.com
2	www.koff.org.ua	2 redirects
1	r.c8.net.ua	b.c8.net.ua
1	uaadcodedsp.rontar.com	koff.org.ua
1	tt.ttarget.ru	koff.org.ua
1	spb.bid.run	1 redirects
1	r3.c8.net.ua	koff.org.ua
1	cm.g.doubleclick.net	1 redirects
1	track.recreativ.ru	koff.org.ua
1	t.trafmag.com	1 redirects
1	c.bigmir.net	koff.org.ua
1	r.i.ua	koff.org.ua
1	blind.gg.datahub.ubic.tech	koff.org.ua
1	cm.p.altergeo.ru	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de	koff.org.ua
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	sinoptik.ua	koff.org.ua
1	fonts.googleapis.com	koff.org.ua
0	pa.tns-ua.com Failed	source.mmi.bemobile.ua
120	50

This site contains links to these domains. Also see Links.

Domain
ua.sinoptik.ua
www.i.ua
www.bigmir.net

Subject Issuer	Validity	Valid
koff.org.ua Let's Encrypt Authority X3	`2020-01-27` - `2020-04-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.relap.io AlphaSSL CA - SHA256 - G2	`2019-10-17` - `2020-10-17`	a year	crt.sh
vk.com Sectigo ECC Extended Validation Secure Server CA	`2019-07-11` - `2020-07-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
sinoptik.uk Sectigo RSA Domain Validation Secure Server CA	`2019-10-24` - `2020-10-23`	a year	crt.sh
*.c8.net.ua COMODO RSA Organization Validation Secure Server CA	`2018-09-26` - `2020-09-25`	2 years	crt.sh
covivado.club Let's Encrypt Authority X3	`2019-12-21` - `2020-03-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2	`2019-01-18` - `2021-01-18`	2 years	crt.sh
sync.1dmp.io Let's Encrypt Authority X3	`2019-12-16` - `2020-03-15`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-12-03` - `2021-04-06`	a year	crt.sh
dmg.digitaltarget.ru Let's Encrypt Authority X3	`2020-01-28` - `2020-04-27`	3 months	crt.sh
blind.gg.datahub.ubic.tech Let's Encrypt Authority X3	`2020-02-11` - `2020-05-11`	3 months	crt.sh
ssp.c8.net.ua Let's Encrypt Authority X3	`2020-02-17` - `2020-05-17`	3 months	crt.sh
i.ua Let's Encrypt Authority X3	`2019-12-19` - `2020-03-18`	3 months	crt.sh
c.bigmir.net Let's Encrypt Authority X3	`2020-02-06` - `2020-05-06`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
botradar.tech Sectigo RSA Domain Validation Secure Server CA	`2019-10-09` - `2020-10-08`	a year	crt.sh
img.com.ua Let's Encrypt Authority X3	`2020-01-07` - `2020-04-06`	3 months	crt.sh
match.c8.net.ua Let's Encrypt Authority X3	`2020-02-17` - `2020-05-17`	3 months	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-02-10` - `2020-05-10`	3 months	crt.sh
*.recreativ.ru Thawte TLS RSA CA G1	`2019-07-08` - `2020-09-05`	a year	crt.sh
r3.c8.net.ua Let's Encrypt Authority X3	`2020-02-17` - `2020-05-17`	3 months	crt.sh
tt.ttarget.ru Sectigo RSA Domain Validation Secure Server CA	`2019-05-13` - `2020-08-10`	a year	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2018-01-23` - `2020-04-23`	2 years	crt.sh
*.rontar.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-10` - `2020-10-07`	a year	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2020-02-13` - `2021-02-13`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://koff.org.ua/
Frame ID: 5D3E9260F9B4961CA2C64E1BBB4B36D6
Requests: 112 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html
Frame ID: 608591F3BB2036034DF3CDCF8C652298
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2387491301551874&output=html&adk=1812271804&adf=3025194257&lmt=1581936078&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoff.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581936078622&bpp=12&bdt=356&fdt=49&idt=49&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3321658395974&frm=20&pv=2&ga_vid=2115453186.1581936078&ga_sid=1581936079&ga_hid=701235949&ga_fc=0&iag=0&icsg=9098&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2920339497890014&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=60
Frame ID: 740906204A25CABBFC268CAB2CE5EAFB
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/wRZDJEZXNXo
Frame ID: C44DC420B0940EA8023C3857C598A4A0
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GUfQt8woX98
Frame ID: 8286AA93699268700E993AC5C97E6574
Requests: 2 HTTP requests in this frame

Frame: https://sync.1dmp.io/supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9
Frame ID: 834CF15F7C9A52E654FFC08A818FCA71
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=298574833922731&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df1ff4b57a186524%26domain%3Dkoff.org.ua%26origin%3Dhttps%253A%252F%252Fkoff.org.ua%252Ff35ad15aaf50d7c%26relation%3Dparent.parent&container_width=220&height=220&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkoff.org.ua%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=220
Frame ID: 8BE8DE1CEF7327BA683A2502133121D7
Requests: 1 HTTP requests in this frame

Frame: https://botradar.tech/analyzer/?id=relap&sw=1600&sh=1200&iw=1600&ih=1200&ow=1600&oh=1200&dpr=1&tzo=-60&top=1&page=https%3A%2F%2Fkoff.org.ua%2F&ref=&f0=1&f1=1&f2=1
Frame ID: 1AE60C54A79DDB567FDEFCCBD94F3F6F
Requests: 1 HTTP requests in this frame

Frame: https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
Frame ID: E04250A4C3C6328F80F3E4D04AB39113
Requests: 1 HTTP requests in this frame

Frame: https://c8.net.ua/ggl_block/GoogleAdx_300x250.html
Frame ID: 441FAD1AE6B147553207FDE3B1FFBD7A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.koff.org.ua/ HTTP 301
https://www.koff.org.ua/ HTTP 301
https://koff.org.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

120
Requests

99 %
HTTPS

31 %
IPv6

38
Domains

50
Subdomains

39
IPs

10
Countries

1706 kB
Transfer

2939 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://ua.sinoptik.ua/
Title:

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D1%97%D0%B2

Search URL Search Domain Scan URL

URL: https://ua.sinoptik.ua/%D0%BF%D0%BE%D0%B3%D0%BE%D0%B4%D0%B0-%D0%BA%D0%B8%D1%97%D0%B2/10-%D0%B4%D0%BD%D1%96%D0%B2
Title: sinoptik.ua

Search URL Search Domain Scan URL

URL: https://www.i.ua/
Title:

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.koff.org.ua/ HTTP 301
https://www.koff.org.ua/ HTTP 301
https://koff.org.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=701235949&t=pageview&_s=1&dl=https%3A%2F%2Fkoff.org.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D1%97%D0%B2%D1%89%D0%B8%D0%BD%D0%B0%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%20%7C%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%9A%D0%9E%D0%90%D0%A4%20%3A%20%D0%9A%D0%B8%D1%97%D0%B2%D1%89%D0%B8%D0%BD%D0%B0%20%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%B0%20%7C%20%D0%9E%D1%84%D1%96%D1%86%D1%96%D0%B9%D0%BD%D0%B8%D0%B9%20%D1%81%D0%B0%D0%B9%D1%82%20%D0%9A%D0%9E%D0%90%D0%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABC~&jid=757919063&gjid=1523471036&cid=2115453186.1581936078&tid=UA-42294952-1&_gid=559307889.1581936078&_r=1&z=1414679391 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_gid=559307889.1581936078&gjid=1523471036&_v=j81&z=1414679391 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391&slf_rd=1&random=2968283394

Request Chain 40

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=CGgx2mHO HTTP 302
https://sync.1dmp.io/supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9

Request Chain 47

https://top-fwz1.mail.ru/counter?id=3136989;js=na HTTP 302
https://top-fwz1.mail.ru/counter2?id=3136989;js=na

Request Chain 48

https://dmg.digitaltarget.ru/1/1129/i/i?a=129&e=CGgx2mHO&i=807394119 HTTP 302
https://dmg.digitaltarget.ru/1/1129/i/i?a=129&e=CGgx2mHO&i=807394119&q=scc

Request Chain 49

https://cm.p.altergeo.ru/relap?aid=CGgx2mHO&nc=VAg41lwk&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMz04LRuRSTJOOpQ+pKSvi1Q==

Request Chain 62

https://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0;5&container_id=c8net_code_366033&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/ HTTP 302
https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0;5&container_id=c8net_code_366033&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/

Request Chain 63

https://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;0;5&container_id=c8net_code_3660112&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/ HTTP 302
https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;0;5&container_id=c8net_code_3660112&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/

Request Chain 93

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=400&slotname=3660&adk=1642629885&adf=3107560873&w=240&lmt=1581936079&psa=0&guci=1.2.0.0.2.2.0.0&format=240x400&url=https%3A%2F%2Fkoff.org.ua%2F&flash=0&wgl=1&adsid=NT&dt=1581936079373&bpp=7&bdt=1107&fdt=7&idt=7&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3321658395974&frm=20&pv=2&ga_vid=2115453186.1581936078&ga_sid=1581936079&ga_hid=701235949&ga_fc=0&iag=0&icsg=44953275203596&dssz=65&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1096&ady=1270&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2920339497890014&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=5YS7YmF9Vr&p=https%3A//koff.org.ua&dtd=14 HTTP 302
https://c8.net.ua/ggl_block/GoogleAdx_240x400.html

Request Chain 94

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=250&slotname=3660&adk=1555728971&adf=2089546181&w=300&lmt=1581936079&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fkoff.org.ua%2F&flash=0&wgl=1&adsid=NT&dt=1581936079395&bpp=3&bdt=1129&fdt=4&idt=4&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C240x400&nras=1&correlator=3321658395974&frm=20&pv=1&ga_vid=2115453186.1581936078&ga_sid=1581936079&ga_hid=701235949&ga_fc=0&iag=0&icsg=44953275203596&dssz=64&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1096&ady=1760&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2920339497890014&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=nSB8YD2Zvh&p=https%3A//koff.org.ua&dtd=8 HTTP 302
https://c8.net.ua/ggl_block/GoogleAdx_300x250.html

