vestniktm.com Open in urlscan Pro
2606:4700:20::ac43:4935 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vestniktm.com/
Effective URL:
https://vestniktm.com/
Submission: On February 18 via manual (February 18th 2023, 5:37:17 pm UTC) from TM — Scanned from DE

Summary HTTP 118 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 21 domains to perform 118 HTTP transactions. The main IP is 2606:4700:20::ac43:4935, located in United States and belongs to CLOUDFLARENET, US. The main domain is vestniktm.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 18th 2022. Valid for: a year.

This is the only time vestniktm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:d04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
51	2606:4700:20:... 2606:4700:20::ac43:4935	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	95.163.118.168 95.163.118.168	12695 (DINET-AS) (DINET-AS)
7	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 5	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	62.149.0.249 62.149.0.249	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
3	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
118	26

1 2606:4700:20::681a:d04 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

vestniktm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2606:4700:20::ac43:4935 (United States)

ASN13335 (CLOUDFLARENET, US)

vestniktm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.vestniktm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.118.168 (Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: ulogin.ru

ulogin.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.249 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: get.mycounter.ua

get.mycounter.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.157 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	vestniktm.com 1 redirects vestniktm.com www.vestniktm.com	195 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 137	269 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9388	3 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	47 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	224 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10359	20 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 3974 pixel.mathtag.com — Cisco Umbrella Rank: 972	3 KB
4	ulogin.ru ulogin.ru — Cisco Umbrella Rank: 256890	45 KB
3	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 33307	1 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3701	58 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
2	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 35511 hal90007.redintelligence.net — Cisco Umbrella Rank: 253840	4 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	96 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 10211	1 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 362	17 KB
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 40379	37 KB
2	mycounter.ua get.mycounter.ua — Cisco Umbrella Rank: 716925	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9006	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	602 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 699	29 KB
118	21

	Domain	Requested by
50	vestniktm.com	1 redirects vestniktm.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	mc.yandex.com	3 redirects vestniktm.com
7	pagead2.googlesyndication.com	vestniktm.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	top-fwz1.mail.ru	1 redirects vestniktm.com
4	ulogin.ru	vestniktm.com ulogin.ru
3	fonts.gstatic.com	fonts.googleapis.com
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	kraken.rambler.ru	st.top100.ru vestniktm.com
3	mc.yandex.ru	2 redirects ulogin.ru
2	www.googletagservices.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects vestniktm.com
2	ssl.google-analytics.com	vestniktm.com
2	st.top100.ru	vestniktm.com st.top100.ru
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	get.mycounter.ua	vestniktm.com
2	www.vestniktm.com	vestniktm.com
2	www.google.com	vestniktm.com tpc.googlesyndication.com
1	hal90007.redintelligence.net	hal9000.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	vestniktm.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	code.jquery.com	vestniktm.com
118	27

This site contains links to these domains. Also see Links.

Domain
www.samsungtm.com
www.vestniktm.com
play.google.com
top.mail.ru
mycounter.ua
www.megastock.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-18` - `2023-05-18`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
ulogin.ru R3	`2022-12-30` - `2023-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
get.mycounter.ua R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-02-08` - `2024-03-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://vestniktm.com/
Frame ID: 04AEDDDD8BBC28594C74D060924CA174
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html
Frame ID: F81EB45870097B3ECC4695E85D51A075
Requests: 1 HTTP requests in this frame

Frame: https://vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676736000
Frame ID: 7E5532117D0F38A744A8EBCA8CFF4881
Requests: 3 HTTP requests in this frame

Frame: https://ulogin.ru/stats.html?r=85652&type=small&xdm_e=https%3A%2F%2Fvestniktm.com&xdm_c=default5915&xdm_p=1
Frame ID: C2F25755CCE071CC8CD36F301AA792BD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=250&slotname=8297280443&adk=3234973959&adf=2451493717&pi=t.ma~as.8297280443&w=300&lmt=1676741832&format=300x250&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832354&bpp=4&bdt=451&idt=272&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2351047257976&frm=20&pv=2&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=okFrnaeHjN&p=https%3A//vestniktm.com&dtd=292
Frame ID: D2A8F9FD9E1D883696C94E253E137B59
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=600&slotname=1967854049&adk=896027389&adf=734042238&pi=t.ma~as.1967854049&w=300&lmt=1676741832&format=300x600&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832358&bpp=1&bdt=454&idt=483&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Ovblski7sK&p=https%3A//vestniktm.com&dtd=487
Frame ID: 4E79075817F9E5D39D043196EB1861E3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&adk=1812271804&adf=3025194257&lmt=1676741832&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_r&format=0x0&url=https%3A%2F%2Fvestniktm.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832401&bpp=2&bdt=498&idt=455&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&nras=1&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=483
Frame ID: B73560132F9EB517899CC21F4DB5A7E2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: CF397D28E8EB55729546F3986E69F14A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F715EC680F78DA370906C3234D99F643
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92FD6ED7B6CC10B7A51DD003FBC2A1DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VestnikTM.com Рекламный Вестник Туркменистанa. Твое объявление в каждом мониторе

Page URL History Show full URLs

http://vestniktm.com/ HTTP 301
https://vestniktm.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

118
Requests

96 %
HTTPS

62 %
IPv6

21
Domains

27
Subdomains

26
IPs

7
Countries

1055 kB
Transfer

2600 kB
Size

35
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: http://www.samsungtm.com/

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c89.html
Title: Строительные и отделочные материалы

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c145.html
Title: Оптовая торговля и поставки

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c237.html
Title: 3 комнатная

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c369.html
Title: Услуги по строительству и ремонт

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c144.html
Title: Строительные и отделочные работы

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c229.html
Title: Квартиру

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c94.html
Title: Дома / Houses

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c159.html
Title: Прочее

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c91.html
Title: Ищу работу / Looking for a Job

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c236.html
Title: 2 комнатная

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c157.html
Title: Ремонт бытовой техники

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c79.html
Title: Транспортные услуги

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c100.html
Title: Хозяйство

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c76.html
Title: Здоровье и красота

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c72.html
Title: Знакомства / Personals

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c146.html
Title: Консультации / Consulting

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c235.html
Title: 1 комнатная

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c348.html
Title: Номера телефонов / Phone numbers

Search URL Search Domain Scan URL

URL: https://www.vestniktm.com/c366.html
Title: Хозяйственные товары

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.stdio.vtm

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1824755

Search URL Search Domain Scan URL

URL: https://mycounter.ua/

Search URL Search Domain Scan URL

URL: http://www.megastock.ru/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vestniktm.com/ HTTP 301
https://vestniktm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://top-fwz1.mail.ru/counter?id=1824755;t=478;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1824755;t=478;l=1

Request Chain 70

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9918.loGd51ogxZkbZusqmtL0LvI-CJtrP245YXxVFuh3Iomrmuj9yCpVziSQ0llTAcrb.EW1VqmDJLeijfMZz9gueEsPxFS0%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9918.lpoeWk9rUZsekozf9GHflWE_TI-TPP5yAEMuxFGpo96Kw3JI0P9Sb5jCIiM-QjYlteltWL686tQ3AidygVlgpCgtQ140cUNfHSWUyaOfPBk%2C.tT-bHsa6fd__GBBKTGVyMwD1EdE%2C

Request Chain 80

https://counter.yadro.ru/hit?t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault5915%26xdm_p%3D1;0.7199303735362559 HTTP 302
https://counter.yadro.ru/hit?q;t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault5915%26xdm_p%3D1;0.7199303735362559

Request Chain 81

https://mc.yandex.com/watch/82412725?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159889566571%3Ahid%3A1067611820%3Az%3A0%3Ai%3A20230218173712%3Aet%3A1676741833%3Ac%3A1%3Arn%3A408420247%3Arqn%3A1%3Au%3A167674183373763528%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C17%2C57%2C5%2C51%2C0%2C%2C493%2C5%2C%2C%2C%2C624%3Aco%3A0%3Acpf%3A1%3Ans%3A1676741831774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676741833%3At%3AVestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159889566571%3Ahid%3A1067611820%3Az%3A0%3Ai%3A20230218173712%3Aet%3A1676741833%3Ac%3A1%3Arn%3A408420247%3Arqn%3A1%3Au%3A167674183373763528%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C17%2C57%2C5%2C51%2C0%2C%2C493%2C5%2C%2C%2C%2C624%3Aco%3A0%3Acpf%3A1%3Ans%3A1676741831774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676741833%3At%3AVestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9918.h3EsGnsFPTXtBF7FCPbJlk21R3tnHe-RhhP67Ecdfs9svBA14_aC5VHfRxT-MxTa.yVzcmzidTKPrD5vnLacOmNqQ6WY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9918.EPkym7QKJVnbmhBKpQwLb0MJkYzuJdBc3smltM17Av0yko0hPVIZ9u3myhhpob6OvL2HC8R6PycsG5AamB5ByMz4cgR_6YQ4aS8sMwVWq50%2C.xD2RCuCMtiiyn4oMbxXYMJ2pxXA%2C

118 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
vestniktm.com/
Redirect Chain

http://vestniktm.com/
https://vestniktm.com/

135 KB
21 KB

75ms
57ms

Document
text/html

2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbbbe244b0d27e09475ac38e21020f6dc73501eb42176bb76f70b21b9566e1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 79b887810ec539bc-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 18 Feb 2023 17:37:11 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDV8CYpCcIwrXnyA8K31OSuBQSXqltGEaH41jgtlY%2F61TVrZBvqVXb6eocW7UsO2yo7ZoweGni1hrKbZ2Y3kTXaZKOosegWMMf9VQDLEbMA%2FVfl2t60ENfEhSHnB2gq2S13pkLJ4mFu%2FgtQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding,User-Agent

Redirect headers

CF-RAY: 79b88780ca3c30ea-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 18 Feb 2023 17:37:11 GMT
Expires: Sat, 18 Feb 2023 18:37:11 GMT
Location: https://vestniktm.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcBNU27ndQjw0zf1weE6S1Y0ZzC5zO0IRTbMqBfQuD0ZrN%2FuO%2B%2F6RH9mcM8s0SJQ%2B12mYGp8FV9ESoLxFtjmQKYO9au44yY0QjexQKs6nHXjIoP7K5TJOk5E%2FBOpQdw08qEFFxrzYfVmcg4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-2.0.3.min.js Show response
code.jquery.com/ 82 KB
29 KB 47ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.0.3.min.js
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1469c"
vary: Accept-Encoding
x-hw: 1676741831.dop217.fr8.t,1676741831.cds002.fr8.hn,1676741831.cds129.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29305

GET
H2 200 jquery.totemticker.js Show response
vestniktm.com/images/ 31 KB
13 KB 20ms
19ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/images/jquery.totemticker.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

019f5360eeff4dab248dade0cd71b37a674f8b8ca39852e1a52c316057dd0c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Sep 2013 08:12:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 433869
etag: W/"7ce9-4e7590b16ecc0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62rgJWu7pJZ9H%2FXH4H1s%2BaZeC96hugRpytTPCM83uwNW7E1gZXYpEocgTOOeYhcr37qm4TqKPmzmhX7e2jAq7g4gGRARoGUy445qsuy1IDZbsp%2BXqOMlWf9ty%2F9JDh6V%2BXE2ibCvFQ80uY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31449600
cf-ray: 79b887816f4d39bc-FRA

