urlscan.io logo urlscan.io
SecurityTrails logo

thenalog.com Open in urlscan Pro
89.187.188.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://thenalog.com/
Submission: On April 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 6 countries across 8 domains to perform 28 HTTP transactions. The main IP is 89.187.188.226, located in Prague, Czech Republic and belongs to CDN77 _, GB. The main domain is thenalog.com.
TLS certificate: Issued by R3 on April 5th 2024. Valid for: 3 months.
This is the only time thenalog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 89.187.188.226 60068 (CDN77 _)
2 2a13:1ec0::1037 201589 (EDGEAMLLC)
2 2a00:1450:400... 15169 (GOOGLE)
11 95.216.246.53 24940 (HETZNER-AS)
4 10 2a02:6b8::1:119 13238 (YANDEX)
4 2a00:1450:400... 15169 (GOOGLE)
1 57.128.74.69 16276 (OVH)
28 7
2    89.187.188.226 (Prague, Czech Republic)

ASN60068 (CDN77 _, GB)
PTR: darkhost.pro
thenalog.com
2    2a13:1ec0::1037 (Armenia)

ASN201589 (EDGEAMLLC, AM)
code.jivo.ru
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    95.216.246.53 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.246.216.95.clients.your-server.de
fccdtas.stripocdn.email
10    2a02:6b8::1:119 (Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    57.128.74.69 (France)

ASN16276 (OVH, FR)
PTR: ns3227056.ip-57-128-74.eu
node-sber1-az1-20.jivosite.com
Apex Domain
Subdomains		 Transfer
11 stripocdn.email
fccdtas.stripocdn.email
2 MB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6816
4 KB
4 gstatic.com
fonts.gstatic.com
108 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2613
74 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
3 KB
2 jivo.ru
code.jivo.ru — Cisco Umbrella Rank: 63512
8 KB
2 thenalog.com
thenalog.com
44 KB
1 jivosite.com
node-sber1-az1-20.jivosite.com — Cisco Umbrella Rank: 345771
759 B
28 8
Domain Requested by
11 fccdtas.stripocdn.email thenalog.com
7 mc.yandex.com 3 redirects thenalog.com
mc.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
3 mc.yandex.ru 1 redirects thenalog.com
2 fonts.googleapis.com thenalog.com
2 code.jivo.ru thenalog.com
code.jivo.ru
2 thenalog.com
1 node-sber1-az1-20.jivosite.com code.jivo.ru
28 8

This site contains links to these domains. Also see Links.

Domain
t.me
wtsp.cc
vk.com
Subject Issuer Validity Valid
thenalog.com
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.jivo.ru
AlphaSSL CA - SHA256 - G4		 2023-05-10 -
2024-06-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.stripocdn.email
Sectigo RSA Domain Validation Secure Server CA		 2023-12-01 -
2024-12-09		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-12-26 -
2024-06-05		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.jivosite.com
Go Daddy Secure Certificate Authority - G2		 2023-04-05 -
2024-05-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://thenalog.com/
Frame ID: D5F0E9DCC273DC74F2789F5221AC27E2
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Бенефициар

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

28
Requests

93 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

6
Countries

1786 kB
Transfer

1952 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10333.YPtuOxzzsRPp8cLUQgmrNPtd5QJaiB__D8a6k_uKMNd8GXRK8p9imB5s1IR21bf-.Bpb_IM78GhksJCv-Je6nvqpViSk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10333.8eZDLamX86_S3YdCoEyr9x0p5NwLmkZEWqb4KPxIbHI53ZGCzeq0hJYNiYcawM8hyXEMhHU2hhBQOM13L8BbPudqcw9Yx9valm2Lfrpf8JxHqhcZe9EU8Zx9pv3TGeHFmYZdy9zy6vSZCKK1joPMrnxlGRfabAlekQXZJrOImcV9ZngOhCvEN8r1LHaHlhs8OEYoC3XaAOuMW7R6-VlHMlNtyX-OKM3rpu-dDvEMfs8%2C.2cpj2N58zygZp9DDi885kUOSpE8%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10333.JEAt2K8JODKitU_lm9FzNiCPHD2S0XeGYd_YGpld5DDzcB3FjPwa6V_WQcGAxU-3aQmCB2XWXZM2KDnTbYofF5dsrH2rPQr1ffG5rqYIxgIKNCg3mQNVcTnmYEvDDXenuUJoHo4Mc8F0eVZOYZo29dpSNvj-BWMIBt9V0Huw3SqP5DrDtpXGS3Ua_VkR0Dyy7LoOWtWuOlUD0aL8g1zTkw%2C%2C.IQPFuOM1PJxlO2zWtRFKRfJUgUE%2C
Request Chain 23
  • https://mc.yandex.com/watch/96960282?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.105%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.105%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.105%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1290%3Acn%3A1%3Adp%3A0%3Als%3A321322362344%3Ahid%3A1015814925%3Az%3A120%3Ai%3A20240408165057%3Aet%3A1712587858%3Ac%3A1%3Arn%3A679921200%3Arqn%3A1%3Au%3A1712587858467583519%3Aw%3A1600x1200%3As%3A800x600x24%3Ask%3A1%3Afp%3A129%3Awv%3A2%3Ads%3A0%2C18%2C15%2C7%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C65%3Aco%3A0%3Acpf%3A1%3Ans%3A1712587857307%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1712587858%3At%3A%D0%91%D0%B5%D0%BD%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D1%80&t=gdpr(14)clc(0-0-0)rqnt(1)eco(21037572)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96960282/1?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.105%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.105%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.105%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1290%3Acn%3A1%3Adp%3A0%3Als%3A321322362344%3Ahid%3A1015814925%3Az%3A120%3Ai%3A20240408165057%3Aet%3A1712587858%3Ac%3A1%3Arn%3A679921200%3Arqn%3A1%3Au%3A1712587858467583519%3Aw%3A1600x1200%3As%3A800x600x24%3Ask%3A1%3Afp%3A129%3Awv%3A2%3Ads%3A0%2C18%2C15%2C7%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C65%3Aco%3A0%3Acpf%3A1%3Ans%3A1712587857307%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1712587858%3At%3A%D0%91%D0%B5%D0%BD%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thenalog.com/ 		44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.188.226 Prague, Czech Republic, ASN60068 (CDN77 _, GB),
Reverse DNS
darkhost.pro
Software
nginx /
Resource Hash
da4d21a63d4c49fac1fce0dfbe03d12da22f82b1cae1a68d07b11384f0745e1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 08 Apr 2024 14:49:34 GMT
server
nginx
94lmimjCLu
code.jivo.ru/widget/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/widget/94lmimjCLu
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
0308a087538b97d72fe66ed794ab36f28d267eb80d31947d7698f49c2179d634