Request Chain 100

https://t.trafmag.com/images/1px-matching-c8.gif?id=5e4a6dd065cf65e4a6dd065d HTTP 301
https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=4011096112038297

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm&google_hm=5e4a6dd065cf65e4a6dd065d HTTP 302
https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEFoePcRr9Wjb8J-MjQK1G00&google_cver=1

Request Chain 104

https://spb.bid.run/sync/c8net.gif?ssp_uid=5e4a6dd065cf65e4a6dd065d HTTP 301
https://sync.republer.com/match/?src=kavanga&src2=c8net HTTP 307
https://sync.republer.com/match/?src=kavanga&src2=c8net&qset=1 HTTP 307
https://tt.ttarget.ru/rtb/republer/sync?id=1d033eba-2c9e-4597-bce1-ffe00320f132

Request Chain 108

https://pixel.onaudience.com/?partner=135&mapped=5e4a6dd065cf65e4a6dd065d HTTP 302
https://pixel.onaudience.com/?partner=162&icm&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=dn5h51u&t=gif&uid=9f2a3b7eb9e42aeb

120 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
koff.org.ua/
Redirect Chain

http://www.koff.org.ua/
https://www.koff.org.ua/
https://koff.org.ua/

109 KB
20 KB

416ms
153ms

Document
text/html

194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx / PHP/5.6.40
Resource Hash: c818192ae9d904ca28add882447bddea1909284e021c8ab4b437014b8dec9f94

Request headers

Host: koff.org.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Server: nginx
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Cache-Control: no-cache
Content-Encoding: gzip
Vary: User-Agent

Redirect headers

Server: nginx
Date: Mon, 17 Feb 2020 10:41:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Cache-Control: no-cache
Location: https://koff.org.ua/
Vary: User-Agent

GET
H/1.1 200
OK 661523b5b7fdeebf958bca375f608240.css
koff.org.ua/wp-content/cache/scripts/ 93 KB
44 KB 71ms
70ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/cache/scripts/661523b5b7fdeebf958bca375f608240.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 004928749f33f30c1936c06fec692299a1e125af24db613d75c5de352f19c4da

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Aug 2019 14:00:44 GMT
Server: nginx
ETag: W/"5d501f8c-17392"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
764 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext%2Cvietnamese&ver=2.3

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de194513e4629c7a62da8ab95582cfb3294943483c00ff17a1d6ce80d7ca1477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Feb 2020 10:41:18 GMT
server: ESF
date: Mon, 17 Feb 2020 10:41:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK ca68106f30d51de4e1223c39ad521c43.css
koff.org.ua/wp-content/cache/scripts/ 22 KB
5 KB 183ms
63ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/cache/scripts/ca68106f30d51de4e1223c39ad521c43.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: c71d7f097577587d5962ca929ab9348ff381b94927eb2b64a320e160f150c3a3

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Feb 2020 10:05:25 GMT
Server: nginx
ETag: W/"5e4670e5-58ba"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js Show response
koff.org.ua/wp-content/cache/scripts/ 279 KB
104 KB 225ms
68ms Script
application/javascript 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 653e6f201f0a0f282d70f0392fab62f38299dcaf67582f322d20600e3aac3a0a

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Feb 2020 10:05:26 GMT
Server: nginx
ETag: W/"5e4670e6-45bb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK shailan-dropdown.min.css
koff.org.ua/wp-content/plugins/dropdown-menu-widget/css/ 3 KB
1 KB 186ms
62ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/plugins/dropdown-menu-widget/css/shailan-dropdown.min.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 0d71ff2a4d506a453604bfdabd4afac045818845c244c748224a2d37300e3937

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Nov 2018 17:15:01 GMT
Server: nginx
ETag: W/"5bf19e15-a3f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK web20.css
koff.org.ua/wp-content/plugins/dropdown-menu-widget/themes/ 4 KB
1 KB 186ms
62ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/plugins/dropdown-menu-widget/themes/web20.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: bbaffb5d74797dcf33e43e5a27b38a6aa5ab22e579b98a9adc0b23de6aa222c0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 18 Nov 2018 17:15:01 GMT
Server: nginx
ETag: W/"5bf19e15-e9e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c7e08f98d3bccd4e3b3a898d770d5e09f967444173183ff880017559fbb644c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 11180894183562691402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK tab.css
koff.org.ua/wp-content/themes/koff/ 1 KB
737 B 186ms
62ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/themes/koff/tab.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: e2c86d8b63e1a4e0dd659555101eff1953286b54d281f7083c79707a0548d1c9

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Mar 2013 18:38:01 GMT
Server: nginx
ETag: W/"5144bc09-4ba"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK head.js Show response
relap.io/api/v6/ 195 KB
61 KB 335ms
162ms Script
text/javascript 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),

Reverse DNS

vrrp2-front.surfy.ru

Software

nginx /

Resource Hash

bc792e3e89de0a88240be05f9bbe3cf9048365445c16774bdb9732c0f6517b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=1, no-cache
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 openapi.js Show response
vk.com/js/api/ 98 KB
23 KB 226ms
103ms Script
application/x-javascript 87.240.137.158
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?136
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv158-137-240-87.vk.com
Software: VK /
Resource Hash: eb68fbc2a217b70e62cf13f2ee0b7fdebf9045e54fbb43d102ab228382f56093

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-frontend: front605108
last-modified: Mon, 17 Feb 2020 09:20:39 GMT
server: VK
etag: "5e4a5ae7-5c32"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23602
expires: Fri, 21 Feb 2020 10:41:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 466
date: Mon, 17 Feb 2020 10:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 17 Feb 2020 12:33:32 GMT

GET
H2 200 informers_js.php Show response
sinoptik.ua/ 1 KB
885 B 127ms
35ms Script
application/json 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ua
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx / PHP/5.5.38
Resource Hash: 1bc2aae9144f8a8c223c478d3efee99a25f070ef0f13747f35c7bb51d73d0bad

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-store, no-cache, must-revalidate
date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-server-by: sinfe1
server: nginx
x-powered-by: PHP/5.5.38
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: must-revalidate, post-check=0, pre-check=0
expires: 0

GET
H2 200 openapi.js Show response
vk.com/js/api/ 98 KB
23 KB 232ms
112ms Script
application/x-javascript 87.240.137.158
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?113
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.158 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv158-137-240-87.vk.com
Software: VK /
Resource Hash: eb68fbc2a217b70e62cf13f2ee0b7fdebf9045e54fbb43d102ab228382f56093

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-frontend: front605108
last-modified: Mon, 17 Feb 2020 09:20:39 GMT
server: VK
etag: "5e4a5ae7-5c32"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23602
expires: Fri, 21 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK swfobject.js Show response
b.c8.net.ua/b/js/ 0
253 B 392ms
68ms Script
application/x-javascript 212.1.66.239
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://b.c8.net.ua/b/js/swfobject.js
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: b.c8.net.ua
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:10 GMT
Last-Modified: Fri, 23 Jun 2017 14:05:47 GMT
x-direct: true
ETag: "594d203b-0"
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 0
Server: nginx

GET
H/1.1 200
OK sys.js Show response
b.c8.net.ua/b/js/ 33 KB
33 KB 472ms
128ms Script
application/x-javascript 212.1.66.239
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://b.c8.net.ua/b/js/sys.js
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: b.c8.net.ua
Software: nginx /
Resource Hash: 9384c34c1865fe2d92ec677995c9a44fdf2909a2bc89e28adcaf18092c5403ca

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:10 GMT
Last-Modified: Fri, 14 Apr 2017 14:00:54 GMT
x-direct: true
ETag: "58f0d616-82f8"
Content-Type: application/x-javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 33528
Server: nginx

GET
H/1.1 200
OK c9ad5c7a460ad80223efc6519a419578-deanedwards.js Show response
koff.org.ua/wp-content/cache/scripts/ 58 KB
18 KB 283ms
104ms Script
application/javascript 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/cache/scripts/c9ad5c7a460ad80223efc6519a419578-deanedwards.js
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 291745fd7ee0cc0d7a59c518e556ada6b6443fc2f139d82f2a642baf80233106

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Feb 2019 18:29:03 GMT
Server: nginx
ETag: W/"5c58846f-e63d"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK aacf357bcbffa205d0b061686c8f9b9b.css
koff.org.ua/wp-content/cache/scripts/ 3 KB
1 KB 190ms
65ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/cache/scripts/aacf357bcbffa205d0b061686c8f9b9b.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: e3fc6025a5431bb2726c90c4f5840c66ea2bdbd0122b6dbc953ab85befc42a68

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Feb 2019 18:29:03 GMT
Server: nginx
ETag: W/"5c58846f-d1e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK overroll.php Show response
covivado.club/overroll/js/ 10 KB
3 KB 123ms
37ms Script
application/javascript 188.40.58.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://covivado.club/overroll/js/overroll.php?sid=17736

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.40.58.150 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.150.58.40.188.clients.your-server.de

Software

nginx /

Resource Hash

fe7e9eb12d0a07881ea1c666187dcc66ff81559120b2f54858133924bcabe59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: -1

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=701235949&t=pageview&_s=1&dl=https%3A%2F%2Fkoff.org.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D1%97%D0%B2%D1%89%D0%B8%D0%BD%D0%B0%20%D1%84%D1%8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_gid=559307889.1581936078&gjid=1523471036&_v=j81&z=1414679391
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391&slf_rd=1&random=2968283394

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391&slf_rd=1&random=2968283394

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-42294952-1&cid=2115453186.1581936078&jid=757919063&_v=j81&z=1414679391&slf_rd=1&random=2968283394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK style.css
koff.org.ua/wp-content/themes/koff/ 20 KB
4 KB 63ms
63ms Stylesheet
text/css 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://koff.org.ua/wp-content/themes/koff/style.css
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 6e4803f5db4176bd009027b8ba4e8260b9892e6e94cd8e9a318bb2672e89c1d2