GET
H2 200 swfobject.js Show response
vestniktm.com/js/ 25 KB
8 KB 43ms
42ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/js/swfobject.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e3fbd3b6c791205f9b2b90a80b881f418fb06ed8b18924638eb907e904d2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 01 Nov 2009 21:35:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63d8-477560b943e00"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWxFieSsXl6%2Bcvn6szyzHKl%2F2yZrDZaocr0Niwtr6YJf8jwuHiZcOP%2FHjBbv4eq8r1ZptX2xPLg1ZgWprYRrQybch3rtrPLfE2KgLvjKhVVR4n7HVY0LGp5fz%2FKWh24rRgy7fyF%2FmzraKfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79b887816f4f39bc-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 37ms
15ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df388f138c472e8df27800daf1f88e4cb62f274c732d75aee03929a143917d6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Sat, 18 Feb 2023 17:37:11 GMT

GET
H2 200 style.css
vestniktm.com/images/ 13 KB
4 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/images/style.css

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2771dd74d5fb66bc05f538cc857eb9d4a4d4fa8e02e9411b14e6a6455ec649d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Oct 2018 13:44:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 433869
etag: W/"334a-5776759791e80-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cZ0FyXjuXJNldogFB0xY0MASVQVq2gAqdEbHmitG8vuVy6ik5SJ0nj390cfZPKfw9Wjvdu1DTPGJkxkxIcdTmUINfRIpo%2BZ5udup5%2Ftzvzuwzc%2Fq1uE7qSySUqfIrNz7jH8Ga%2BhaUcr2MU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31449600
cf-ray: 79b887816f4c39bc-FRA

GET
H2 200 main.js Show response
vestniktm.com/images/ 26 KB
8 KB 20ms
20ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/images/main.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c246d0466481445e83816cebe60495dca5278413cb89b52e46e857473c1c3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Jul 2013 18:21:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 784192
etag: W/"682a-4e08b699fd100"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5lOv2Z5nsAIlZYbRYyMKJo30H05QutZ71R4y%2B%2FLnPSofg%2FS2uUfA3YkebmbKz22aLZujwC44zPMvfMCoDv0vdx92JqAzekHtmd3hd3gzmrU1MX4eltYT0ZvvCP%2BhzYk%2FRhnp0JNF81JCYyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31449600
cf-ray: 79b887816f5039bc-FRA

GET
H2 200 ru.gif
vestniktm.com/images/ 350 B
653 B 25ms
21ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/ru.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a764f62c2da44c57cd2cbcc52678ef7111a2db21d15907ae0162a89ff3792f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "15e-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IuYN%2BSS5rExAS8cIpJs%2FGk4%2Bex8v0AF0xqiXFwetUvEluwbcA6zRz%2FIHjXV08H6q0y7q3Q5AKyorePlQXPhd9k24vlGvRLcyUMigPrHQoxdYNvjJctjGb82EGdXzLRoLUTKZQfqgnJkxHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfde39bc-FRA
content-length: 350

GET
H2 200 tm.gif
vestniktm.com/images/ 547 B
884 B 22ms
18ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/tm.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc1cee967eadc905816446769a44c4ace541d3fc115f37281079b7f174c5726

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "223-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Slln2hYuQexNeGSUDPuBHQt5QxiR9%2BCgRVYiiW0ROR3Etj0Hum5kc8NN0p%2Fmv6it8knPo6WPOCmPwmzbNrwb94az%2BFQDUHpOzEjzt4UzuEa8sYG9PU5LsrdThXIyxOHzE9LXftMnkdnmPWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfdf39bc-FRA
content-length: 547

GET
H2 200 0.png
vestniktm.com/images/img/ 143 B
444 B 23ms
19ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/0.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edeb5194b45b4653c7d85e748d7dce1da6bab4027a71325b8775c661b39de70

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "8f-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rWce3gTl0weNYVNFR%2Fhue4Oylb9YKgY%2B48zuVofyQyb88%2B8CkD3wL4T3jehcGorVF8hn0daMRKpEM1I3jT0T5z8ZjZyHg5IgwKWZ%2FOifK8djOcAJTBEWj2v9ZLi3o2XwOZdS4mrsOrO9Nw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfe039bc-FRA
content-length: 143

GET
H/1.1 200
OK ulogin.js Show response
ulogin.ru/js/ 55 KB
19 KB 285ms
109ms Script
application/x-javascript 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/js/ulogin.js
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: 3280543e84de566566928da72b8b14c87af08fdcc9a853e0bccbde1ed0be49df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Aug 2021 18:41:38 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200
Connection: keep-alive
Expires: Tue, 21 Feb 2023 17:37:15 GMT

GET
H2 200 ico_region.png
vestniktm.com/images/img/ 786 B
1 KB 22ms
18ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/ico_region.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a700656384abfd0541cbd3b592b062b3bdb81edd225e4110cbd25896144520bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "312-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaH3FaYxU44%2FvHeiVG5Cf1GODLqDVjiQTef1NOBrr2xvJPRk%2FdGzvQs8sBF6ecUGBOmMiYNYLxDasy5PPewm8DvXWpyw1GUip1pT78PdLrlCaJtXd5NCHexXsaVSuxSjSD87CRZwriJWmgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfe339bc-FRA
content-length: 786

GET
H2 200 user.gif
vestniktm.com/images/ 586 B
891 B 24ms
20ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/user.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8057eda5827a5fbf4d936aabe79d8a307cbbd5629b4a620e6eb08dcd5e7b01d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "24a-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bOiAvCf%2FdCXghkSaT5X1MCzjt7%2BVTPfG77tCPRijv4IJkkOFHehnnsTOgutocNQuwy3BQRD4IswWf3Ov%2F4SCAeTT%2F%2FBMnzgSBqErDn8dRHP7VsCiHx2YWBZxZCzikg5Uz3vKgB9R4DTiwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfe439bc-FRA
content-length: 586

GET
H2 200 category.gif
vestniktm.com/images/ 582 B
884 B 25ms
21ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/category.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a898e7d2ac05f7530e5d19ac93f570e5b00b4e6c6251df52752227ff99e524

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "246-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9x7GvdNuInhd3vxFj1uUrb3eQ4Y269QA4G%2F6Uxf7ao1ct%2FzNTIXZrs%2Bnyx2QbOgeN88QSCTP7oArTZ5Zypj8YiMH3M3%2FmvvOiPtlA9DAio9%2FTVHnx2JZ0IviUUhV8doENSo1T4hQuXLexM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781dfe639bc-FRA
content-length: 582

GET
H2 200 inf_ico.png
vestniktm.com/images/ 2 KB
2 KB 30ms
26ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/inf_ico.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dff66d437444385249ef1bf5b90ecaae8914c72a427522a71ec111f3798644

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "708-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeJVBLa38U%2BzC%2Fl0%2F0KFUkhnSZvHdf%2FGWAyt76pL1Wn7W994HNJ3iHndzwc4mvl4j6Vh3JXAiSZJcOUOYq91SngISTNhxjO49XR0Q1CK8WnnD2lhz2Dx%2FdEvrbRjXrqbGO6hFq1Cc%2Bl0LIE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781efec39bc-FRA
content-length: 1800

GET
H2 200 top_on.gif
vestniktm.com/images/ 1 KB
1 KB 26ms
22ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/top_on.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b781bd35f56a0590e6ab6e8a90c5b68ded195695b75ccf45ceae8bf663cf1a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "41d-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CD9F%2FixGWOzpGBcZy67q8%2B3LyATgaCU78SGNrI90RANHsscnyfzfcSB9vaEsILJsLfgEitFFH11Mj%2FpoQOg2N%2BwzKgfwa73ZDkH7BDo9r0mpljjALd5OJY3EXQBBlXb5DRv5804w60R5AY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781efed39bc-FRA
content-length: 1053

GET
H2 200 samsung_feb_new.gif
vestniktm.com/adv/adv_banners/ 9 KB
9 KB 47ms
44ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/adv/adv_banners/samsung_feb_new.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7361cb5b4e1e444fb0cf2273b94724df3df4e3f3af48b1433b5c467a169857b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Feb 2023 21:39:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "234e-5f3aa476f0000"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY9mf%2BQrjae7%2B7%2B1kaAGurqH7l%2FKH9GIvsvbJoS2vuRzExoqfQAG04i2NEFXdCsn%2BaXusC9Y0yjQaRO5CDdJyQuXPtXqrXt4mLEdgApzu2b1JC9kwCNhu%2Fr9621DkZ52YZBDUvNQrSxHUPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79b88781efee39bc-FRA
content-length: 9038

GET
H2 200 new.png
www.vestniktm.com/images/img/ 731 B
1 KB 62ms
48ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vestniktm.com/images/img/new.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d195f135db03992e9fedc1809a812effe9d906ec86098379d1f64491995a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: MISS
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2db-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A15Xsv%2F1ob%2B26myuRr6lhj5WIakhqg1dBrgfgf%2FxR6hKsA2TmEXBfHGJ7Ahf3KnWzwmoZmHGYAtlq8BCH04qgfYzrKkzH8JCQPKDPQEDW7cnDee0UdEPQwCyBbjoZJc4LX15rsh7CNX2Nf1z3r9G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781e80539bc-FRA
content-length: 731

GET
H2 200 ico_note.png
www.vestniktm.com/images/img/ 957 B
1 KB 55ms
41ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vestniktm.com/images/img/ico_note.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662c1cd9a9c7c397b6c65f272844156b6d9af4ad5c8a5370c16dc6fcb47091d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: MISS
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3bd-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DirKMxuHZtLotGsQU9NUc7ViKEZsJoFDxHBk%2FmvmpFTSiD8oR1YEIbXaVhOmyh6lkWzrBTOoniJWDW4%2FSQKEqUBJabzvwTWWwFF4zduj2Lc5RoeEUMFbvfDAvT%2F74LgDf0mELjF9RwgH9ownZpT3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781e80439bc-FRA
content-length: 957

GET
H2 200 jquery.treeview.css
vestniktm.com/js/ 1 KB
733 B 41ms
41ms Stylesheet
text/css 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/js/jquery.treeview.css

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892ad34a06b9be96e243fa6fd03ba3887a3d39bf6f4c878741c9c45a5a0337ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 10 Sep 2012 03:34:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"45d-4c950a2382dc0-gzip"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXYssrpGWtkTgSjAQHGc0uMYcS%2BMHxOJnK5080PnQirhK4Vx6j2LGl16W%2F6Grki9Jb2Pa7g2H%2F8Dzi%2B5A3BGzZv6IHfEnVnwmxrKQILSBQ72CVw7EK%2BwpGQ7k1X7zl7oILI52REZMa547AE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79b88781cfb139bc-FRA

GET
H2 200 email-decode.min.js Show response
vestniktm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 13ms
8ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2023 14:31:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63ececa5-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb%2FjB8cJDMOfEsTXiCi7bexmjz0t0AEk9SXSkP0T5N90pLEKWvqjDFYpiZg5OD2cpEZ9ZpshtMIixve8Uk2kHJPm8HId1EwsLYKgENHD3dij5SJ711NvCFIvRYpkwb5L%2FJNij7cHVm5gS%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 79b88781dfd739bc-FRA
expires: Mon, 20 Feb 2023 17:37:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 112ms
74ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

089d822746dbebe46a204d5cfc48a5a86d135ed0e451949bbb2dfb4b283a63a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49382
x-xss-protection: 0
server: cafe
etag: 7423865322332538262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:12 GMT

GET
H2 200 viewer.js Show response
vestniktm.com/images/ 5 KB
2 KB 22ms
17ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/images/viewer.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d8f889ddbbf8def28d2d1356397051c3b96eea51b08f8a286e05b6088dc4114

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: W/"1250-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohGavridT4%2B7DEi7YaCbQ5ZLxuPxE4HNmqKWFKG9J501faEKxdn8zks2mgwzR2z6I%2BraRMp1PQ8qKLMgkvb0euDgP755m2etpJgt8CeG3YXbBfxiDQI0RnvpYkxurUbxZCFDrAZf9KWd%2BA0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31449600
cf-ray: 79b88781dfda39bc-FRA