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
content-encoding
br
via
1.1 sharxy
x-cached-since
2024-04-08T13:57:20+00:00
x-geo-shard
sber1
content-length
6059
x-node
am4-up-gc95
last-modified
Wed, 27 Mar 2024 13:17:27 GMT
server
nginx
etag
"66041c67-17ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
expires
Mon, 08 Apr 2024 09:36:59 GMT
css
fonts.googleapis.com/ 		7 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3221fdddb002ae086dd9d6d9f015417ec5d6f7e23ddda62069a2b445a3fb3725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Apr 2024 14:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 14:50:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Apr 2024 14:50:57 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Apr 2024 14:50:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 13:50:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Apr 2024 14:50:57 GMT
tablet_768px_2.jpeg
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/tablet_768px_2.jpeg
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
9bd6eef7e2384c5f12bfc20b075f8415bba8ac8cb8d9f451302f164eb9ea5b87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
RadL0H2pDdgGwIk5Z5hoVqcbgjJrHzCl
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
415
content-length
11957
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 19:45:04 GMT
server
nginx
etag
"6d70643c69294411bdb743f21d16ee5b"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
137
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
Tablet+768px+%282%29.jpeg
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurltablet_768px_2.jpeg
wxrjq.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/wxrjq.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
146be6eb2452c3f060b2fd0fc34ba9e2414cf2f96cebbec7b43399a85fbd9460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
ZDc4KYqZKROJlntlLtEBR8AEqLbL4dMN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
1200
content-length
66283
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 21:30:25 GMT
server
nginx
etag
"40e96919f275828994f55d13c1504675"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
101
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
WXRjq.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlwxrjq.png
btkmxeeolsu_1.jpeg
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/btkmxeeolsu_1.jpeg
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
1bcafc9b3477ca0454898a2f66b6a654a8b70fc706bf48686158093ab00fecf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
l1UYb8oCatYGgSuGPq1QcYfEx15GrZPF
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
640
content-length
75774
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 19:30:46 GMT
server
nginx
etag
"d96397b0fdc6526d4c7188372fc67f74"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
463
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
bTKMxEEOLsU+%281%29.jpeg
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlbtkmxeeolsu_1.jpeg
telegram256.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/telegram256.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
6fe45aacab16e7046b02d9b2ef537a569e172794f6120ed33e785f1a9fa26d1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
8cGmOXvvhIZ90sHpfIPTJE93vwSVvqSJ
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
256
content-length
8226
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 15:34:41 GMT
server
nginx
etag
"401cd0b1b6250cf7e0518c49228b4734"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
256
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
Telegram-256.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurltelegram256.png
marketing_email256.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/marketing_email256.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
d516fecfbf95273bd36c1e8360f3c916cd311b7ba5cb963d7954e4f2cdc9f478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
sSPEFYLFHIfdpyYI_FVn6soTFwE8UewT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
256
content-length
9102
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 15:43:11 GMT
server
nginx
etag
"e7db3e31affe0d8267634b9629656d5b"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
256
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
Marketing_Email-256.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlmarketing_email256.png
whatsapp256.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/whatsapp256.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
a600dc4d77181dd8b25309207e93e927c758425289b70d48f4c40cd5676b8d06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
KGAIl8UbeUu.panxmuCVBImxgcl10cr.
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
256
content-length
7699
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 15:52:49 GMT
server
nginx
etag
"8b7571be4050158034de9f683fd3dc91"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
256
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
whatsapp-256.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlwhatsapp256.png
4f6277f5f9a20e815e50_j2P.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/4f6277f5f9a20e815e50_j2P.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
18cb96fdcadaf4c3622febe566b1b2020f5cfc13e190b740f483bba3fe1a399f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
l6w8dSy3KHCd0pALX4yPW2F5u2U2UH7N
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
1082
content-length
1314421
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 19:31:24 GMT
server
nginx
etag
"c45b1356e1380878346435fca7a71922"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
722
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
4f6277f5f9a20e815e50.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurl4f6277f5f9a20e815e50_aZ3.png