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 11:31:59 GMT
Server: nginx
ETag: W/"5e3d4aaf-4ee5"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=1209600
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=koff.org.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=koff.org.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/ 252 KB
91 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 93263
x-xss-protection: 0
server: cafe
etag: 5596272101604601780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Feb 2020 10:41:18 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/ Frame 6085 0
0 6ms
5ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200212/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200212/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 13 Feb 2020 01:43:32 GMT
expires: Thu, 27 Feb 2020 01:43:32 GMT
content-type: text/html; charset=UTF-8
etag: 17772678075199185246
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4496
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 377866
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7409 0
0 23ms
23ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2387491301551874&output=html&adk=1812271804&adf=3025194257&lmt=1581936078&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoff.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581936078622&bpp=12&bdt=356&fdt=49&idt=49&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3321658395974&frm=20&pv=2&ga_vid=2115453186.1581936078&ga_sid=1581936079&ga_hid=701235949&ga_fc=0&iag=0&icsg=9098&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2920339497890014&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=60

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2387491301551874&output=html&adk=1812271804&adf=3025194257&lmt=1581936078&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fkoff.org.ua%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581936078622&bpp=12&bdt=356&fdt=49&idt=49&shv=r20200212&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3321658395974&frm=20&pv=2&ga_vid=2115453186.1581936078&ga_sid=1581936079&ga_hid=701235949&ga_fc=0&iag=0&icsg=9098&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065305&oid=3&pvsid=2920339497890014&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Feb 2020 10:41:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 10:56:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Mon, 17 Feb 2020 10:41:18 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Mon, 17 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK bg2.jpg
koff.org.ua/wp-content/themes/koff/images/ 25 KB
26 KB 65ms
65ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/themes/koff/images/bg2.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: f6b5707e0fa2eb5f2071e0ebdac506d6b428ec5e8de64280cc6af56eb2abd904

Request headers

Referer: https://koff.org.ua/wp-content/themes/koff/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Tue, 10 Dec 2013 12:40:11 GMT
Server: nginx
ETag: "52a70bab-65b7"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26039
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK logokoaf5.jpg
koff.org.ua/wp-content/themes/koff/images/ 66 KB
67 KB 65ms
64ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/themes/koff/images/logokoaf5.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: f82e23a86b289a56a86894908d2cafcc0fd81634bf9de93b3115eda4f1376c97

Request headers

Referer: https://koff.org.ua/wp-content/themes/koff/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Fri, 07 Feb 2020 11:28:57 GMT
Server: nginx
ETag: "5e3d49f9-10941"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67905
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

204f4fa7cb3b98dde9638e72d433d3477dde23dfa7f7c39d8704255663732082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jISyiVaA7A7EV1vmI95pNw==
status: 200
date: Mon, 17 Feb 2020 10:41:18 GMT, Mon, 17 Feb 2020 10:41:18 GMT
expires: Mon, 17 Feb 2020 10:44:11 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1781
x-fb-debug: DDi237pEFbDiTlrRF2/YfW2zrWkD6RxA7QyyONshuYHXHhENmALO0lXBQZQdIUAdfoOXFTmjV7mlfh+ysHqY5g==
x-fb-trip-id: 1850256238
x-fb-content-md5: 2931ccc194694d07dcf0454515bd1809
etag: "0ce720fdfeea579cab27671a52025688"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK navbar.gif
koff.org.ua/wp-content/themes/koff/images/ 2 KB
2 KB 68ms
68ms Image
image/gif 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/themes/koff/images/navbar.gif
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: d4f82f581c48c88987f8671ee14c5c758202197ec1169cd24ee2a3e23955039d

Request headers

Referer: https://koff.org.ua/wp-content/themes/koff/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Sat, 16 Mar 2013 18:38:17 GMT
Server: nginx
ETag: "5144bc19-77c"
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1916
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H2 200 informers2.css
sinst.fwdcdn.com/css/ 15 KB
2 KB 43ms
36ms Stylesheet
text/css 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to

Full URL: https://sinst.fwdcdn.com/css/informers2.css?v=1
Requested by: Host: sinoptik.ua
URL: https://sinoptik.ua/informers_js.php?title=4&wind=3&cities=303010783&lang=ua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 07:03:52 GMT
server: nginx
etag: W/"57469fd8-3d41"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000, public
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
DATA 200
OK truncated Show response
/ Frame C44D 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame 8286 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=fc4fa7d437fb8e6d22d16d668199e97f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

18f68c12a944682db69cda500959aad1553669d47a0757999e19f3b31eee4eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ptP1YKVs6sSYS31ql5j7Qw==
status: 200
date: Mon, 17 Feb 2020 10:41:18 GMT, Mon, 17 Feb 2020 10:41:18 GMT
expires: Tue, 16 Feb 2021 09:40:54 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59613
x-fb-debug: Gb4fLZnh6S9a28d+bS/BISz4h9CHmKR3h4hJUlFpiBX3UzNjGIZ9MI9wE6cD3P0Bu8gB7rbT2Zj7/bWogPvRFw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 9ca0fd9cbdb310449ed9499cca5068d5
etag: "511dc9fc25eb1f8cd724d1984497dbdf"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK search.gif
koff.org.ua/wp-content/themes/koff/images/ 950 B
1 KB 64ms
63ms Image
image/gif 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/themes/koff/images/search.gif
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 32dea4196d2579b9da038bab5e6602aea50a7e94ba69a38be30672f558801651

Request headers

Referer: https://koff.org.ua/wp-content/themes/koff/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Sat, 16 Mar 2013 18:38:22 GMT
Server: nginx
ETag: "5144bc1e-3b6"
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 950
Expires: Mon, 02 Mar 2020 10:41:18 GMT

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 125 B
467 B 134ms
45ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=166306&cpm_floor=5000&sitename=koff.org.ua&count=2&callback=window.relap.callbackRegistry.relapCb699924
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: b42657565eb3a493015a4b7130793fca8eb870feca0e492b3b1a050bf785d220

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 125 B
468 B 136ms
46ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=623374&cpm_floor=100&sitename=koff.org.ua&count=2&callback=window.relap.callbackRegistry.relapCb064197
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef9715acfe6c7778ebc2597399060edf41b3c6e2a6d240a41b57551c0a8d5fe7

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 125 B
467 B 136ms
47ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=166310&cpm_floor=5000&sitename=koff.org.ua&count=5&callback=window.relap.callbackRegistry.relapCb659604
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 16e1d6c079514e1a9f9cbf9d4e63d18e236064431ad48b9fd158a199824d51d9

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 155 B
479 B 139ms
51ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2af160e00d4f174162e7d5f2e9aafbbf63dc2e10e988e7cfd8185fd4b0b129e2

Request headers

Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://koff.org.ua
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2

204

supersync
sync.1dmp.io/ Frame 834C
Redirect Chain

https://sync.1dmp.io/supersync?pid=w&o=ns&cid=d532925e-370a-4913-9238-e8b91206247f&brid=3fdc8267-2323-4ff5-80fe-dc2813a9742e&uid=CGgx2mHO
https://sync.1dmp.io/supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9

0
0

53ms
53ms

Document
text/plain

95.216.101.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1dmp.io/supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 95.216.101.186 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.101.216.95.clients.your-server.de
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: sync.1dmp.io
:scheme: https
:path: /supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=07e7e122-5172-11ea-adee-f832e4719dd9; 07e7e123-5172-11ea-adee-f832e4719dd9=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1DR2d4Mm1ITw==; 07e7e123-5172-11ea-adee-f832e4719dd9-legacy=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1DR2d4Mm1ITw==; uid-legacy=07e7e122-5172-11ea-adee-f832e4719dd9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 204
server: nginx
date: Mon, 17 Feb 2020 10:41:18 GMT
set-cookie: uid=07e7e122-5172-11ea-adee-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Tue, 16 Feb 2021 10:41:18 GMT; SameSite=None; Secure uid-legacy=07e7e122-5172-11ea-adee-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Tue, 16 Feb 2021 10:41:18 GMT

Redirect headers

status: 302
server: nginx
date: Mon, 17 Feb 2020 10:41:18 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=07e7e122-5172-11ea-adee-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Tue, 16 Feb 2021 10:41:18 GMT; SameSite=None; Secure 07e7e123-5172-11ea-adee-f832e4719dd9=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1DR2d4Mm1ITw==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10; SameSite=None; Secure 07e7e123-5172-11ea-adee-f832e4719dd9-legacy=cGlkPXcmbz1ucyZjaWQ9ZDUzMjkyNWUtMzcwYS00OTEzLTkyMzgtZThiOTEyMDYyNDdmJmJyaWQ9M2ZkYzgyNjctMjMyMy00ZmY1LTgwZmUtZGMyODEzYTk3NDJlJnVpZD1DR2d4Mm1ITw==; Version=1; Path=/; Domain=.1dmp.io; Max-Age=10 uid-legacy=07e7e122-5172-11ea-adee-f832e4719dd9; Version=1; Path=/; Domain=.1dmp.io; Expires=Tue, 16 Feb 2021 10:41:18 GMT
location: /supersync?t=07e7e123-5172-11ea-adee-f832e4719dd9

GET
H/1.1 200
OK check.js Show response
relap.io/botradar/ 844 B
1 KB 85ms
85ms Script
application/javascript 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/botradar/check.js?callback=window.relap.callbackRegistry.relapCb798494
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),
Reverse DNS: vrrp2-front.surfy.ru
Software: nginx /
Resource Hash: eff40a5122913bb42f139d35e83e8095c32340e6201226969b6ce054eeec303d

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: public
Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Mon, 18 Nov 2019 17:21:41 GMT
Server: nginx
ETag: "5dd2d325-34c"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 844
Expires: Mon, 24 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK cc Show response
relap.io/ 45 B
669 B 174ms
88ms Script
text/javascript 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/cc?_s=knFOkg&callback=window.relap.callbackRegistry.relapCb773754