GET
H2 200 gplay.png
vestniktm.com/images/ 14 KB
15 KB 27ms
24ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/gplay.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e70b00b2232fcdf50ea084d92005ea08cdffe3e4805f6692174d3916f17d703e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Sat, 06 Mar 2021 20:01:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "39c2-5bce3aa38cac0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGw0bLcK19mqwC74936%2BITZFMoSnzz9noRMPF602oCxBKmvFuHEny6s2kaKZiw3v6fsCwkFpkkNz%2BoSM%2FISsmY2dwjBOU1BrFwQnVkgPOwxhP9pr9JcZO7Lev9gmEqHwTNEMEKurGYgiiYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781eff039bc-FRA
content-length: 14786

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=1824755;t=478;l=1
https://top-fwz1.mail.ru/counter2?id=1824755;t=478;l=1

2 KB
3 KB

63ms
63ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1824755;t=478;l=1

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

8555b25c9cf12dd079b5a81e58917445ed0ba4907fe154663113904dc0b2ccab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 2474
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Sat, 18 Feb 2023 17:37:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=1824755;t=478;l=1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK counter2.0.js Show response
get.mycounter.ua/ 4 KB
4 KB 164ms
48ms Script
application/javascript 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.mycounter.ua/counter2.0.js
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: get.mycounter.ua
Software: nginx/1.14.2 /
Resource Hash: 266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:12 GMT
Last-Modified: Mon, 11 Jan 2021 22:30:07 GMT
Server: nginx/1.14.2
ETag: "5ffcd16f-e45"
Content-Type: application/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3653
Expires: Sat, 18 Feb 2023 18:37:12 GMT

GET
H2 200 acc_blue_on_white_ru.png
vestniktm.com/images/ 854 B
1 KB 30ms
28ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/acc_blue_on_white_ru.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4ba2c067449ee68cd89d090dd3176ae90de2ab061d751e123a33b27f2e0a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Thu, 13 Oct 2016 01:46:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "356-53eb548076480"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRoJmYqJoE%2BpA4dDC%2BsNjab753%2BOLWm5G%2BAe1aaOW%2FmPcVY6IrV3x08FGqbsIs3C3Tp9ukFBARjkYG6XiQNX%2Fp%2FZOByzipDX6e9KS2NPVlJC%2F8cG5yDBhRWIUGgTNZDVC3h6IwPOUWRaAp4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781eff239bc-FRA
content-length: 854

GET
H2 200 jquery.bxslider2.0.1.min.js Show response
vestniktm.com/js/ 6 KB
2 KB 43ms
39ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vestniktm.com/js/jquery.bxslider2.0.1.min.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deeb064c92bf3245869759ace5ad8e7d507215d9255df806d3744086839ae268

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 10 Sep 2012 03:34:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17e0-4c950a2382dc0"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAzcGv4AkpxoAbvHBtKUkGZ9YZeFKssuUl2Wx76rI6E4OrmIkkaawXQCg%2B5k4NR8wDi1MCax6pt97Xddlv3Vn20RLRWy4vKprhwqn1S5nWXYbYtPDbTQ0%2F6OC0yPpA5EpxbBz2kuOvyFq%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 79b88781dfdd39bc-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ 408 KB
163 KB 35ms
6ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Origin: https://vestniktm.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 17:10:47 GMT

GET
H2 200 logocurrent.png
vestniktm.com/images/img/ 3 KB
3 KB 25ms
23ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/logocurrent.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b929125ed2e979e50aea2a2c548c91c020351a7b182c7d59fd11cf73baf446f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "b2e-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4A%2FbCUzhOpz4bN24gX2syB4yayAO%2FLtPMPLczXq5DBgVZFTMCtIgoKBrewaDUodcYkgqM27%2BAHP1GN%2BrAh3GelPHj%2BVvlDizXRrDyF00JVsInY%2BHoEdDGlxnooFBPyBs4HSuijWTBkfdVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781eff539bc-FRA
content-length: 2862

GET
H2 200 currenthl.jpg
vestniktm.com/images/img/ 47 KB
47 KB 27ms
24ms Image
image/jpeg 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/currenthl.jpg

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e86f962d7a0ba3b30a60bafed7e85b073ee73e76e6e3f9bc0695cc16f01c4eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142853
content-length: 47888
cf-bgj: h2pri
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
server: cloudflare
etag: "bb10-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0K%2BSI6iqvTWGN%2BYWKi8xkr%2BLAe8cwrF9wStK2b8gAeSWiOIAPR6Vr1ScnC2em2PCF7t0qBXwoAgGMb%2F3ubV2eVgDO2wBehij%2BRSoIvr2hHV%2F%2FEf%2FsPoVqFsBlyy4JbmBIB1TSVBn0X1o2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781eff639bc-FRA

GET
H2 200 hr.png
vestniktm.com/images/img/ 197 B
495 B 27ms
25ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/hr.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abe343ada46e6d651a7fd42cdbb624ba584e73aaaa3fb00d0e5388236061d0cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "c5-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Jnlyp8z%2BH8BfmTG1Px0Di9nBweiCAUGuhYHYOzRBf6sPy7wBRXX2ynQWrGvIqbs5kkdxbcclsE9dZ%2FpBYOVOysVAmaOrV1c1x77kPnc18yCAXJRIlpIH2fKqYaIdxTe7gr1rrTRGIxcMIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781eff939bc-FRA
content-length: 197

GET
H2 200 cp_l.png
vestniktm.com/images/img/ 1 KB
2 KB 29ms
27ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/cp_l.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3f845846773de180c3a33e31fae64573b35a74264fd2c6f80d86b1e170f97e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "4e9-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH1tcizoCf2K0yKr7PoDYI3Dajqxm3GNUBU7LURX8Za89Tp0jR6KgJdZi1MvZO6QJoaLSv0pYgNrMQnOAUfJHKJCkS%2F%2BH1qLQUw%2BBDx%2BKULkyrU6fX6IfdYU%2F5LmJ61sIQYSy5svp6av7EI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781effb39bc-FRA
content-length: 1257

GET
H2 200 cp_r.png
vestniktm.com/images/img/ 203 B
521 B 30ms
28ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/cp_r.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7b1e7db9c320a44acc0fd06a61fc605203a5370bedb2c552f84fae2cafe37d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:11 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142853
etag: "cb-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ey7L2kGA0jiWFi77JPeGbz9s68nhAG8qEGcN8Agu975eYvIPmNoI1M8JudxfDKIRxFctkaoKNKibppfMkZdSmYcp82J1KtJzTkcYdqdNSuPeGayLGWH0Zzd1OgT3eV%2Fg51a%2BmHWjHOoqkPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88781effc39bc-FRA
content-length: 203

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
57 KB 203ms
64ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-e351"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58193
expires: Sat, 18 Feb 2023 18:37:12 GMT

GET
H2 200 panel_input.png
vestniktm.com/images/img/ 630 B
947 B 17ms
16ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/panel_input.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

373c257c2f0ae224881b4ece1bb8f53b68c5181f1d8ec34c8a76e37cd5b3094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142852
etag: "276-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjQprlTUQx8vh%2BVOYZP%2BT61%2Bjba55TNWxI2NLFnuP9vaR1RcncIXq3MW9YiJcv2%2BPlXQENCIREOmML3dYK7ieiW7vYJo15WBvD%2FcQavg6R%2Ff3yKzFUYvbprrLH77xtA43Wmu951F3xV28%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a0839bc-FRA
content-length: 630

GET
H2 200 panel_but.png
vestniktm.com/images/img/ 888 B
1 KB 18ms
16ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/panel_but.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911ae660cbecf39685426131e9dfc9333aba3f99495bab8523f1b51c4914489d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142852
etag: "378-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vyl2nzRITN40e%2FHtYDvZG2Jd0JaBF8wdkb%2F6e5B8SK9%2BB8x6THwpK8pdccWOS1HEI8xRJr2S9MEqEMRj6uj0te4YHNvsOcDsyTVMF4ZFlkQZY0pZmFiK840fOVzewp41WOPReLzClGDgE84%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a0c39bc-FRA
content-length: 888

GET
H2 200 hm_l.png
vestniktm.com/images/img/ 2 KB
2 KB 24ms
22ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/hm_l.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

665904d832044f650165ba56c0af88fa0619ef2bdbf4e3442bb256f778e37b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "79f-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTgPw%2FbG2mzhH3uSE5xUlnnIvzVYPfy3B8G%2FPnnwWt3BoHEUyKSxJph9sLxThs81c4JhHPQ6MPT1h%2F1IP%2BSugbmuLnNjBw4F8ydeah5JNU3JQhiXrTkQpRL7CfOJoLIpWViixyUu%2FN5BDSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1039bc-FRA
content-length: 1951

GET
H2 200 hm_r.png
vestniktm.com/images/img/ 184 B
490 B 22ms
21ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/hm_r.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78237e38453b8b7243a39d27cabc0fe8916faccd81289855a31bc250a5e14ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "b8-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CxUkXCHtvZRZdS%2FSOZUXLh8uufLZ8haSnrvDwja%2FEInX5Qr%2FrClnyGza%2FQRdapDzqWbsg%2FJ94UqxGXn2GaJegm46CguYPnUYRfTeqUI8UN9iSNvc74kI6fruJFyyHqhVfIzAM8k%2FmMW7XeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1139bc-FRA
content-length: 184

GET
H2 200 search_l.png
vestniktm.com/images/img/ 522 B
820 B 24ms
23ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/search_l.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2f11e9de385d2360defba8f03594994c1abcd3205cf09d47f07b13c81ba0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142852
etag: "20a-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPUZcOeCdiTBlSRFnv6R3oG6mmFfIYl56JC6nWGwYPXOO9%2BpxKC0VY9oMCBPoK5XqMUxbIVeEx761dke7czMlcDAbF8QB947akUDRkkSj0CIojdoks3aeQwK9PFev3pSYdVXEj9GC8UqGjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1239bc-FRA
content-length: 522

GET
H2 200 search_bg.png
vestniktm.com/images/img/ 164 B
476 B 28ms
27ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/search_bg.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d4ef01a48c9e33bcd2139a5c2f061d1789cc7e68cd6e3b103fd4e78703f2f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "a4-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBnn6eSW5jWtshSnW5q8jxgf5luMZe18Gb8slJr7NOlSrgYZRvqaZIOHWBvieJCHzi2HJCTLReRvHtJZ1lvIuRh8IPlQA7kb3d7Wg21ubUMbY4IQoG%2Fyc7Pd9CmqyIyJD69gRzdXjpTKFNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1539bc-FRA
content-length: 164

GET
H2 200 search_but.png
vestniktm.com/images/img/ 1 KB
2 KB 21ms
20ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/search_but.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a80ccb21601afb79f056eb4186e12066b1581b7795550bfd06f302779388a164

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "50e-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4My7Gk%2BX6svOqZSFyGCH0uYtsFBOeIoCF8rSB06ZcYe7WM2bs0azR7fr7fIFCcAe9aR8WuGH6HsradO%2F5N6dDfxFqU3rApP1D1kDBaPtKYJdtLwLGHL421Y5WbYdaBe1iQ%2BNAqzJOvngMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1639bc-FRA
content-length: 1294

GET
H2 200 content_bg.png
vestniktm.com/images/img/ 224 B
555 B 20ms
19ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/content_bg.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aac75473da4e569378d4e1ceeafcdd5ee5f6b6b563b9828504f60a136b42689