Requested by

Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),

Reverse DNS

vrrp2-front.surfy.ru

Software

nginx /

Resource Hash

5b63d33c7922ca546d37dd51f9e9cd43e28b9218129f2ef7b2878ba64f77e2ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: text/javascript; charset=utf-8
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 45
X-XSS-Protection: 1; mode=block

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 96 KB
29 KB 52ms
24ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: a7019b73cbcf928d42e36f0588c8748254ef15b914690083d80a629943267dcd

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
content-encoding: gzip
last-modified: Mon, 10 Feb 2020 14:17:04 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5e4165e0-181f1"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 18 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 125 B
467 B 136ms
50ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=601585&cpm_floor=100&sitename=koff.org.ua&count=2&callback=window.relap.callbackRegistry.relapCb746262
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cdbb6c39ea020596ffc923abbf8f6fdc0743f42b77f3a0cfd6683e040f57a7d0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ 3 KB
2 KB 134ms
47ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?q=45459&cpm_floor=100&sitename=koff.org.ua&count=2&callback=window.relap.callbackRegistry.relapCb336246
Requested by: Host: relap.io
URL: https://relap.io/api/v6/head.js?token=jPSMtDC0cAD9EOPm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ad777a226e613d2e399b795cff5b04330f343b02a611f445b1e3c08efdc06d14

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Timing-Allow-Origin: *
Date: Mon, 17 Feb 2020 10:41:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200
OK pixel.gif
relap.io/api/v1/ 43 B
646 B 266ms
93ms Image
image/gif 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/api/v1/pixel.gif?event=hit&url=https%3A%2F%2Fkoff.org.ua%2F&referrer=&_s=knFOkg

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),

Reverse DNS

vrrp2-front.surfy.ru

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:18 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=3136989;js=na
https://top-fwz1.mail.ru/counter2?id=3136989;js=na

43 B
850 B

83ms
83ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3136989;js=na

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=60

Redirect headers

Date: Mon, 17 Feb 2020 10:41:18 GMT
X-Content-Type-Options: nosniff
P3P: CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
AMP-Access-Control-Allow-Source-Origin: *
Server: nginx
Location: https://top-fwz1.mail.ru/counter2?id=3136989;js=na
Access-Control-Allow-Methods: GET, POST, HEAD, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: AMP-Access-Control-Allow-Source-Origin
Cache-control: private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Keep-Alive: timeout=60

GET
H/1.1

204
No Content

i
dmg.digitaltarget.ru/1/1129/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/1129/i/i?a=129&e=CGgx2mHO&i=807394119
https://dmg.digitaltarget.ru/1/1129/i/i?a=129&e=CGgx2mHO&i=807394119&q=scc

0
398 B

83ms
83ms

Image
text/plain

185.15.175.148
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmg.digitaltarget.ru/1/1129/i/i?a=129&e=CGgx2mHO&i=807394119&q=scc
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.15.175.148 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location: /1/1129/i/i?a=129&e=CGgx2mHO&i=807394119&q=scc
Date: Mon, 17 Feb 2020 10:41:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

altergeocs
relap.io/partners/
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=CGgx2mHO&nc=VAg41lwk&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMz04LRuRSTJOOpQ+pKSvi1Q==

43 B
760 B

180ms
94ms

Image
image/gif

185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMz04LRuRSTJOOpQ+pKSvi1Q==

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),

Reverse DNS

vrrp2-front.surfy.ru

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:18 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMz04LRuRSTJOOpQ+pKSvi1Q==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content /
blind.gg.datahub.ubic.tech/ 0
110 B 231ms
69ms Image
text/plain 194.67.75.10
LOGOL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blind.gg.datahub.ubic.tech/?their=CGgx2mHO
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 194.67.75.10 , Russian Federation, ASN49352 (LOGOL-AS, RU),
Reverse DNS
Software: nginx/1.10.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Connection: keep-alive
Date: Mon, 17 Feb 2020 10:41:19 GMT
Server: nginx/1.10.3

GET
H/1.1 200
OK abp.gif
relap.io/ 43 B
417 B 143ms
99ms Image
image/gif 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://relap.io/abp.gif?ch=1&rn=0.5549795463040275
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),
Reverse DNS: vrrp2-front.surfy.ru
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: public
Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Thu, 18 May 2017 14:26:45 GMT
Server: nginx
ETag: "591daf25-2b"
Content-Type: image/gif
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 24 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK abp.gif
relap.io/ 43 B
417 B 154ms
104ms Image
image/gif 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://relap.io/abp.gif?ch=2&rn=0.5549795463040275
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),
Reverse DNS: vrrp2-front.surfy.ru
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: public
Date: Mon, 17 Feb 2020 10:41:18 GMT
Last-Modified: Thu, 18 May 2017 14:26:45 GMT
Server: nginx
ETag: "591daf25-2b"
Content-Type: image/gif
Cache-Control: max-age=604800, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 24 Feb 2020 10:41:18 GMT

GET
H/1.1 200
OK ads.js
relap.io/ads/ 43 B
766 B 220ms
88ms Image
image/gif 185.99.9.123
DTLN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/ads/ads.js

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.99.9.123 Moscow, Russian Federation, ASN49063 (DTLN, RU),

Reverse DNS

vrrp2-front.surfy.ru

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=5184000; includeSubdomains;
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 logo-t1.png
sinst.fwdcdn.com/img/informers/ 1 KB
1 KB 36ms
36ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/logo-t1.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-4d5"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1237
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 hlc-t1.png
sinst.fwdcdn.com/img/informers/ 181 B
389 B 37ms
36ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/hlc-t1.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Wed, 05 Nov 2014 09:28:02 GMT
server: nginx
etag: "5459eda2-b5"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 181
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 term-t1.png
sinst.fwdcdn.com/img/informers/ 389 B
599 B 61ms
61ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/term-t1.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-185"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 389
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 s-informers.png
sinst.fwdcdn.com/img/informers/ 33 KB
33 KB 42ms
42ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/s-informers.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-82d9"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 33497
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 s-wind2.png
sinst.fwdcdn.com/img/informers/ 185 B
394 B 62ms
61ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/s-wind2.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-b9"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 185
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 frc-t1.png
sinst.fwdcdn.com/img/informers/ 155 B
364 B 61ms
60ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/frc-t1.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-9b"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 155
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 flc-t1.png
sinst.fwdcdn.com/img/informers/ 148 B
357 B 61ms
60ms Image
image/png 212.42.76.150
UKRNET Kiev

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sinst.fwdcdn.com/img/informers/flc-t1.png
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.42.76.150 , Ukraine, ASN8856 (UKRNET Kiev, Ukraine, UA),
Reverse DNS: srv150.fwdcdn.com
Software: nginx /
Resource Hash: 14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3

Request headers

Referer: https://sinst.fwdcdn.com/css/informers2.css?v=1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
x-server-by: sinfe3
last-modified: Thu, 26 May 2016 12:47:34 GMT
server: nginx
etag: "5746f066-94"
content-type: image/png
status: 200
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 148
expires: Tue, 16 Feb 2021 10:41:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298574833922731&ev=fb_page_view&dl=https%3A%2F%2Fkoff.org.ua%2F&rl=&if=false&ts=1581936078806&sw=1600&sh=1200

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT, Mon, 17 Feb 2020 10:41:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Mon, 17 Feb 2020 10:41:18 GMT

GET
H2

200

getcode.php Show response
ssp.c8.net.ua/
Redirect Chain

https://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0;5&container...
https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0...

2 KB
1 KB

166ms
166ms

Script
application/x-javascript

89.184.66.89
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0;5&container_id=c8net_code_366033&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.66.89 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c8.net.ua
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: 3d7bc91650f6b0fccc954757f09cb083f6a6b7ea29622ca4c47e4a759c2e34b2

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 10:41:19 GMT
x-request-stat: 1
x-powered-by: PHP/5.5.38
x-node-root: ssp
status: 200
content-encoding: gzip
pragma: no-cache
last-modified: Mon, 17 Feb 2020 10:41:19 GMT
server: nginx/1.15.5
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-gw-server: _fcgi
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:19 GMT
x-request-stat: 1
last-modified: Mon, 17 Feb 2020 10:41:19 GMT
server: nginx/1.15.5
access-control-allow-origin: *
x-powered-by: PHP/5.5.38
location: //ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=294628056&pid=3&format_id=3&sw=1600&sh=1200&ctype=&cbw=&w=240&h=350&c8_sa=0;0;5&container_id=c8net_code_366033&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-node-root: ssp
x-gw-server: _fcgi
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

getcode.php Show response
ssp.c8.net.ua/
Redirect Chain

https://ssp.c8.net.ua/getcode.php?key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;0;5&containe...
https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;...

2 KB
1 KB

156ms
155ms

Script
application/x-javascript

89.184.66.89
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;0;5&container_id=c8net_code_3660112&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.66.89 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c8.net.ua
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: dd2cc588dcab090a6f3ede9f162c9e0ab589ba8200bf4d25f589480fcff7510e

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 10:41:19 GMT
x-request-stat: 1
x-powered-by: PHP/5.5.38
x-node-root: ssp
status: 200
content-encoding: gzip
pragma: no-cache
last-modified: Mon, 17 Feb 2020 10:41:19 GMT
server: nginx/1.15.5
vary: Accept-Encoding
content-type: application/x-javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-gw-server: _fcgi
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:19 GMT
x-request-stat: 1
last-modified: Mon, 17 Feb 2020 10:41:19 GMT
server: nginx/1.15.5
access-control-allow-origin: *
x-powered-by: PHP/5.5.38
location: //ssp.c8.net.ua/getcode.php?cookiematch&key=d41de446ec0ef54335f36466c0a2cb72&ssp_id=3634&site_id=3660&domain=&rnd=575396545&pid=11&format_id=2&sw=1600&sh=1200&ctype=&cbw=&w=300&h=250&c8_sa=0;0;5&container_id=c8net_code_3660112&is=0&is_ssl=1&ref=&passback=&metric=&project_id=&location=https%3A//koff.org.ua/
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
access-control-allow-credentials: true
x-node-root: ssp
x-gw-server: _fcgi
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 404
Not Found show
b.c8.net.ua/ 0
0 234ms
80ms Script
application/octet-stream 212.1.66.239
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://b.c8.net.ua/show?3660&589059270&5&7&210&50&0;0;5&c8net_code_366057&
Requested by: Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.239 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: b.c8.net.ua
Software: nginx /
Resource Hash

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:11 GMT
Server: nginx
Connection: close
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK rss.gif
koff.org.ua/wp-content/themes/koff/images/ 1 KB
1 KB 60ms
59ms Image
image/gif 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/themes/koff/images/rss.gif
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 71ac18c056c284d9e866c3893b3aa05f4b59c5de157c20788f2adbbe3b30ce0f

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sat, 16 Mar 2013 18:38:21 GMT
Server: nginx
ETag: "5144bc1d-414"
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1044
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK mkucheriaviy23234_koff.org_.ua_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 3 KB
3 KB 63ms
63ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/mkucheriaviy23234_koff.org_.ua_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 05ec4d18dd44103f56cb2ab75f60836fbcc8ff6e7185d3949c0d9724e2a8b816

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sun, 16 Feb 2020 20:36:15 GMT
Server: nginx
ETag: "5e49a7bf-c5e"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3166
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK vmarinenko345_koff.org_.ua_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 3 KB
4 KB 62ms
61ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/vmarinenko345_koff.org_.ua_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 29d397a3bb42781c0cd379195ee9e2daf65515fc0e52194e97f46940a4c36618

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sun, 16 Feb 2020 20:26:12 GMT
Server: nginx
ETag: "5e49a564-cfa"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3322
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK 0232631logomemshchan2020_koff.org_.ua_-2-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 5 KB
6 KB 66ms
65ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/0232631logomemshchan2020_koff.org_.ua_-2-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 597b5c51966e6f701a0a615382f7089bb1b8bca02533945597a9617f9bafdc8f

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sun, 16 Feb 2020 16:00:11 GMT
Server: nginx
ETag: "5e49670b-1517"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5399
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK logofutzal64332316_koff.org_.ua_-1-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 5 KB
5 KB 64ms
63ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/logofutzal64332316_koff.org_.ua_-1-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 2ac91eb6916663bfa4a7e9c5bcc5feb3855c4c0c4541f3fda54aaa7d21fe0d69

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sun, 16 Feb 2020 15:28:22 GMT
Server: nginx
ETag: "5e495f96-124d"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4685
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK zuevich253454_koff.org_.ua_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 4 KB
4 KB 65ms
64ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/zuevich253454_koff.org_.ua_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: ba4ccad197ed62d41592a2c7f6988ee4bf6f481e12ed4640f1334d7257660aad

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Fri, 14 Feb 2020 17:47:01 GMT
Server: nginx
ETag: "5e46dd15-f93"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3987
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK skchaykapb467554_koff-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 5 KB
5 KB 64ms
64ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/skchaykapb467554_koff-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 6e5c9d97fc74f6ff99fb0e90296018e300d078efef039e2e0d81cb0c16afbea9

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Fri, 14 Feb 2020 17:36:55 GMT
Server: nginx
ETag: "5e46dab7-1204"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4612
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK 2bannerdiplomC18_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2018/03/ 39 KB
39 KB 137ms
137ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2018/03/2bannerdiplomC18_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 0f612011f640912bac15c880810a6461ebf2257ea600146b69437f9fd8d2a003

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Tue, 06 Mar 2018 12:55:39 GMT
Server: nginx
ETag: "5a9e8fcb-9a04"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39428
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK logo1827_koff.jpg
koff.org.ua/wp-content/uploads/2018/03/ 15 KB
15 KB 96ms
94ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2018/03/logo1827_koff.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: cd89c5b39effea2e5591fed887a385eda3c78234d9634f36bd0c0ca789971ce9

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sat, 03 Mar 2018 15:24:47 GMT
Server: nginx
ETag: "5a9abe3f-3cad"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15533
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK ukrainerazom2-e1520075712680.jpg
koff.org.ua/wp-content/uploads/2018/03/ 9 KB
9 KB 95ms
94ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2018/03/ukrainerazom2-e1520075712680.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 91d1849b817af78e460d0a26a0eb95a3a6d6348f4c6576346523acefb5a11bc5

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sat, 03 Mar 2018 11:15:13 GMT
Server: nginx
ETag: "5a9a83c1-23c0"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9152
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK s
r.i.ua/ 815 B
1 KB 207ms
62ms Image
image/png 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u118078&p4&n0.5736740340324309&c1&d24&w1600&h1200&rkoff.org.ua/
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: 9b6ec91048417ad59eaa0e815efef51648f9244af66b45bbe6491fac8e87df2c

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/png
Expires: 0

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 134 B
425 B 230ms
57ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16956884&s16956312&t0&c1&n330187&w0&y0&d24&r1600
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: c73282a8fffc1d524eb4c7edc2ccecadecd63710bb47c0d1d77cdc5a35feb3f4

Request headers

Referer: https://koff.org.ua/
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 95ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=84&profileId=184&cb=71470063393
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Mon, 17 Feb 2020 10:41:17 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://koff.org.ua
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
141 B 95ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=84&profileId=184&cb=93752205390
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Mon, 17 Feb 2020 10:41:18 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://koff.org.ua
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK analyzer.js Show response
botradar.tech/public/ 1 KB
2 KB 139ms
40ms Script
application/javascript 159.69.58.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://botradar.tech/public/analyzer.js
Requested by: Host: relap.io
URL: https://relap.io/botradar/check.js?callback=window.relap.callbackRegistry.relapCb798494
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.58.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.69.58.69.159.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 1585773a353b32327d67b3d5937d10374ee7095093d3207c82e2b9536297d7c0

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Fri, 31 Jan 2020 09:22:55 GMT
Server: nginx/1.16.1
ETag: "5e33f1ef-594"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1428

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 13ms
13ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 11 Feb 2021 10:41:18 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 14ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:18 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
access-control-allow-origin: *
etag: "493ea254-2b"
content-type: image/gif
status: 200
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 11 Feb 2021 10:41:18 GMT

GET
H/1.1 200
OK / Show response
covivado.club/catfish/ 17 KB
7 KB 75ms
74ms Script
application/javascript 188.40.58.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://covivado.club/catfish/?sid=46867&rand=0.8565219206832058

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.40.58.150 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.150.58.40.188.clients.your-server.de

Software

nginx /

Resource Hash

9151aedcbea1a444c71621bda703d54e93812f1abd9a1936d23e18031fa6b818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: -1

POST
H/1.1 200
OK 6765fdb59f493d80bfd440a3df5ec395-17736-460874209.xml Show response
covivado.club/vast3/ 103 B
905 B 201ms
135ms XHR
application/xml 188.40.58.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://covivado.club/vast3/6765fdb59f493d80bfd440a3df5ec395-17736-460874209.xml?nw=MTU4MTkzNjA3OA==

Requested by

Host: covivado.club
URL: https://covivado.club/overroll/js/overroll.php?sid=17736

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.40.58.150 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.150.58.40.188.clients.your-server.de

Software

nginx /

Resource Hash

31c1186590acf43f4122e8f4a98822bc8661ff481fd389f10bca13c020d6f0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept: application/xml
Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache, no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Strict-Transport-Security: max-age=31536000;
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://koff.org.ua
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Thu, 19 Nov 1981 08:52:00 GMT, -1

GET
H2 200 b60_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 180ms
57ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_top.gif
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Thu, 20 Feb 2020 10:41:19 GMT

GET
H2 200 b60_center.gif
i.bigmir.net/cnt/samples/diagonal/ 79 B
250 B 101ms
57ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_center.gif
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4f"
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 79
expires: Thu, 20 Feb 2020 10:41:19 GMT

GET
H2 200 b60_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 95ms
58ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b60_bottom.gif
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:19 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Thu, 20 Feb 2020 10:41:19 GMT

GET
H2 200 page.php
www.facebook.com/v3.2/plugins/ Frame 8BE8 0
0 59ms
59ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=298574833922731&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df1ff4b57a186524%26domain%3Dkoff.org.ua%26origin%3Dhttps%253A%252F%252Fkoff.org.ua%252Ff35ad15aaf50d7c%26relation%3Dparent.parent&container_width=220&height=220&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkoff.org.ua%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=220

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=fc4fa7d437fb8e6d22d16d668199e97f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=true&app_id=298574833922731&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D45%23cb%3Df1ff4b57a186524%26domain%3Dkoff.org.ua%26origin%3Dhttps%253A%252F%252Fkoff.org.ua%252Ff35ad15aaf50d7c%26relation%3Dparent.parent&container_width=220&height=220&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkoff.org.ua%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=220
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0gVOArvs5XTNpglTR..BeSm3M...1.0.BeSm3M.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
facebook-api-version: v3.2
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: pL7R0oFP1CY4tGUDw+4g12Flsy47CpFlF27nkNtztr1R2yzfEzgypSuFzbZV7+TiJMVonhcojc7xrsyU+oEkaA==
date: Mon, 17 Feb 2020 10:41:19 GMT Mon, 17 Feb 2020 10:41:19 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 wRZDJEZXNXo
www.youtube.com/embed/ Frame C44D 0
0 114ms
99ms Document
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/wRZDJEZXNXo

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/wRZDJEZXNXo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache
expires: Tue, 27 Apr 1971 19:44:06 GMT
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
x-content-type-options: nosniff
date: Mon, 17 Feb 2020 10:41:19 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=eG-99IARHKE; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 10:41:19 GMT; httponly VISITOR_INFO1_LIVE=eG-99IARHKE; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 10:41:19 GMT; httponly YSC=MgSEr7cgprQ; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 17-Feb-2020 11:11:19 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 GUfQt8woX98
www.youtube.com/embed/ Frame 8286 0
0 126ms
111ms Document
text/html 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GUfQt8woX98