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "e0-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43jSMIzXIRUa8Uk33QXNfkWjQxRjyHml7AGcbhvZN2SdsjVqSYdjAKW%2BK5%2BCNFt%2BygAmmcLY3fMSISgsK2W7p315JJEocS3YW7uyTk%2Be5dRuOVAyU%2BRP7rULs56jBKt6YBNGLKKw5c0hj3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1739bc-FRA
content-length: 224

GET
H2 200 content_l.png
vestniktm.com/images/img/ 325 B
628 B 22ms
21ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/content_l.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dfeecc7eba30dd6c9787a66b5518d904fa0721066b700c0eef8c10fc9b9615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "145-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwhyzOqvqZpKQgy7PXbDswlfjXNtCb0WSE8gXoPncJa98vW0Vr15KacO8GKHAu68alsHR%2FHI%2BCEIwr19NoqOM1HRpsAtETVma79W5EMJUP04q4sZh0iycBoYRqwIeQXtp0E9W41MF8h4xHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887838a1839bc-FRA
content-length: 325

GET
H2 200 load.gif
vestniktm.com/images/ 2 KB
2 KB 23ms
23ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/load.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07ff506a54b012e06cddbf702f1c594b36ce8ba91806c7bf3dcc821768a83c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142852
etag: "66c-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS5zyEz6KIUgeSCfXKphFg2HyVjZ5rO0YrC%2Fo3RJpO51XdrgQ6aJpiHhauehXy36jy8ZhBFdoIMF8LzKNdgAkX7MpH1KG2ZJHjPCKSHjIpuUuQXYwTtxHAhdzJARIch6Sr6toiRtITE2qg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b887839a3139bc-FRA
content-length: 1644

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
14 KB 127ms
127ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"63beb9d2-85cc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 18 Feb 2023 18:37:12 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 102 KB
32 KB 229ms
106ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 90754a2ff856b3a9c5ed450065523fb1cd2f60d1b10c517dab5f3f66dfcd60f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Feb 2023 14:29:34 GMT
server: nginx/1.19.4
x-amz-request-id: tx00000000000022a32d27e-0063f10b6d-f85be6-default
etag: W/"6c26fdf5ff0049c6c1ca92f1aa77c18b"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=3600
expires: Sat, 18 Feb 2023 18:37:12 GMT

GET
H/1.1 200
OK counter.php
get.mycounter.ua/ 869 B
1 KB 53ms
53ms Image
image/png 62.149.0.249
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.mycounter.ua/counter.php?id=46434&w=https%3A//vestniktm.com/&s=1600x1200x24&c=1&j=5
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.149.0.249 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: get.mycounter.ua
Software: MyCounter TCP Server v.2.0.0 /
Resource Hash: 3bc018b8c370250f11f1d5393a7b42c6bdd60dc170584a7cb51e848d8d0bd642

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:37:12 GMT
Server: MyCounter TCP Server v.2.0.0
Content-Type: image/png
Cache-control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 869
Expires: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 87ms
20ms Script
text/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 16:30:17 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 18 Feb 2023 18:30:17 GMT

GET
H2 200 left_t.png
vestniktm.com/images/img/ 1012 B
1 KB 19ms
18ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/left_t.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20c297fad2fdb1fac5f6cc54e6af7ba4f02d80812af97511fb5324a56c08dbde

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "3f4-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XdF3q8vJvjm5YUFwbO5q6gPcvniqeHeTHMOpPUY9q87iaxFIGkMLY%2B%2FtshhqODIwxms7xGGbKBfPDAc9hYuZUdx6fd7ANwJk74186FgJ3Z64tNwXsAdmCn%2BtDjZlyKihNLx2%2BBdYduX3CE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ba6039bc-FRA
content-length: 1012

GET
H2 200 gray_arr.png
vestniktm.com/images/ 227 B
546 B 18ms
17ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/gray_arr.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c04727198a457b5cf957aef172110465113c26e2909d0d84554057f6eb2a0f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "e3-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIxYaOs4t3ejehiCUV0yOjziCEnZ77yNkMdDKuB9EseMNLtGL0zLe7cea7xHiEIaqjQLfl%2FdAAJ2jkR%2FBPqwJBxHd643dIorUdjOUZOQZ%2FRQp1fltAyP87FcHadIb5QatNiAGticoHF9eeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ba6139bc-FRA
content-length: 227

GET
H2 200 vip_bg.png
vestniktm.com/images/img/ 946 B
1 KB 19ms
18ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/vip_bg.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a0f7e62da77c0d25678b30dc016fec773b0dba84a9006b2dd1757e3a5d6be2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "3b2-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGmG8Z0KOcSA497YLizUf%2BMYcC1Cl3zy6COWePUsg8arQVxLRzYgjw%2B5vrEUDwePWPZJtEkGmdZn9%2Fci%2F%2BBnOQRvwTiv4dQ%2BftYGJCn43kEauXpe1RjlJjlk82An5oes7%2FHT06g%2B4yUPvJA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ba6239bc-FRA
content-length: 946

GET
H2 200 right.png
vestniktm.com/images/img/ 2 KB
2 KB 23ms
22ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/right.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffcf88c170b730a249c201dc597d5d291578ad946c4a3ab7ae17ce1c2a91b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "86f-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8f3%2FJp14yLbS8fBsWKbdiGyLSxrC2dCkQknNmITwH6UIF%2FhOMUK5FsD1PU1%2Fje3Yjfzrfo4VJWJddLNfugAPSynIjXz%2B5deXgpmQNiYm5D2voB2afFJFRvXI4Z5vaETk%2FYLP%2BZdE4C8v%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ba6539bc-FRA
content-length: 2159

GET
H2 200 tc.png
vestniktm.com/images/img/ 818 B
1 KB 19ms
19ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/tc.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe43cf2b1aa853c2580fa32ab45de072d7484f4ee6a459373f81be7d72c447f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142851
etag: "332-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZxDcqpUEmEjWIabS%2BM%2FMX2x6%2Fzq61b1YF%2Bs5trESMlvoajsFrffXxW4ieBbHVDik4uC3H1siBBXKoJBPPPievOII21XZ0fkaY3AyPSqGHpjAYELLfp3UQYubvQy0tmjBvAkTgJJBLMkl7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ba6639bc-FRA
content-length: 818

GET
H2 200 pon.gif
vestniktm.com/images/ 274 B
594 B 18ms
17ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/pon.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f338ad7d82870c0cdf7fd3626704acbd512300a28963fc511ad819ec15f0cd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "112-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U21KGV32bDyh%2Bx%2F3JGxLD2igaZ14XXpK1uoCTvV0oPYdop9YCrOiPGLA0fH%2Fjm7Inlju1rWyZBflDdiDuIiwtcZ5H4kII%2FGXhd5K10EtPcuHNgSZK552nJii3Pcgh%2FB7mJXTcn1J3trlahM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca6e39bc-FRA
content-length: 274

GET
H2 200 poff.gif
vestniktm.com/images/ 671 B
1 KB 20ms
20ms Image
image/gif 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/poff.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

168c194e89e771c59f29a2705c8c87a13e95c12e3f12970c17a420fb4fd3d894

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "29f-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlxF9K%2F%2BDi8HwR%2FJoan9lro6uCpx7TrLldTXmmsLIt39QZ%2FVDKP2hSL6vI9Pru%2Bo4Uo8szHmpLIDLT1fEditXE2fOVhpV96dg8zqv59oyLr1QVKlFCu8lUk9STc%2FMB6eMe0%2BrOAmsvu1gVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca7039bc-FRA
content-length: 671

GET
H2 200 content_r.png
vestniktm.com/images/img/ 343 B
687 B 21ms
21ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/content_r.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/images/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb6b60fb44ffe5c3c4ad5af315c22c5653c7971f398c8bd431571cd804bab17f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/images/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "157-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Se8z0uNtW4goyi6wMhYnPVIjqzgh4NtUb506QsRs16By0YAQSSXAow4Ue6f9K7H2IexulPFrXJsO3qUIZNzao%2ByCYXj0tIOnhf%2FEdVOzL8xfbrOS7uRj%2Fkzg4nDWZ5TioDr7OYMSflbOAdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca7339bc-FRA
content-length: 343

GET
H2 200 foot_bg.png
vestniktm.com/images/img/ 193 B
509 B 18ms
18ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/foot_bg.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6718f319ad3e636fb38c2b8040212d501f67bdacd6b46d953cd3f0b328c97e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "c1-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mD29rQ6D6dgPhqiRu2t6TBs51p9cSGdPnvmVpN5LZhN%2FrI1X%2FHjP67d2FP9tZiX0mINfxTSGkIiA5%2FV0alK5bQwQCwAVDpI%2Fkr4aIB2upbMFuzAFpsohXcZgC6Zv2Mw1HJkvEpzqRSjQDXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca7539bc-FRA
content-length: 193

GET
H2 200 foot_l.png
vestniktm.com/images/img/ 264 B
588 B 19ms
19ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/foot_l.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a60fb8db0cc05f6cc3c18309751aaa4ab92d3352c284dd256a906c8fba86691

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "108-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dT1dV2wUKNA%2FrJoU8DGzzf9CY1g0YnVltpdD6gq6txUEwalTvGWGr%2BKPaIenFDPzkVVg%2F9Hhk9ksJCdNrSlVR0Ge35tx5ZKEPLF65WtP%2FI3kmm8V5fULId2v5K4Id7roERPOFSSFFulshso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca7839bc-FRA
content-length: 264

GET
H2 200 foot_r.png
vestniktm.com/images/img/ 277 B
587 B 24ms
23ms Image
image/png 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vestniktm.com/images/img/foot_r.png

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5984988111b47fc011eeba36eb344ddba5cffd8bebcb0d07f395b3a4d61e6a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
last-modified: Mon, 10 Sep 2012 03:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 142850
etag: "115-4c950a44e3c80"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0Yay7Yzovjw17Xr%2FRlr62zF1y8LFOYKRJYJQ%2FyQoptSbUrYEaG3lr2%2FEu9DWElemv4RDJjJRqsNwwnoeWs5Q8SGDA%2FPO24cbNRxapFcN18QehSTWAWilXn26%2BG1XfTrX%2FZ7VxhF6sxdZu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31449600
accept-ranges: bytes
cf-ray: 79b88783ca7a39bc-FRA
content-length: 277

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 366 KB
120 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2294972686532926&plah=vestniktm.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27a4c378768bd08f78c63ff76b9f467301182ef9145136aaef7f0e0157963468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122949
x-xss-protection: 0
server: cafe
etag: 12223999103632100241
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 18 Feb 2023 17:37:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/ Frame F81E 10 KB
5 KB 152ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230215/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49078
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 03:59:14 GMT
etag: 10353107486223812946
expires: Sat, 04 Mar 2023 03:59:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 invisible.js Show response
vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 7E55 37 KB
16 KB 11ms
11ms Script
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676736000
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0206d8d24491d6a3a73816f035dfbb70bf0389d0654072d7ac6f47bacd90084b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LBIon2aOXJc3caA1BhPv3miRIGJsTT1P8YEpMXjgYVdxW%2FbSTHzkX6RZtiLQABWbFax40Ed5pPOWRNKb8CmzUl4UsTbp5Hjn4nhAJHGk6o740YOWyxchw%2FRQTzv9WTy2CQ1qQIBJ6uqhu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79b887848b7639bc-FRA

GET
H/1.1 200
OK stats.html Show response
ulogin.ru/ Frame C2F2 3 KB
1 KB 53ms
53ms Document
text/html 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/stats.html?r=85652&type=small&xdm_e=https%3A%2F%2Fvestniktm.com&xdm_c=default5915&xdm_p=1
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: 0d35a0dfc59effaee55acbe08ff749792d5c5dee22ac7969a297bdbd3fc5b00b