Requested by

Host: koff.org.ua
URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/GUfQt8woX98
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://koff.org.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options: nosniff
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
strict-transport-security: max-age=31536000
content-encoding: br
date: Mon, 17 Feb 2020 10:41:19 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=MUwOKWZkHNE; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 10:41:19 GMT; httponly VISITOR_INFO1_LIVE=MUwOKWZkHNE; path=/; domain=.youtube.com; secure; expires=Sat, 15-Aug-2020 10:41:19 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Mon, 17-Feb-2020 11:11:19 GMT YSC=j5w_h83Qbt4; path=/; domain=.youtube.com; httponly
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK mkucheriaviy232234_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 77 KB
78 KB 92ms
91ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/mkucheriaviy232234_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 662ec47c2b5b01a5af3ef6c8622f8d48bd8cd0c5fae4f7ee188ff91b59b1d1fc

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Sun, 16 Feb 2020 20:36:18 GMT
Server: nginx
ETag: "5e49a7c2-135d4"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79316
Expires: Mon, 02 Mar 2020 10:41:19 GMT

POST
H/1.1 200
OK 496c8bef8a3f40de71a47b3509aada52-47213-0.513157548730627.json Show response
covivado.club/vast/ 30 B
849 B 48ms
47ms XHR
application/json 188.40.58.150
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://covivado.club/vast/496c8bef8a3f40de71a47b3509aada52-47213-0.513157548730627.json

Requested by

Host: covivado.club
URL: https://covivado.club/catfish/?sid=46867&rand=0.8565219206832058

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

188.40.58.150 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.150.58.40.188.clients.your-server.de

Software

nginx /

Resource Hash

722ac42b2d405ef987fb05074f85482fb8c2f013f4f67c93f3911cb7d4faa3de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept: application/json
Referer: https://koff.org.ua/
Origin: https://koff.org.ua
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache, no-cache
Date: Mon, 17 Feb 2020 10:41:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Strict-Transport-Security: max-age=31536000;
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://koff.org.ua
Access-Control-Max-Age: 86400
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: Thu, 19 Nov 1981 08:52:00 GMT, -1

GET
H/1.1 200
OK /
botradar.tech/analyzer/ Frame 1AE6 0
0 43ms
42ms Document
text/html 159.69.58.69
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://botradar.tech/analyzer/?id=relap&sw=1600&sh=1200&iw=1600&ih=1200&ow=1600&oh=1200&dpr=1&tzo=-60&top=1&page=https%3A%2F%2Fkoff.org.ua%2F&ref=&f0=1&f1=1&f2=1
Requested by: Host: botradar.tech
URL: https://botradar.tech/public/analyzer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.58.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.69.58.69.159.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Host: botradar.tech
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://koff.org.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

Server: nginx/1.16.1
Date: Mon, 17 Feb 2020 10:41:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 129
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate

GET
H/1.1

200
OK

GoogleAdx_240x400.html
c8.net.ua/ggl_block/ Frame E042
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=400&slotname=3660&adk=1642629885&adf=3107560873&w=240&lmt=1581936079&psa=0&guci=1.2.0.0.2.2.0.0&format=24...
https://c8.net.ua/ggl_block/GoogleAdx_240x400.html

0
0

380ms
67ms

Document
text/html

212.1.66.234
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: r1.c8.net.ua
Software: nginx /
Resource Hash

Request headers

Host: c8.net.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://koff.org.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

Server: nginx
Date: Mon, 17 Feb 2020 10:41:12 GMT
Content-Type: text/html; charset=utf8
Content-Length: 427
Last-Modified: Fri, 01 Apr 2016 08:29:49 GMT
Connection: keep-alive
ETag: "56fe317d-1ab"
Accept-Ranges: bytes

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://c8.net.ua/ggl_block/GoogleAdx_240x400.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Feb 2020 10:41:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 10:56:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1

200
OK

GoogleAdx_300x250.html
c8.net.ua/ggl_block/ Frame 441F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1066739973685958&output=html&h=250&slotname=3660&adk=1555728971&adf=2089546181&w=300&lmt=1581936079&psa=0&guci=1.2.0.0.2.2.0.0&format=30...
https://c8.net.ua/ggl_block/GoogleAdx_300x250.html

0
0

396ms
71ms

Document
text/html

212.1.66.234
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.net.ua/ggl_block/GoogleAdx_300x250.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200212/r20190131/show_ads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: r1.c8.net.ua
Software: nginx /
Resource Hash

Request headers

Host: c8.net.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://koff.org.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://koff.org.ua/

Response headers

Server: nginx
Date: Mon, 17 Feb 2020 10:41:12 GMT
Content-Type: text/html; charset=utf8
Content-Length: 424
Last-Modified: Fri, 01 Apr 2016 08:29:49 GMT
Connection: keep-alive
ETag: "56fe317d-1a8"
Accept-Ranges: bytes

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: https://c8.net.ua/ggl_block/GoogleAdx_300x250.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 17 Feb 2020 10:41:19 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 17-Feb-2020 10:56:19 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK memkirsan400863_koff.org_.ua_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 4 KB
4 KB 62ms
61ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/memkirsan400863_koff.org_.ua_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 20ae2cec00b97759f76f827317ba41a97faff4ced287c83c6d7275b73f45de69

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Fri, 14 Feb 2020 17:26:29 GMT
Server: nginx
ETag: "5e46d845-10be"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4286
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK banner-religa023_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2017/10/ 48 KB
48 KB 115ms
114ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2017/10/banner-religa023_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 3d27e3b6ab0bd8dd22e7f6495e5558356a0fb3923afb35bacdc0af28e1edf5aa

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Thu, 12 Oct 2017 10:11:34 GMT
Server: nginx
ETag: "59df3fd6-bea3"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48803
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK reksertif2_koff.org_.jpg
koff.org.ua/wp-content/uploads/2015/05/ 72 KB
72 KB 108ms
107ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2015/05/reksertif2_koff.org_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: adbf714813c379a39db8c5c6d281cdb0ae1406cfc24204e285d00972926b39f2

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:19 GMT
Last-Modified: Fri, 18 Mar 2016 23:41:09 GMT
Server: nginx
ETag: "56ec9215-11fea"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73706
Expires: Mon, 02 Mar 2020 10:41:19 GMT

GET
H/1.1 200
OK vmarinenko3145_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 59 KB
59 KB 116ms
115ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/vmarinenko3145_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: fd2d58929091c771e152a2f03c6e1c90d9e1025f4def79a40bf2f2bdc9eb5ac9

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:21 GMT
Last-Modified: Sun, 16 Feb 2020 20:26:14 GMT
Server: nginx
ETag: "5e49a566-ec56"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60502
Expires: Mon, 02 Mar 2020 10:41:21 GMT

GET
H2 200 matchframe.php Show response
match.c8.net.ua/ 918 B
631 B 188ms
64ms Script
text/html 89.184.66.172
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://match.c8.net.ua/matchframe.php
Requested by: Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.66.172 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c8.net.ua
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: 4c3d060850975ba9b525d4cf422d8725e7800ccc4594a496cb74f4cfd9cc942a

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:21 GMT
x-request-stat: 1
server: nginx/1.15.5
x-powered-by: PHP/5.5.38
x-node-root: match
content-type: text/html; charset=UTF-8
status: 200
content-encoding: gzip
x-gw-server: _fcgi

GET
H2

200

match.php
match.c8.net.ua/
Redirect Chain

https://t.trafmag.com/images/1px-matching-c8.gif?id=5e4a6dd065cf65e4a6dd065d
https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=4011096112038297

0
185 B

70ms
64ms

Image
text/html

89.184.66.172
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=4011096112038297
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.66.172 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c8.net.ua
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 10:41:21 GMT
x-request-stat: 1
server: nginx/1.15.5
x-powered-by: PHP/5.5.38
x-node-root: match
content-type: text/html; charset=UTF-8
status: 200
content-encoding: gzip
x-gw-server: _fcgi

Redirect headers

Location: //match.c8.net.ua/match.php?dsp_id=29&key=5a55665d11da2ddc11b7b14d8dc4294b&dsp_user_id=4011096112038297
Date: Mon, 17 Feb 2020 10:41:21 GMT
Server: nginx
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Content-Length: 146
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK pixel
ps.eyeota.net/ 0
329 B 160ms
32ms Image
text/plain 3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=1mpb4m0&t=gif&uid=5e4a6dd065cf65e4a6dd065d
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:21 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 mtch.php
track.recreativ.ru/ 43 B
109 B 152ms
35ms Image
image/gif 136.243.84.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.recreativ.ru/mtch.php?nid=3&psid=5e4a6dd065cf65e4a6dd065d
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.84.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.84.243.136.clients.your-server.de
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
hn: b12
date: Mon, 17 Feb 2020 10:41:21 GMT
server: nginx
content-type: image/gif

GET
H2

200

match.php
r3.c8.net.ua/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rtb_baltic_sia&google_cm&google_hm=5e4a6dd065cf65e4a6dd065d
https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEFoePcRr9Wjb8J-MjQK1G00&google_cver=1

0
186 B

193ms
64ms

Image
text/html

89.184.66.97
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEFoePcRr9Wjb8J-MjQK1G00&google_cver=1
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.66.97 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c8.net.ua
Software: nginx/1.15.5 / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 10:41:21 GMT
x-request-stat: 1
server: nginx/1.15.5
x-powered-by: PHP/5.5.38
x-node-root: match
content-type: text/html; charset=UTF-8
status: 200
content-encoding: gzip
x-gw-server: _fcgi

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:21 GMT
server: HTTP server (unknown)
location: https://r3.c8.net.ua/match.php?ssp_id=3785&key=c2a141b272468ec143455d8a23772c90&ssp_user_id={SSP_UID}&google_gid=CAESEFoePcRr9Wjb8J-MjQK1G00&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

sync
tt.ttarget.ru/rtb/republer/
Redirect Chain

https://spb.bid.run/sync/c8net.gif?ssp_uid=5e4a6dd065cf65e4a6dd065d
https://sync.republer.com/match/?src=kavanga&src2=c8net
https://sync.republer.com/match/?src=kavanga&src2=c8net&qset=1
https://tt.ttarget.ru/rtb/republer/sync?id=1d033eba-2c9e-4597-bce1-ffe00320f132