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 18 Feb 2023 17:37:15 GMT
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK providers-16-classic.png
ulogin.ru/version/3.0/img/ 17 KB
18 KB 54ms
54ms Image
image/png 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ulogin.ru/version/3.0/img/providers-16-classic.png?version=img.3.0.2
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: 833c1f483fd63eed0831016fc3db8a707ae198034005cce39af111f536fc6fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:15 GMT
Last-Modified: Tue, 10 Aug 2021 18:31:03 GMT
Server: nginx
ETag: "6112c5e7-451b"
Content-Type: image/png
Cache-Control: max-age=259200, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17691
Expires: Tue, 21 Feb 2023 17:37:15 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
875 B 64ms
63ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=1824755;u=https%3A//vestniktm.com/;st=1676741832398;title=VestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=28c3ceae2b77e947;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.2//4g/0/0/;lvid=1676741832421%3A1676741832436%3A1%3A58bb77a13386a77af7b80cd13ab9f985;visible=true;_=0.08982324933473795

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 41ms
41ms Image
image/gif 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=876380123&utmhn=vestniktm.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=VestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&utmhid=1512757470&utmr=-&utmp=%2F&utmht=1676741832450&utmac=UA-6159098-2&utmcc=__utma%3D193807658.1061691578.1676741832.1676741832.1676741832.1%3B%2B__utmz%3D193807658.1676741832.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=952910708&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userip Show response
kraken.rambler.ru/ 13 B
418 B 174ms
53ms XHR
text/plain 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 74a938af292eea9c1a39a496c6e33b434265104b26be2214315866bd6abeecd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://vestniktm.com
date: Sat, 18 Feb 2023 17:37:12 GMT
content-type: application/octet-stream, text/plain
server: nginx/1.19.4
x-srv: 1kraken-prod0002.ad.rambler.tech
content-length: 13
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 usability.js Show response
st.top100.ru/top100/3.13.8/ 14 KB
4 KB 54ms
53ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/3.13.8/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 05731bf462ccb356ee8113606a1960be12dae10bd1c7001da61e6f0f92fded62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
last-modified: Wed, 08 Feb 2023 14:29:34 GMT
server: nginx/1.19.4
x-amz-request-id: tx00000000000022a32d284-0063f10b6d-f85be6-default
etag: W/"99710dbdb5ab5abc8052ba277efd0249"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pica.js
vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 7E55 22 KB
9 KB 12ms
11ms Other
application/javascript 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1d808c178e1de63d9c86ab5276c40d938c76889ad5e67dc39c44589666d5200

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ja43YXlec1eZSzUn6%2BXBO8heMX3eGhhMAJZUUEPLJOIdLXwQPriq6kR5lpOjP0l5PeIaUQTjSBWmv6mcQsIdFDG7EXSySpC%2FTZcz152rLjsZtwmt%2Bvq%2FbhKCohtlnorWGe%2BPV%2F4aa2ikPso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79b887855ca439bc-FRA

GET
H/1.1 200
OK easyXDM.min.js Show response
ulogin.ru/js/ Frame C2F2 19 KB
7 KB 53ms
53ms Script
application/x-javascript 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/stats.html?r=85652&type=small&xdm_e=https%3A%2F%2Fvestniktm.com&xdm_c=default5915&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: d00c673032c1444178a7cebc6cf988440d2e1ead769aea9470806bba9beab8a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulogin.ru/stats.html?r=85652&type=small&xdm_e=https%3A%2F%2Fvestniktm.com&xdm_c=default5915&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Server: nginx
ETag: "57582f33-1b44"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200, public
Connection: keep-alive
Content-Length: 6980
Expires: Tue, 21 Feb 2023 17:37:15 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9918.loGd51ogxZkbZusqmtL0LvI-CJtrP245YXxVFuh3Iomrmuj9yCpVziSQ0llTAcrb.EW1VqmDJLeijfMZz9gueEsPxFS0%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9918.lpoeWk9rUZsekozf9GHflWE_TI-TPP5yAEMuxFGpo96Kw3JI0P9Sb5jCIiM-QjYlteltWL686tQ3AidygVlgpCgtQ140cUNfHSWUyaOfPBk%2C.tT-bHsa6fd__GBBKTGVyMwD1EdE%2C

43 B
67 B

70ms
69ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9918.lpoeWk9rUZsekozf9GHflWE_TI-TPP5yAEMuxFGpo96Kw3JI0P9Sb5jCIiM-QjYlteltWL686tQ3AidygVlgpCgtQ140cUNfHSWUyaOfPBk%2C.tT-bHsa6fd__GBBKTGVyMwD1EdE%2C

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9918.lpoeWk9rUZsekozf9GHflWE_TI-TPP5yAEMuxFGpo96Kw3JI0P9Sb5jCIiM-QjYlteltWL686tQ3AidygVlgpCgtQ140cUNfHSWUyaOfPBk%2C.tT-bHsa6fd__GBBKTGVyMwD1EdE%2C
date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
602 B 37ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vestniktm.com&callback=_gfp_s_&client=ca-pub-2294972686532926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2294972686532926&plah=vestniktm.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98ccdce85ef378977b5f656d98be402c378e22fd10192125ea53fa3969bec043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 52ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vestniktm.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 63ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vestniktm.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2A8 23 KB
10 KB 542ms
542ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=250&slotname=8297280443&adk=3234973959&adf=2451493717&pi=t.ma~as.8297280443&w=300&lmt=1676741832&format=300x250&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832354&bpp=4&bdt=451&idt=272&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2351047257976&frm=20&pv=2&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=okFrnaeHjN&p=https%3A//vestniktm.com&dtd=292

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5d04be0ad6e148b6006c37f0c33e2917afaa5cc416c817b6c7eb9b112206ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10469
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:13 GMT
expires: Sat, 18 Feb 2023 17:37:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 63ms
63ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 08 Feb 2023 12:45:24 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "63e36f34-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 18 Feb 2023 18:37:12 GMT

POST
H2 200 79b887810ec539bc Show response
vestniktm.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7E55 2 B
555 B 35ms
35ms XHR
text/plain 2606:4700:20::ac43:4935
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vestniktm.com/cdn-cgi/challenge-platform/h/g/cv/result/79b887810ec539bc
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1676736000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4935 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Feb 2023 17:37:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79b887874f8739bc-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f89TWcJQzneByAgPqEcR4olcI6fO3X45l8yqrbGrZqAY6m1uN1J%2F%2FHHtN7%2F%2Fese7UWecLSof%2FCD75fJ%2BqzlAyPiZxqmT80dfClP0pOdNuKIQGbUYoKSeK4Ikp%2BKDFZ13ur23kWvROX1PqNA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4E79 91 KB
32 KB 920ms
919ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=600&slotname=1967854049&adk=896027389&adf=734042238&pi=t.ma~as.1967854049&w=300&lmt=1676741832&format=300x600&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832358&bpp=1&bdt=454&idt=483&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Ovblski7sK&p=https%3A//vestniktm.com&dtd=487

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ad7d5da5fb4373fc387814bd832e9cdaccfe879395c74044b089adc92853aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32833
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:13 GMT
expires: Sat, 18 Feb 2023 17:37:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B735 0
19 B 30ms
30ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&adk=1812271804&adf=3025194257&lmt=1676741832&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_r&format=0x0&url=https%3A%2F%2Fvestniktm.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832401&bpp=2&bdt=498&idt=455&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x600&nras=1&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=483

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:12 GMT
expires: Sat, 18 Feb 2023 17:37:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
587 B 162ms
54ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.13.8&pid=6393036&tid=t1.6393036.1663125413.1676741832502&rid=1676741832.501-1764525003&fid=pA8AAENKs1ckyC9VAUvVjAA%3D&fip=pA8AAENKs1dYVPVNAehNQgA%3D&eid=476918328977219&aduid=a2ae6efb-665a-4de0-bded-8d62e4284379&aduidsc=vestniktm.com&stid=2056643133_1676741832503&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=VestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Fvestniktm.com%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1367451000
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:13 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 1kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/ Frame C2F2
Redirect Chain

https://counter.yadro.ru/hit?t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault59...
https://counter.yadro.ru/hit?q;t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault...

111 B
597 B

54ms
54ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault5915%26xdm_p%3D1;0.7199303735362559

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ulogin.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 17:37:13 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 111
Expires: Thu, 17 Feb 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 17:37:13 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t26.6;rhttps%3A//vestniktm.com/;s1600*1200*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D85652%26type%3Dsmall%26xdm_e%3Dhttps%253A%252F%252Fvestniktm.com%26xdm_c%3Ddefault5915%26xdm_p%3D1;0.7199303735362559
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Thu, 17 Feb 2022 21:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/82412725/
Redirect Chain

https://mc.yandex.com/watch/82412725?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av...
https://mc.yandex.com/watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3...

435 B
738 B

72ms
71ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159889566571%3Ahid%3A1067611820%3Az%3A0%3Ai%3A20230218173712%3Aet%3A1676741833%3Ac%3A1%3Arn%3A408420247%3Arqn%3A1%3Au%3A167674183373763528%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C17%2C57%2C5%2C51%2C0%2C%2C493%2C5%2C%2C%2C%2C624%3Aco%3A0%3Acpf%3A1%3Ans%3A1676741831774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676741833%3At%3AVestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c6f9c1bdb69334d311b2b92579b148dcae9d46707fd6fad025bf3b9049df9229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 18-Feb-2023 17:37:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://vestniktm.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sat, 18-Feb-2023 17:37:13 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:13 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 18-Feb-2023 17:37:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fvestniktm.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A207%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1159889566571%3Ahid%3A1067611820%3Az%3A0%3Ai%3A20230218173712%3Aet%3A1676741833%3Ac%3A1%3Arn%3A408420247%3Arqn%3A1%3Au%3A167674183373763528%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C17%2C57%2C5%2C51%2C0%2C%2C493%2C5%2C%2C%2C%2C624%3Aco%3A0%3Acpf%3A1%3Ans%3A1676741831774%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1676741833%3At%3AVestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://vestniktm.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 18-Feb-2023 17:37:13 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
487 B 56ms
55ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6393036&session_id=2056643133_1676741832503&session_number=1&session_event_number=1&version=3.13.8&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6393036.1663125413.1676741832502&adtech_uid=a2ae6efb-665a-4de0-bded-8d62e4284379&adtech_uid_scope=vestniktm.com&fingerprint=pA8AAENKs1ckyC9VAUvVjAA%3D&fingerprint_ip=pA8AAENKs1dYVPVNAehNQgA%3D&url=https%3A%2F%2Fvestniktm.com%2F&request_id=1676741832.501-1764525003&event_id=476918328977219&meta=%7B%22title%22%3A%22VestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=633096536
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 17:37:13 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 1kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9918.h3EsGnsFPTXtBF7FCPbJlk21R3tnHe-RhhP67Ecdfs9svBA14_aC5VHfRxT-MxTa.yVzcmzidTKPrD5vnLacOmNqQ6WY%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9918.EPkym7QKJVnbmhBKpQwLb0MJkYzuJdBc3smltM17Av0yko0hPVIZ9u3myhhpob6OvL2HC8R6PycsG5AamB5ByMz4cgR_6YQ4aS8sMwVWq50%2C.xD2RCuCMtiiyn4oMbx...

43 B
79 B

65ms
64ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9918.EPkym7QKJVnbmhBKpQwLb0MJkYzuJdBc3smltM17Av0yko0hPVIZ9u3myhhpob6OvL2HC8R6PycsG5AamB5ByMz4cgR_6YQ4aS8sMwVWq50%2C.xD2RCuCMtiiyn4oMbxXYMJ2pxXA%2C

Requested by

Host: vestniktm.com
URL: https://vestniktm.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:13 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9918.EPkym7QKJVnbmhBKpQwLb0MJkYzuJdBc3smltM17Av0yko0hPVIZ9u3myhhpob6OvL2HC8R6PycsG5AamB5ByMz4cgR_6YQ4aS8sMwVWq50%2C.xD2RCuCMtiiyn4oMbxXYMJ2pxXA%2C
date: Sat, 18 Feb 2023 17:37:13 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame D2A8 3 KB
2 KB 687ms
638ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1SalpEUTRNVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzOTE2ODI5NTU4MTA2Njc2MjkvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SG9oVGFUT3VDd2xrd0txdDZYcXhMSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzkxNjgyOTU1ODEwNjY3NjI5L2hrZy8wLzE4Ni83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3Njc0MTgzMi8xNjc2NzY1ODMyLzQvcHViLTIyOTQ5NzI2ODY1MzI5MjYv/A5Djy0FR7Ebl1bmaX61mRwFYqS4&nodeid=4123&group=hkg&auctionid=6391682955810667629&pbs_auctionid=6391682955810667629&shardkey=6391682955810667629&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.183&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%26client%3Dca-pub-2294972686532926%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=250&slotname=8297280443&adk=3234973959&adf=2451493717&pi=t.ma~as.8297280443&w=300&lmt=1676741832&format=300x250&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832354&bpp=4&bdt=451&idt=272&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2351047257976&frm=20&pv=2&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=okFrnaeHjN&p=https%3A//vestniktm.com&dtd=292
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: ad116c0e5469654c875d2a7b9819fc543c6083497a502637abaa1d2f45020f60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:13 GMT
x-mm-nodeid: 4123
Content-Encoding: gzip
x-mm-bid-request-time: 1676741832
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Sat, 18 Feb 2023 17:37:12 GMT
Server: MMBD/3.380.1
x-mm-latency: 620 (85)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x83, hkg-bidder-x133
x-mm-lag: 1
Expires: Sat, 18 Feb 2023 17:37:12 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame D2A8 3 KB
1 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=250&slotname=8297280443&adk=3234973959&adf=2451493717&pi=t.ma~as.8297280443&w=300&lmt=1676741832&format=300x250&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832354&bpp=4&bdt=451&idt=272&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2351047257976&frm=20&pv=2&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=okFrnaeHjN&p=https%3A//vestniktm.com&dtd=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame D2A8 20 KB
8 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2A8 156 KB
48 KB 73ms
34ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D2A8 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ClXVNyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS8AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJv-S9qL74uF93CVcqhVhH0R2LQHbyflClBm5Xx20yyhenYKvjNCRgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTIyOTQ5NzI2ODY1MzI5MjYYAA&sigh=F5aEV5wCJeI&uach_m=[UACH]&cid=CAQSGwDUE5ymOCdts6uUf16yFK1J15U_yFIUFur64RgB&tpd=AGWhJmtMwPanA0J5TcqkKkm1jCu3u66a73evjRcDHA4ZzDoHMnOeVLMzUJQTFeN6gz2jnxRyuNKxSKq3czDxTx6MvaLz-9xGnagMDBh7f3fIJmisuXXrpIqCsIECaZg23Gm7OjPZFPHOi7PVX_EBr-2TUln5SiEJD7txeR0ZeAOOiauxrpKwprIS9kkVl-xnlgQHV3XBRORHgUKc26cQSpVuN3Uj6BzcmkniBNytuPAI9_Q91NPBZQ6gg-H3IVf1VUoo8GtFeBZPMZXcEwDk_UalfTNvM_ShWUcLVnIO12rlBQSQ0ByRdBRpvy2ftJ99xiHHDSndATXOxVgBM0hfgG41KXUCHlpklnkIfnA8npFuwFqMjlZw30ClDWCDURGVay6RHcP-6d4jFnZ4IAm1_MG7x4V08xUYf6UJQPUTrHZ0IDlvoGk1DcV6MKJaY-sfH2zsd8gxjmIGPozXLOj1cGTM52yXJ-cfClccK1-PCSuZ2qYEaQflwWaHNgLz5rOyjFgY2R-8DSuaq6Ec0cfoeyjfbOqjy7XmoeAL1zzKMZ7WMCiXluNuaX10XUQhDqOsjXm1zNg5y4pDy3n7kIo1CjRjNleN2FTm1r1hIbWuVu6L1Twz45Z1yR1AOPSdGW9FLNDixCg7O9UbsX-1OMWHtX-k84LlIJYsZrRGqVbJiM8Wflc7a0fS7WH32A3fGAWW9HYh0-etEG7hcCJx9ZekaYxxAxYMxeSQJNmU_QHftvNALKoz9is7JYQeS11OaX60amjVbV_Q-hnskB3tkH2EO5EHn_3xTheoCrzE2euh0GBPXb4vqW6B0g3Gprh7Xt2ZrJ1O6cO5XSO42-RreBSD8veC5w-mlZDd4xE2wn9HoZg-rX0dKZSfNtsh2A4TzMtEqtWZFopaFBMlCcRVWQMnj0MNuLay0YCEQ6-otV2gZe0LmW-hI0_cx02UTqNIvI5z674GMQRc_tM4_qNK_eEuFB8vHEZWmOfDy3HGn4SoeHz4hFhFfouSCSQ3J2eODiQZ8353KlsC2kwCyrycVssS2U8OmROaiK8rOhXabM05s6H_R5IQXbu8dPo4tgtevu7w-g7IYDov-sZRvDQxE7IVPmZ6GPCdgJKtbsQE0XAfxA3mfVyDwXsLF54

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=250&slotname=8297280443&adk=3234973959&adf=2451493717&pi=t.ma~as.8297280443&w=300&lmt=1676741832&format=300x250&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832354&bpp=4&bdt=451&idt=272&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&correlator=2351047257976&frm=20&pv=2&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=okFrnaeHjN&p=https%3A//vestniktm.com&dtd=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Feb 2023 17:37:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4E79 6 KB
1 KB 57ms
30ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=600&slotname=1967854049&adk=896027389&adf=734042238&pi=t.ma~as.1967854049&w=300&lmt=1676741832&format=300x600&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832358&bpp=1&bdt=454&idt=483&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Ovblski7sK&p=https%3A//vestniktm.com&dtd=487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Feb 2023 17:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 16:15:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 4E79 2 KB
846 B 11ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55461
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 02:12:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/ Frame 4E79 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 02:12:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 4E79 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/ Frame 4E79 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 04 Mar 2023 17:13:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E79 156 KB
48 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48814
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676465787912926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame 4E79 34 KB
14 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 09:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 May 2023 09:41:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4E79 0
0 54ms
51ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXfMLyQzxY5sMtZm9wA-L9qWYCIzwofVulfHw45ERvKXbnfc4EAEgvam4H2CV4pCCoAegAe-d_9soyAEJqQJLxF9FeRt6PqgDAcgDywSqBMsBT9Ba-tLEKA1keO5EdWOZJSCNgfVLeT4Ltbhv4P74buK1EcsFEBG1kEMjqbaUydlpNnUaAChuJrm_tgZCMreycoBLQauAnZ6ZIF8k1zaQzNQkDye2yiy4Ws7a-Cj_JDMpogljrYWnMwqpKXQQkNkDigmkDMMkdYEeKHMBot8Gr8fhzrZdphkUmawOI5-6Ianr7iV5A5iwTXSq6_CgqXFw5zfWDlvGIbrE3I_dMRuM0dCA-YCh7pa8YvAhkSuol3cmkKIvC_BCgybBtOfABITCw76iBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfdk7b-A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKPlAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yMjk0OTcyNjg2NTMyOTI2GAA&sigh=dOjsLWKXzvE&uach_m=[UACH]&cid=CAQSGwDUE5ymX3GsqhUa9biFjMP6jF5LEX8wCLuKFBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2294972686532926&output=html&h=600&slotname=1967854049&adk=896027389&adf=734042238&pi=t.ma~as.1967854049&w=300&lmt=1676741832&format=300x600&url=https%3A%2F%2Fvestniktm.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676741832358&bpp=1&bdt=454&idt=483&shv=r20230215&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=2351047257976&frm=20&pv=1&ga_vid=1061691578.1676741832&ga_sid=1676741832&ga_hid=1512757470&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C44767166%2C31072387&oid=2&pvsid=4475255852243152&tmod=124788822&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=Ovblski7sK&p=https%3A//vestniktm.com&dtd=487
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 18 Feb 2023 17:37:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/6014446980320127638/ Frame 4E79 19 KB
19 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6014446980320127638/2076313506083323656

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78cef102b3ef7dd39d0b32e86cc8798f0aa4c97528dd0f367b3646e70ad7343e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 20:10:46 GMT
x-content-type-options: nosniff
age: 249987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19553
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 15:06:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 20:10:46 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16658125144578092752/ Frame 4E79 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16658125144578092752/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9f1b48a7a7fc03b63e7e05dbfef3284eadce7131e6af91c7f444c256593e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 04:28:02 GMT
x-content-type-options: nosniff
age: 306551
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1931
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 15:06:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Feb 2024 04:28:02 GMT

GET
DATA 200
OK truncated
/ Frame 4E79 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E79 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d76d0c68560c2c6338fa36697a3d14498054fbd38c0a7fa293e49baa44705409

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E79 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 185497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E79 15 KB
16 KB 28ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:06:08 GMT
x-content-type-options: nosniff
age: 120665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Feb 2024 08:06:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4E79 15 KB
15 KB 31ms
14ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 152887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 23:09:06 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame CF39 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 17:11:09 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame D2A8 10 KB
3 KB 46ms
11ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6391682955810667629&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtemzNg_3HlJiDpLxpsCpYQ%26exch_seat%3D20035004448%26mt_aid%3D6391682955810667629%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_cid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%2526client%253Dca-pub-2294972686532926%2526adurl%253D%26redirect%3D
Requested by: Host: vestniktm.com
URL: https://vestniktm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 3f45818f9bf301eb0c51b3d7ea65dff204c50e202919c2baa7dde604f2d68f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:13 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3317
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame D2A8 49 B
331 B 600ms
565ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6391682955810667629&node_id=4123&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1SalpEUTRNVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzOTE2ODI5NTU4MTA2Njc2MjkvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SG9oVGFUT3VDd2xrd0txdDZYcXhMSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzkxNjgyOTU1ODEwNjY3NjI5L2hrZy8wLzE4Ni83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3Njc0MTgzMi8xNjc2NzY1ODMyLzQvcHViLTIyOTQ5NzI2ODY1MzI5MjYv/A5Djy0FR7Ebl1bmaX61mRwFYqS4&nodeid=4123&group=hkg&auctionid=6391682955810667629&pbs_auctionid=6391682955810667629&shardkey=6391682955810667629&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.183&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%26client%3Dca-pub-2294972686532926%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:14 GMT
Server: MMBD/3.380.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x108, hkg-bidder-x133
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame D2A8 43 B
404 B 97ms
39ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6391682955810667629&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1SalpEUTRNVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzOTE2ODI5NTU4MTA2Njc2MjkvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SG9oVGFUT3VDd2xrd0txdDZYcXhMSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzkxNjgyOTU1ODEwNjY3NjI5L2hrZy8wLzE4Ni83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3Njc0MTgzMi8xNjc2NzY1ODMyLzQvcHViLTIyOTQ5NzI2ODY1MzI5MjYv/A5Djy0FR7Ebl1bmaX61mRwFYqS4&nodeid=4123&group=hkg&auctionid=6391682955810667629&pbs_auctionid=6391682955810667629&shardkey=6391682955810667629&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.183&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%26client%3Dca-pub-2294972686532926%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 475 4bd2ccd master cdg-pixel-x10 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:14 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x10 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame D2A8 49 B
330 B 619ms
585ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6391682955810667629&st=4562306&time=1676741833&nodeid=4123
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTm1SalpEUTRNVE10TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYzOTE2ODI5NTU4MTA2Njc2MjkvNjYyMjMyNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SG9oVGFUT3VDd2xrd0txdDZYcXhMSS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MzkxNjgyOTU1ODEwNjY3NjI5L2hrZy8wLzE4Ni83Ny85OTkvMzIyLzIwMDE6YWM4OjIwOjovMC4wMDAvMTY3Njc0MTgzMi8xNjc2NzY1ODMyLzQvcHViLTIyOTQ5NzI2ODY1MzI5MjYv/A5Djy0FR7Ebl1bmaX61mRwFYqS4&nodeid=4123&group=hkg&auctionid=6391682955810667629&pbs_auctionid=6391682955810667629&shardkey=6391682955810667629&sid=4562306&cid=6622326&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=103.229.206.183&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%26client%3Dca-pub-2294972686532926%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.380.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 17:37:14 GMT
Server: MMBD/3.380.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x50, hkg-bidder-x133
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 18 Feb 2023 17:37:13 GMT