0
103 B

240ms
63ms

Image
text/plain

80.78.249.254
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt.ttarget.ru/rtb/republer/sync?id=1d033eba-2c9e-4597-bce1-ffe00320f132
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.78.249.254 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51053.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 17 Feb 2020 10:40:34 GMT
Server: nginx

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 10:41:24 GMT
server: nginx
access-control-allow-origin: *
location: https://tt.ttarget.ru/rtb/republer/sync?id=1d033eba-2c9e-4597-bce1-ffe00320f132
p3p: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
status: 307
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials: true
x-host: rssp4
strict-transport-security: max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 388ms
81ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=18&external_id=5e4a6dd065cf65e4a6dd065d
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ 42 B
201 B 394ms
84ms Image
image/gif 81.222.128.216
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=23&external_id=5e4a6dd065cf65e4a6dd065d
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.216 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad16.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 CookieSync.axd
uaadcodedsp.rontar.com/ 807 B
1 KB 138ms
34ms Image
image/gif 144.76.34.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uaadcodedsp.rontar.com/CookieSync.axd?sspId=2&uid=5e4a6dd065cf65e4a6dd065d
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.34.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.34.76.144.clients.your-server.de
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 65e9ada049db714c820c47b0d855e2af6add274850cfc7896c43003fcd383162

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 10:41:21 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/gif
status: 200
cache-control: private
content-length: 807

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://pixel.onaudience.com/?partner=135&mapped=5e4a6dd065cf65e4a6dd065d
https://pixel.onaudience.com/?partner=162&icm&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=dn5h51u&t=gif&uid=9f2a3b7eb9e42aeb

0
329 B

39ms
38ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=dn5h51u&t=gif&uid=9f2a3b7eb9e42aeb
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 10:41:21 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=dn5h51u&t=gif&uid=9f2a3b7eb9e42aeb
content-length: 0

GET
H/1.1 200
OK gcr.php Show response
r.c8.net.ua/ 641 B
833 B 428ms
76ms Script
text/javascript 212.1.66.234
UKRPACK

General

Check archive.org

Show headers Download Go to

Full URL: https://r.c8.net.ua/gcr.php
Requested by: Host: b.c8.net.ua
URL: https://b.c8.net.ua/b/js/sys.js
Protocol: HTTP/1.1
Security: TLS 1.0, RSA, AES_128_CBC
Server: 212.1.66.234 , Ukraine, ASN6846 (UKRPACK, UA),
Reverse DNS: r1.c8.net.ua
Software: nginx / PHP/5.4.11
Resource Hash: 947ab4cd437b1cb6d8039ca1b6ea487dea3eb346a64faa57a6478a81b22cc4ce

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:41:14 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PHP/5.4.11
Transfer-Encoding: chunked
Content-Type: text/javascript

GET
H2 200 cmeter_an.js Show response
source.mmi.bemobile.ua/cm/ 10 KB
4 KB 210ms
68ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by: Host: r.c8.net.ua
URL: https://r.c8.net.ua/gcr.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:22 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-2699"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 123ms
123ms Script
application/javascript 194.247.175.23
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 10:41:22 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:53:34 GMT
server: nginx/1.13.0
etag: W/"5dc27bfe-d0f6"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:53:34 GMT

GET get_cookie
pa.tns-ua.com/bug/ 0
0

GET
H/1.1 200
OK 213340mshchan2020_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 73 KB
73 KB 114ms
113ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/213340mshchan2020_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 43bde83abb111df6cf6738b16709d02648a870410b8b9909dee80617e73f198e

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:23 GMT
Last-Modified: Sun, 16 Feb 2020 16:10:19 GMT
Server: nginx
ETag: "5e49696b-123b6"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 74678
Expires: Mon, 02 Mar 2020 10:41:23 GMT

GET
H/1.1 200
OK djunshp34_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 59 KB
59 KB 115ms
114ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/djunshp34_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: fb6498fe580df227153aae46f3f2be6fef818f2f3ded9aec6e138e8f810817ca

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:25 GMT
Last-Modified: Sun, 16 Feb 2020 15:49:43 GMT
Server: nginx
ETag: "5e496497-eccb"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60619
Expires: Mon, 02 Mar 2020 10:41:25 GMT

GET
H/1.1 200
OK 213343rubmshchan2020_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 113 KB
113 KB 113ms
113ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/213343rubmshchan2020_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 6770f62145aa82cb5c5f0359cdc41a01f3e4cbc0022fdeb77ae2330ef3f5914d

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:28 GMT
Last-Modified: Sat, 15 Feb 2020 18:35:20 GMT
Server: nginx
ETag: "5e4839e8-1c44d"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 115789
Expires: Mon, 02 Mar 2020 10:41:28 GMT

GET
H/1.1 200
OK gatne34_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 74 KB
74 KB 113ms
112ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/gatne34_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: c8cabf13c8ce1cea6bc98a887f2e78fbb356573cc53cf5d473454fda94a71518

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:30 GMT
Last-Modified: Sat, 15 Feb 2020 19:42:25 GMT
Server: nginx
ETag: "5e4849a1-12868"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75880
Expires: Mon, 02 Mar 2020 10:41:30 GMT

GET
H/1.1 200
OK zuevich0054_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 79 KB
79 KB 114ms
112ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/zuevich0054_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 45ec5fe322c5785b8356b3c10ec4637ee57a4c6aa4f6e3183c9a1f17cc663db3

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:32 GMT
Last-Modified: Fri, 14 Feb 2020 17:47:03 GMT
Server: nginx
ETag: "5e46dd17-13a59"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80473
Expires: Mon, 02 Mar 2020 10:41:32 GMT

GET
H/1.1 200
OK chaykaed25003_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 70 KB
70 KB 113ms
112ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/chaykaed25003_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: a366736bb5aaaffb9f40ffdb8210b4a3204939e504a8466aa1509e9098e45f9d

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:35 GMT
Last-Modified: Fri, 14 Feb 2020 17:36:56 GMT
Server: nginx
ETag: "5e46dab8-1185b"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71771
Expires: Mon, 02 Mar 2020 10:41:35 GMT

GET
H/1.1 200
OK 564484-Memorial-Kirsanova_koff.org_.ua_.jpg
koff.org.ua/wp-content/uploads/2020/02/ 75 KB
76 KB 115ms
115ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/564484-Memorial-Kirsanova_koff.org_.ua_.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 0ffe411273c07034a1286eb78a70e6cee510a267338f41e304f1d3959fca1b24

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:37 GMT
Last-Modified: Fri, 14 Feb 2020 17:26:31 GMT
Server: nginx
ETag: "5e46d847-12d03"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77059
Expires: Mon, 02 Mar 2020 10:41:37 GMT

GET
H/1.1 200
OK 0066731logomemshchan_koff.org_.ua_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 4 KB
4 KB 66ms
65ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/0066731logomemshchan_koff.org_.ua_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: 341fa4842da7b9c9b8c07ab6cab29f1355094a73a4158cc6dd2ee03ca00ae296

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:38 GMT
Last-Modified: Sat, 15 Feb 2020 18:24:43 GMT
Server: nginx
ETag: "5e48376b-f27"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3879
Expires: Mon, 02 Mar 2020 10:41:38 GMT

GET
H/1.1 200
OK krohmal325443_koff.org_-100x100.jpg
koff.org.ua/wp-content/uploads/2020/02/ 4 KB
5 KB 67ms
67ms Image
image/jpeg 194.28.173.9
BESTHOSTING-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://koff.org.ua/wp-content/uploads/2020/02/krohmal325443_koff.org_-100x100.jpg
Requested by: Host: koff.org.ua
URL: https://koff.org.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.28.173.9 , Ukraine, ASN42655 (BESTHOSTING-AS, UA),
Reverse DNS: s68.r53.com.ua
Software: nginx /
Resource Hash: bc3418a84e72db4d618e6608e9722eb7c4eff583c1670b72ef910621dad3adf2

Request headers

Referer: https://koff.org.ua/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 10:41:38 GMT
Last-Modified: Tue, 11 Feb 2020 16:18:04 GMT
Server: nginx
ETag: "5e42d3bc-11b6"
Content-Type: image/jpeg
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4534
Expires: Mon, 02 Mar 2020 10:41:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pa.tns-ua.com
URL: http://pa.tns-ua.com/bug/get_cookie