GET
H/1.1 200
OK request.php Show response
hal90007.redintelligence.net/ Frame D2A8 0
394 B 129ms
92ms Script
application/x-javascript 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=41406653e2&subid=&uid=9b3ab6eb4e361148&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtemzNg_3HlJiDpLxpsCpYQ%26exch_seat%3D20035004448%26mt_aid%3D6391682955810667629%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_cid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%2526client%253Dca-pub-2294972686532926%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2294972686532926%26output%3Dhtml%26h%3D250%26slotname%3D8297280443%26adk%3D3234973959%26adf%3D2451493717%26pi%3Dt.ma~as.8297280443%26w%3D300%26lmt%3D1676741832%26format%3D300x250%26url%3Dhttps%253A%252F%252Fvestniktm.com%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1676741832354%26bpp%3D4%26bdt%3D451%26idt%3D272%26shv%3Dr20230215%26mjsv%3Dm202302130101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2351047257976%26frm%3D20%26pv%3D2%26ga_vid%3D1061691578.1676741832%26ga_sid%3D1676741832%26ga_hid%3D1512757470%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1115%26ady%3D1633%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C44773809%252C44767166%252C31072387%26oid%3D2%26pvsid%3D4475255852243152%26tmod%3D124788822%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26btvi%3D1%26fsb%3D1%26xpc%3DokFrnaeHjN%26p%3Dhttps%253A%2F%2Fvestniktm.com%26dtd%3D292&ancestorOrigins=null&random=3569786052534&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6391682955810667629&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DtemzNg_3HlJiDpLxpsCpYQ%26exch_seat%3D20035004448%26mt_aid%3D6391682955810667629%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_cid%3D74a063f1-0cc9-4901-b663-7e0cc46d3466%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCHwvHyAzxY-T4MK2nvcAPxdex6ATPh46bXMCG2YLGAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yMjk0OTcyNjg2NTMyOTI2yAEJqAMBqgS_AU_Q0uHFdJZOtjlX3PgOpTk9SQbtgWcUwByfIsPQxgWq5ywNVkdvqJofNE8Pw7lstJ07DUHe-AMrMeeZVBmHjo0UALpPxW-vKKMTR93g4Lr4_3DjDeraeZaRZiqpRrfLIHtitthpDXRweEqADb_qYt4yQ21cTDJCLbeb6OxZBxxXVTwmPs5TK0TeZLd1WoR-WhOk3wPhJr2Q1zBXXkV6UYEUAc0hsLRrOQtnw9dadaR5H7JOajZyhSw2MNccY1jIgAa89q7N58CIjg-gBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0wJeBI1LgrJ7Zq7r3F9-LFw6pvVw%2526client%253Dca-pub-2294972686532926%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Feb 2023 17:37:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 19817700126466900951393012239007
Connection: close
Content-Length: 0
Expires: Sat, 18 Feb 2023 17:37:14 +0100

GET
DATA 200
OK truncated
/ Frame D2A8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ee891159b3eaf147012f2cd052250389f83a240dcfe9b6a55e993732d9f2c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
875 B 63ms
63ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=1824755;u=https%3A//vestniktm.com/;st=1676741832398;title=VestnikTM.com%20%D0%A0%D0%B5%D0%BA%D0%BB%D0%B0%D0%BC%D0%BD%D1%8B%D0%B9%20%D0%92%D0%B5%D1%81%D1%82%D0%BD%D0%B8%D0%BA%20%D0%A2%D1%83%D1%80%D0%BA%D0%BC%D0%B5%D0%BD%D0%B8%D1%81%D1%82%D0%B0%D0%BDa.%20%D0%A2%D0%B2%D0%BE%D0%B5%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC%20%D0%BC%D0%BE%D0%BD%D0%B8%D1%82%D0%BE%D1%80%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=28c3ceae2b77e947;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1676741831774/////51/52/52/52/70/58/70/127/131/129/624/624/629/2781/2781/;ni=9.2//4g/0/0/;lvid=1676741832421%3A1676741834568%3A2%3A58bb77a13386a77af7b80cd13ab9f985;opts=jst-ym;visible=true;_=0.35699432032997436;e=RT/load;et=1676741834567

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:14 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 67ms
53ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da47fd02bd8ef637e997619d860874bd31e1108531e78eaa9c1711c52a851959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11287
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 18 Feb 2023 17:37:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F715 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:16:57 GMT
expires: Sun, 18 Feb 2024 17:16:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92FD 783 B
915 B 17ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

941877b57ffb13cdc16ec0452dd6ec30fb0d91c41593e6b066f63872df02f9be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oPjJ0nHoyhLHkhCedMsv3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vestniktm.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-oPjJ0nHoyhLHkhCedMsv3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 17:37:14 GMT
expires: Sat, 18 Feb 2023 17:37:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame F715 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 17:11:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92FD 0
0 41ms
41ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230215&jk=4475255852243152&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F715 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kGSS_g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 17:37:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230215&jk=4475255852243152&bg=!UFOlUwfNAAZYlHKzeJQ7ADkAdvg8WoIoUKKlwH_VtfDFjeUgXp0qvN5_LUGLsEd9sHxPbvLDr5c_8yk62f9DdSDQzOfQo24Mp4wCAAAAW1IAAAABaAEHCgAHBVJFduwul5kCoCCO9AMIWAUOvWjzmOadpGeEtE-ArVrfHX3bKaVyUFopSnmwiSTr_eVOQG0iGSGWJ1rbY4ltqEGZgf-4W-idmBz-Jv6fYbZwnugE1zaSutz_m45uBHlWgBiCuitifsUFVL6egqGBnxgenap-q6NaJ4sG_HTU9WgU9BS6N1e-q2ICF3f_ExFtO8j7Xd-JsngYx5QGp3ky-aE6KnTWlWMSfc_ZPcxy1tmR33YQKQYRwhuVzMrKGl3TKsZA_jw5_GqiOpOMQRzDtoxm2RMDxdUH2HS_fPyBHcV8jlVheJmLbNzO5304e1ol1zlNACWdLybh5t3bQumKntQRjNywHMgFS7Vvzb48ULO2t18wmU_02gvwL9hDHmOUeluFVxuRbdJrjLXgu5l-plMSWzrhng3wO5ZCcTW-kyVKrPlWkcKu1EDqH9292ff6EKVL9276GJls1oHpvFadlt_8yBGIGG17Gpi1rfcTgtcLUrtFIvVxxCa7L6-NmIiTpMpe_S2Zn5J0qpVqGpRH-k_fUi299UzQ631GA1d6UYeF7h0eMWN7N4v81921GVw-W-ih_c2WwAOvj2jIT92n1PpJA9LoiEtOMUxp7xgrJThYwUUzEA458PF2AG_2Fq8pClETiaWC8vQpi9r5oCbKELrWQyDd71UgqiZLpw5jnzbtYeid4VXTFyj3P39d46sSAgse0m2PcvkZ-SNe1xWg1ZBURwjpW6AokX0SV7NidHk7BLmK0oNKD2p4wO6EgriJIYa6hKixzbSNtQUiJUJWozlTocnDRybgREQi4p3f8k4U30VKszyLFETZL41r3ydliN-sd_am3-0B2UmyeKrErUWT9mZS_ufxGJ1_R4g2-7T95kgOYkVdclfoSDvNxlWTEVAuUWIMXERz1w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vestniktm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vestniktm.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: vqaf5igbl51ljmjaq7gehj6lr7
vestniktm.com/	1970-01-20 19:21:41	Name: jblang Value: ru
vestniktm.com/	1969-12-31 23:59:59	Name: s Value: 1
.vestniktm.com/	1970-01-20 17:45:13	Name: tmr_lvid Value: 58bb77a13386a77af7b80cd13ab9f985
.vestniktm.com/	1970-01-20 17:45:13	Name: tmr_lvidTS Value: 1676741832421
.vestniktm.com/	1970-01-20 19:21:41	Name: __utma Value: 193807658.1061691578.1676741832.1676741832.1676741832.1
.vestniktm.com/	1969-12-31 23:59:59	Name: __utmc Value: 193807658
.vestniktm.com/	1970-01-20 14:08:29	Name: __utmz Value: 193807658.1676741832.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.vestniktm.com/	1970-01-20 09:45:42	Name: __utmt Value: 1
.vestniktm.com/	1970-01-20 09:45:43	Name: __utmb Value: 193807658.1.10.1676741832
.vestniktm.com/	1970-01-20 18:31:17	Name: adtech_uid Value: a2ae6efb-665a-4de0-bded-8d62e4284379%3Avestniktm.com
.vestniktm.com/	1970-01-20 18:31:17	Name: top100_id Value: t1.6393036.1663125413.1676741832502
.vestniktm.com/	1970-01-20 19:21:41	Name: last_visit Value: 1676741832505%3A%3A1676741832505
.vestniktm.com/	1970-01-20 18:31:17	Name: _ym_uid Value: 167674183373763528
.vestniktm.com/	1970-01-20 18:31:17	Name: _ym_d Value: 1676741833
.mc.yandex.com/	1970-01-20 09:45:42	Name: sync_cookie_csrf Value: 2320793436fake
.vestniktm.com/	1970-01-20 09:45:43	Name: __cf_bm Value: moXsr0WNT.0DjsY6AELPTk49YLySFrvmGOars.Uxs4c-1676741832-0-Adg+nuKBzza9gtxN9zzGO2yF03AEaq2RSvt8kCmTl0CXUGPX0y+/Rl3aLS/fZVNo929kPAr5/+gTCZ5POS1PG0maiRd1dHanDAjQ/oq5FcrrtSdhRNg+4Rd+bCgq2VCTsl0Q9P/E31/ppPSQ6Vh7yL8=
.vestniktm.com/	1970-01-20 09:46:53	Name: _ym_isad Value: 2
.vestniktm.com/	1970-01-20 19:07:17	Name: __gads Value: ID=926d719eac63044b-22f89a45d7dc0002:T=1676741832:RT=1676741832:S=ALNI_MbTVo1Vf5a1vqa0BTi1UhU6a5kEiA
.vestniktm.com/	1970-01-20 19:07:17	Name: __gpi Value: UID=00000bb8e419de75:T=1676741832:RT=1676741832:S=ALNI_MbiU7IfeyetS7WY6dFbOitSTyc2RQ
.vestniktm.com/	1970-01-20 18:31:17	Name: t3_sid_6393036 Value: s1.2056643133.1676741832503.1676741832898.1.2
.mc.yandex.ru/	1970-01-20 09:45:42	Name: sync_cookie_csrf Value: 2651516128fake
.rambler.ru/	1970-01-20 19:21:41	Name: ruid Value: 1CIAAMkM8WNkmy5DAWIoAwB=
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 595872541676741833
.yandex.com/	1970-01-20 19:21:41	Name: i Value: Ts5frfCCPZCl0ctQPDhkv+0Es0B1jxQfsqtV7/6D2/qbrBgOAt2Q3Nuw/qSiSAXhQdRomXH/jNYmbEfXpyOq8X9O6N0=
.yandex.com/	1970-01-20 18:31:17	Name: yandexuid Value: 9380635951676741833
.yandex.com/	1970-01-20 18:31:17	Name: yuidss Value: 9380635951676741833
.yandex.com/	1970-01-20 18:31:17	Name: ymex Value: 1708277833.yc.1676741833#1708277833.yrts.1676741833#1708277833.yrtsi.1676741833
.yadro.ru/	1970-01-20 18:30:03	Name: FTID Value: 1ZyGp92AyneV1ZyGp9002Hf_
.yadro.ru/	1970-01-20 18:30:03	Name: VID Value: 0pC-ek1BCjeV1ZyGp90020JI
.doubleclick.net/	1970-01-20 19:07:17	Name: IDE Value: AHWqTUn8wI0IjOrQJHHnv4x_XKGDSN7F7E5d1t5TlXN1q3Xa0yLgD6-bKjTKPBvpZ5g
.doubleclick.net/	1970-01-20 09:45:42	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 18:31:17	Name: uuid Value: 74a063f1-0cc9-4901-b663-7e0cc46d3466
.mail.ru/	1970-01-20 18:32:44	Name: VID Value: 376JRI2coZIF00000o1aP4IF:::0-0-0-90b6588:CAASEO8N-QHhV05MN1mNWuRyAIQaYN06alxXg_NTaGuBlhgmd7uhuUYKQQ8TXv5AkZx632Sg_wVdk3pcn2qXMFvOFav6_D9UbqNWi6_Q4VhUZWFykWpdfhuMjofKfNJI9EauHy3glptx4jfTBuSiyweCTehbHA
vestniktm.com/	1970-01-20 09:47:08	Name: tmr_detect Value: 0%7C1676741834818