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://koff.org.ua/wp-content/cache/scripts/c87d8b5d122bbb25d7cde4667920bcd3-deanedwards.js(Line 15) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://covivado.club/overroll/js/overroll.php?sid=17736(Line 28) Message: overroll arg
console-api	log	URL: https://covivado.club/overroll/js/overroll.php?sid=17736(Line 196) Message: ready
console-api	log	URL: https://covivado.club/overroll/js/overroll.php?sid=17736(Line 231) Message: mobile
console-api	log	URL: https://covivado.club/overroll/js/overroll.php?sid=17736(Line 395) Message: haveset
console-api	log	URL: https://covivado.club/catfish/?sid=46867&rand=0.8565219206832058(Line 5) Message: null
console-api	log	URL: https://relap.io/botradar/check.js?callback=window.relap.callbackRegistry.relapCb798494(Line 30) Message: TypeError: callback is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mail.ru
adservice.google.com
adservice.google.de
b.c8.net.ua
bidder.criteo.com
blind.gg.datahub.ubic.tech
botradar.tech
c.bigmir.net
c8.net.ua
cm.g.doubleclick.net
cm.p.altergeo.ru
connect.facebook.net
covivado.club
dmg.digitaltarget.ru
fonts.googleapis.com
googleads.g.doubleclick.net
i.bigmir.net
koff.org.ua
match.c8.net.ua
pa.tns-ua.com
pagead2.googlesyndication.com
pixel.onaudience.com
ps.eyeota.net
r.c8.net.ua
r.i.ua
r3.c8.net.ua
relap.io
sinoptik.ua
sinst.fwdcdn.com
source.mmi.bemobile.ua
spb.bid.run
ssp.adriver.ru
ssp.c8.net.ua
static.criteo.net
stats.g.doubleclick.net
sync.1dmp.io
sync.republer.com
t.trafmag.com
top-fwz1.mail.ru
track.recreativ.ru
tt.ttarget.ru
uaadcodedsp.rontar.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.koff.org.ua
www.youtube.com
pa.tns-ua.com
136.243.84.75
138.201.139.144
144.76.34.244
159.69.58.69
172.217.22.34
178.250.0.165
185.15.175.148
185.99.9.123
188.40.58.150
193.200.65.5
193.239.68.97
193.239.71.100
194.190.117.33
194.190.117.94
194.247.175.23
194.28.173.9
194.67.75.10
212.1.66.234
212.1.66.239
212.42.76.150
217.69.133.145
2a00:1148:db00::17
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:4001:820::200e
2a00:1450:400c:c00::9d
2a02:2638:1::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.120.214.218
80.78.249.254
81.222.128.216
85.194.242.103
87.240.137.158
89.184.66.172
89.184.66.89
89.184.66.97
91.198.36.16
95.216.101.186
004928749f33f30c1936c06fec692299a1e125af24db613d75c5de352f19c4da
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05ec4d18dd44103f56cb2ab75f60836fbcc8ff6e7185d3949c0d9724e2a8b816
0d71ff2a4d506a453604bfdabd4afac045818845c244c748224a2d37300e3937
0f612011f640912bac15c880810a6461ebf2257ea600146b69437f9fd8d2a003
0ffe411273c07034a1286eb78a70e6cee510a267338f41e304f1d3959fca1b24
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1101aeb68ba6cbf1f0592f3aec94fc2820012891b0543d3b5c54d0cb48324b36
14af62f9867b3e1a7864f7967999ebac3b11459e1dc44b1317fea474366777f3
1585773a353b32327d67b3d5937d10374ee7095093d3207c82e2b9536297d7c0
16e1d6c079514e1a9f9cbf9d4e63d18e236064431ad48b9fd158a199824d51d9
18115dad45ae49bdbd07b64dacf5cce1b0b3406c49be7454004623d3e9eb13af
18f68c12a944682db69cda500959aad1553669d47a0757999e19f3b31eee4eeb
1bc2aae9144f8a8c223c478d3efee99a25f070ef0f13747f35c7bb51d73d0bad
204f4fa7cb3b98dde9638e72d433d3477dde23dfa7f7c39d8704255663732082
20ae2cec00b97759f76f827317ba41a97faff4ced287c83c6d7275b73f45de69
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
291745fd7ee0cc0d7a59c518e556ada6b6443fc2f139d82f2a642baf80233106
2940fd5410266278b49250a1b2afdc5be955676657dc1f9f0b5c20dcf902aba0
29d397a3bb42781c0cd379195ee9e2daf65515fc0e52194e97f46940a4c36618
2ac91eb6916663bfa4a7e9c5bcc5feb3855c4c0c4541f3fda54aaa7d21fe0d69
2af160e00d4f174162e7d5f2e9aafbbf63dc2e10e988e7cfd8185fd4b0b129e2
2df2ec4405cfa52db76da68cf99e6bc63e144b084a0e9d48dd0612cd2b2929e2
31c1186590acf43f4122e8f4a98822bc8661ff481fd389f10bca13c020d6f0ad
32dea4196d2579b9da038bab5e6602aea50a7e94ba69a38be30672f558801651
341fa4842da7b9c9b8c07ab6cab29f1355094a73a4158cc6dd2ee03ca00ae296
3c7e08f98d3bccd4e3b3a898d770d5e09f967444173183ff880017559fbb644c
3d27e3b6ab0bd8dd22e7f6495e5558356a0fb3923afb35bacdc0af28e1edf5aa
3d7bc91650f6b0fccc954757f09cb083f6a6b7ea29622ca4c47e4a759c2e34b2
43bde83abb111df6cf6738b16709d02648a870410b8b9909dee80617e73f198e
45ec5fe322c5785b8356b3c10ec4637ee57a4c6aa4f6e3183c9a1f17cc663db3
4c3d060850975ba9b525d4cf422d8725e7800ccc4594a496cb74f4cfd9cc942a
56ae8084a1f412356c3e67087d606170c4518a5dc24c871fc925459686c5b6cc
597b5c51966e6f701a0a615382f7089bb1b8bca02533945597a9617f9bafdc8f
5b63d33c7922ca546d37dd51f9e9cd43e28b9218129f2ef7b2878ba64f77e2ed
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
62809c09f78bcbcf1233cfcde966c640fd0ad54e1b5ef157dcac1897180f44d8
653e6f201f0a0f282d70f0392fab62f38299dcaf67582f322d20600e3aac3a0a
65e9ada049db714c820c47b0d855e2af6add274850cfc7896c43003fcd383162
662ec47c2b5b01a5af3ef6c8622f8d48bd8cd0c5fae4f7ee188ff91b59b1d1fc
6770f62145aa82cb5c5f0359cdc41a01f3e4cbc0022fdeb77ae2330ef3f5914d
6c886518dd2d1f700b72d1339199c5ab235e348f81e6e95c870d2f34cea4271e
6e4803f5db4176bd009027b8ba4e8260b9892e6e94cd8e9a318bb2672e89c1d2
6e5c9d97fc74f6ff99fb0e90296018e300d078efef039e2e0d81cb0c16afbea9
71ac18c056c284d9e866c3893b3aa05f4b59c5de157c20788f2adbbe3b30ce0f
722ac42b2d405ef987fb05074f85482fb8c2f013f4f67c93f3911cb7d4faa3de
89d15e8d6c0a69d8914c2c2363200b5fc3033c509439795e5bbe144974038e81
9151aedcbea1a444c71621bda703d54e93812f1abd9a1936d23e18031fa6b818
91d1849b817af78e460d0a26a0eb95a3a6d6348f4c6576346523acefb5a11bc5
9384c34c1865fe2d92ec677995c9a44fdf2909a2bc89e28adcaf18092c5403ca
947ab4cd437b1cb6d8039ca1b6ea487dea3eb346a64faa57a6478a81b22cc4ce
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
9b6ec91048417ad59eaa0e815efef51648f9244af66b45bbe6491fac8e87df2c
a366736bb5aaaffb9f40ffdb8210b4a3204939e504a8466aa1509e9098e45f9d
a7019b73cbcf928d42e36f0588c8748254ef15b914690083d80a629943267dcd
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad777a226e613d2e399b795cff5b04330f343b02a611f445b1e3c08efdc06d14
adbf714813c379a39db8c5c6d281cdb0ae1406cfc24204e285d00972926b39f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1793edea2c5e9f935b11981c437c4a9ac736fd9d71e9d7fa3ca8e49080581ad
b42657565eb3a493015a4b7130793fca8eb870feca0e492b3b1a050bf785d220
b56fd6fba6303d72dda87e55ce9bb70fdf0376de22e9d981e8d6fcc7f65f5c7b
ba4ccad197ed62d41592a2c7f6988ee4bf6f481e12ed4640f1334d7257660aad
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbaffb5d74797dcf33e43e5a27b38a6aa5ab22e579b98a9adc0b23de6aa222c0
bc3418a84e72db4d618e6608e9722eb7c4eff583c1670b72ef910621dad3adf2
bc792e3e89de0a88240be05f9bbe3cf9048365445c16774bdb9732c0f6517b94
c71d7f097577587d5962ca929ab9348ff381b94927eb2b64a320e160f150c3a3
c73282a8fffc1d524eb4c7edc2ccecadecd63710bb47c0d1d77cdc5a35feb3f4
c818192ae9d904ca28add882447bddea1909284e021c8ab4b437014b8dec9f94
c8cabf13c8ce1cea6bc98a887f2e78fbb356573cc53cf5d473454fda94a71518
c9ba7773b6f395d4f83b73b2324d739ec6b2b017cccfd3e8c4e034bddcd96b5a
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cd89c5b39effea2e5591fed887a385eda3c78234d9634f36bd0c0ca789971ce9
cdbb6c39ea020596ffc923abbf8f6fdc0743f42b77f3a0cfd6683e040f57a7d0
d4f82f581c48c88987f8671ee14c5c758202197ec1169cd24ee2a3e23955039d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd2cc588dcab090a6f3ede9f162c9e0ab589ba8200bf4d25f589480fcff7510e
de194513e4629c7a62da8ab95582cfb3294943483c00ff17a1d6ce80d7ca1477
e2c86d8b63e1a4e0dd659555101eff1953286b54d281f7083c79707a0548d1c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc6025a5431bb2726c90c4f5840c66ea2bdbd0122b6dbc953ab85befc42a68
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb68fbc2a217b70e62cf13f2ee0b7fdebf9045e54fbb43d102ab228382f56093
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9715acfe6c7778ebc2597399060edf41b3c6e2a6d240a41b57551c0a8d5fe7
eff40a5122913bb42f139d35e83e8095c32340e6201226969b6ce054eeec303d
f6b5707e0fa2eb5f2071e0ebdac506d6b428ec5e8de64280cc6af56eb2abd904
f82e23a86b289a56a86894908d2cafcc0fd81634bf9de93b3115eda4f1376c97
fb6498fe580df227153aae46f3f2be6fef818f2f3ded9aec6e138e8f810817ca
fd2d58929091c771e152a2f03c6e1c90d9e1025f4def79a40bf2f2bdc9eb5ac9
fe7e9eb12d0a07881ea1c666187dcc66ff81559120b2f54858133924bcabe59d

koff.org.ua Open in urlscan Pro 194.28.173.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

99 %HTTPS

31 %IPv6

38 Domains

50 Subdomains

39 IPs

10 Countries

1706 kBTransfer

2939 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

koff.org.ua Open in urlscan Pro
194.28.173.9 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

99 %
HTTPS

31 %
IPv6

38
Domains

50
Subdomains

39
IPs

10
Countries

1706 kB
Transfer

2939 kB
Size

0
Cookies

120 HTTP transactions
3 data transactions