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
get.mycounter.ua
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90007.redintelligence.net
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
ssl.google-analytics.com
st.top100.ru
tags.mathtag.com
top-fwz1.mail.ru
tpc.googlesyndication.com
ulogin.ru
vestniktm.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.vestniktm.com
138.201.63.157
185.29.134.249
2.18.233.201
2001:4de0:ac18::1:a:2b
2606:4700:20::681a:d04
2606:4700:20::ac43:4935
2a00:1450:4001:800::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::200a
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400d:80e::2008
2a02:6b8::1:119
62.149.0.249
81.19.89.16
81.19.89.17
88.212.201.204
88.99.219.174
95.163.118.168
95.163.52.67
019f5360eeff4dab248dade0cd71b37a674f8b8ca39852e1a52c316057dd0c75
0206d8d24491d6a3a73816f035dfbb70bf0389d0654072d7ac6f47bacd90084b
03ee891159b3eaf147012f2cd052250389f83a240dcfe9b6a55e993732d9f2c4
05731bf462ccb356ee8113606a1960be12dae10bd1c7001da61e6f0f92fded62
07ff506a54b012e06cddbf702f1c594b36ce8ba91806c7bf3dcc821768a83c6a
089d822746dbebe46a204d5cfc48a5a86d135ed0e451949bbb2dfb4b283a63a9
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0d35a0dfc59effaee55acbe08ff749792d5c5dee22ac7969a297bdbd3fc5b00b
0dfeecc7eba30dd6c9787a66b5518d904fa0721066b700c0eef8c10fc9b9615c
0ffcf88c170b730a249c201dc597d5d291578ad946c4a3ab7ae17ce1c2a91b79
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
10dff66d437444385249ef1bf5b90ecaae8914c72a427522a71ec111f3798644
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
168c194e89e771c59f29a2705c8c87a13e95c12e3f12970c17a420fb4fd3d894
1a0f7e62da77c0d25678b30dc016fec773b0dba84a9006b2dd1757e3a5d6be2a
1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95
1c2f11e9de385d2360defba8f03594994c1abcd3205cf09d47f07b13c81ba0b4
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20c297fad2fdb1fac5f6cc54e6af7ba4f02d80812af97511fb5324a56c08dbde
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266a3771ef39c4855333a8ff90d4a48d8c19f2ddb561ceb41a5a8ab4747304f8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2771dd74d5fb66bc05f538cc857eb9d4a4d4fa8e02e9411b14e6a6455ec649d2
27a4c378768bd08f78c63ff76b9f467301182ef9145136aaef7f0e0157963468
2a764f62c2da44c57cd2cbcc52678ef7111a2db21d15907ae0162a89ff3792f5
2c246d0466481445e83816cebe60495dca5278413cb89b52e46e857473c1c3ed
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3280543e84de566566928da72b8b14c87af08fdcc9a853e0bccbde1ed0be49df
373c257c2f0ae224881b4ece1bb8f53b68c5181f1d8ec34c8a76e37cd5b3094d
3bc018b8c370250f11f1d5393a7b42c6bdd60dc170584a7cb51e848d8d0bd642
3f45818f9bf301eb0c51b3d7ea65dff204c50e202919c2baa7dde604f2d68f42
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5984988111b47fc011eeba36eb344ddba5cffd8bebcb0d07f395b3a4d61e6a5a
5aac75473da4e569378d4e1ceeafcdd5ee5f6b6b563b9828504f60a136b42689
5d4ef01a48c9e33bcd2139a5c2f061d1789cc7e68cd6e3b103fd4e78703f2f5f
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a898e7d2ac05f7530e5d19ac93f570e5b00b4e6c6251df52752227ff99e524
662c1cd9a9c7c397b6c65f272844156b6d9af4ad5c8a5370c16dc6fcb47091d9
665904d832044f650165ba56c0af88fa0619ef2bdbf4e3442bb256f778e37b1d
6718f319ad3e636fb38c2b8040212d501f67bdacd6b46d953cd3f0b328c97e21
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
7361cb5b4e1e444fb0cf2273b94724df3df4e3f3af48b1433b5c467a169857b7
73e3fbd3b6c791205f9b2b90a80b881f418fb06ed8b18924638eb907e904d2b9
74a938af292eea9c1a39a496c6e33b434265104b26be2214315866bd6abeecd3
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
78237e38453b8b7243a39d27cabc0fe8916faccd81289855a31bc250a5e14ddc
78cef102b3ef7dd39d0b32e86cc8798f0aa4c97528dd0f367b3646e70ad7343e
7ad7d5da5fb4373fc387814bd832e9cdaccfe879395c74044b089adc92853aed
7b929125ed2e979e50aea2a2c548c91c020351a7b182c7d59fd11cf73baf446f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833c1f483fd63eed0831016fc3db8a707ae198034005cce39af111f536fc6fdf
8555b25c9cf12dd079b5a81e58917445ed0ba4907fe154663113904dc0b2ccab
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
892ad34a06b9be96e243fa6fd03ba3887a3d39bf6f4c878741c9c45a5a0337ce
8edeb5194b45b4653c7d85e748d7dce1da6bab4027a71325b8775c661b39de70
90754a2ff856b3a9c5ed450065523fb1cd2f60d1b10c517dab5f3f66dfcd60f1
90d195f135db03992e9fedc1809a812effe9d906ec86098379d1f64491995a71
911ae660cbecf39685426131e9dfc9333aba3f99495bab8523f1b51c4914489d
941877b57ffb13cdc16ec0452dd6ec30fb0d91c41593e6b066f63872df02f9be
98ccdce85ef378977b5f656d98be402c378e22fd10192125ea53fa3969bec043
9a60fb8db0cc05f6cc3c18309751aaa4ab92d3352c284dd256a906c8fba86691
9c9f1b48a7a7fc03b63e7e05dbfef3284eadce7131e6af91c7f444c256593e34
9d8f889ddbbf8def28d2d1356397051c3b96eea51b08f8a286e05b6088dc4114
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a1d808c178e1de63d9c86ab5276c40d938c76889ad5e67dc39c44589666d5200
a3f845846773de180c3a33e31fae64573b35a74264fd2c6f80d86b1e170f97e0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d04be0ad6e148b6006c37f0c33e2917afaa5cc416c817b6c7eb9b112206ed9
a700656384abfd0541cbd3b592b062b3bdb81edd225e4110cbd25896144520bc
a80ccb21601afb79f056eb4186e12066b1581b7795550bfd06f302779388a164
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
abe343ada46e6d651a7fd42cdbb624ba584e73aaaa3fb00d0e5388236061d0cc
ad116c0e5469654c875d2a7b9819fc543c6083497a502637abaa1d2f45020f60
aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b781bd35f56a0590e6ab6e8a90c5b68ded195695b75ccf45ceae8bf663cf1a80
be4ba2c067449ee68cd89d090dd3176ae90de2ab061d751e123a33b27f2e0a87
c04727198a457b5cf957aef172110465113c26e2909d0d84554057f6eb2a0f4c
c6f9c1bdb69334d311b2b92579b148dcae9d46707fd6fad025bf3b9049df9229
c7b1e7db9c320a44acc0fd06a61fc605203a5370bedb2c552f84fae2cafe37d5
c8057eda5827a5fbf4d936aabe79d8a307cbbd5629b4a620e6eb08dcd5e7b01d
cbbbe244b0d27e09475ac38e21020f6dc73501eb42176bb76f70b21b9566e1b2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00c673032c1444178a7cebc6cf988440d2e1ead769aea9470806bba9beab8a8
d76d0c68560c2c6338fa36697a3d14498054fbd38c0a7fa293e49baa44705409
da47fd02bd8ef637e997619d860874bd31e1108531e78eaa9c1711c52a851959
dcc1cee967eadc905816446769a44c4ace541d3fc115f37281079b7f174c5726
deeb064c92bf3245869759ace5ad8e7d507215d9255df806d3744086839ae268
df388f138c472e8df27800daf1f88e4cb62f274c732d75aee03929a143917d6b
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70b00b2232fcdf50ea084d92005ea08cdffe3e4805f6692174d3916f17d703e
e86f962d7a0ba3b30a60bafed7e85b073ee73e76e6e3f9bc0695cc16f01c4eb5
eb6b60fb44ffe5c3c4ad5af315c22c5653c7971f398c8bd431571cd804bab17f
f338ad7d82870c0cdf7fd3626704acbd512300a28963fc511ad819ec15f0cd53
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe43cf2b1aa853c2580fa32ab45de072d7484f4ee6a459373f81be7d72c447f4

vestniktm.com Open in urlscan Pro 2606:4700:20::ac43:4935 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

96 %HTTPS

62 %IPv6

21 Domains

27 Subdomains

26 IPs

7 Countries

1055 kBTransfer

2600 kBSize

35 Cookies

24 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

vestniktm.com Open in urlscan Pro
2606:4700:20::ac43:4935 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

96 %
HTTPS

62 %
IPv6

21
Domains

27
Subdomains

26
IPs

7
Countries

1055 kB
Transfer

2600 kB
Size

35
Cookies

118 HTTP transactions
3 data transactions