proverka_kontragenta_instr.jpeg
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/proverka_kontragenta_instr.jpeg
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
48f5e9bae97a1fdc4de213ecc93ba091a6059a84c38cf735bcf2f3f74df8537a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
MRXu9mve.31pWv7z2VnzO4erEr7nrxsN
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
670
content-length
53279
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 19:34:26 GMT
server
nginx
etag
"d14624b68a4c02c9ac1ee97196a0b5df"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
512
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
proverka_kontragenta_instr.jpeg
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlproverka_kontragenta_instr.jpeg
tag.js
mc.yandex.ru/metrika/ 		210 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
90f21e0997ee4fca652d5aad8ccc321718c1eacfafc62974d3e6e8b289df95bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 05 Apr 2024 08:05:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"660fb0d0-120aa"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73898
expires
Mon, 08 Apr 2024 15:50:57 GMT
image.jpeg
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/image.jpeg
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
6a6802f7891d22420c7fe900a269fd13a258076e43212711021715c15f4b76c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
2pKzDaQz7ZurI3CclJnNZKV4pNGQ_TfD
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
300
content-length
9794
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 21:38:03 GMT
server
nginx
etag
"3b1eb61204de6121e279dd32048a1e2f"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
100
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
image.jpeg
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlimage.jpeg
vk_rGC.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/vk_rGC.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
d721abf7c9b8554aa3ad4857f3ffa2c911b7c80c2d926538f72a892a38f1f181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
JZtNTLU3_Cfqd.moxLSU7WzQ9HsMV5T3
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
299
content-length
12406
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 17:16:45 GMT
server
nginx
etag
"a6d6458b12dcba4c76b24b03b1729189"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
298
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
vk.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurlvk_M1m.png
oplatazarezultat1.png
fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fccdtas.stripocdn.email/content/guids/CABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268/images/oplatazarezultat1.png
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
95.216.246.53 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.246.216.95.clients.your-server.de
Software
nginx /
Resource Hash
9dea72170fcb086b117bdcafba467ff0a7e5289de9829450304e8c1700d44746
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
x-amz-version-id
6jhh5SHaSR78A9zjtxHvJ.8Pt79EY1sM
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-node-name
cdn5.stripocdn.email
x-cache-status
HIT
x-amz-meta-orgignalwidth
269
content-length
7329
x-xss-protection
1; mode=block
last-modified
Tue, 02 Apr 2024 17:27:55 GMT
server
nginx
etag
"f67a26647c04e7c13d5ded0997915153"
x-frame-options
SAMEORIGIN
x-amz-meta-orgignalheigth
124
content-type
image/png
access-control-allow-origin
*
x-amz-meta-stripooriginalfilename
oplata-za-rezultat1.png
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_0c246522b5fbf692bc45a437fc86a6955d3b88677d5ff7c30dc2782c6b469268%2Fimages%2Fstripothumbnailurloplatazarezultat1.png
u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZXMf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://thenalog.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 14:40:19 GMT
x-content-type-options
nosniff
age
346238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14652
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 14:40:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://thenalog.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 16:06:58 GMT
x-content-type-options
nosniff
age
600239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26736
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 16:06:58 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://thenalog.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 13:32:10 GMT
x-content-type-options
nosniff
age
177527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Apr 2025 13:32:10 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://thenalog.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
230701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Apr 2025 22:45:56 GMT
94lmimjCLu
code.jivo.ru/script/widget/config/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.jivo.ru/script/widget/config/94lmimjCLu
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/94lmimjCLu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a13:1ec0::1037 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software
nginx /
Resource Hash
416fc6fe740e8b1e22ec7c5ae3fef43ee06ca9cee73d324eb901a210cc624208

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
content-encoding
gzip
via
1.1 sharxy
server
nginx
vary
Accept-Encoding
x-cached-since
2024-04-08T13:57:20+00:00
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
x-geo-shard
sber1
content-length
1603
x-node
am4-up-gc95
expires
Mon, 08 Apr 2024 15:57:20 GMT
94lmimjCLu
node-sber1-az1-20.jivosite.com/widget/status/2421798/ 		231 B
759 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node-sber1-az1-20.jivosite.com/widget/status/2421798/94lmimjCLu?rnd=0.41341863126814093
Requested by
Host: code.jivo.ru
URL: https://code.jivo.ru/widget/94lmimjCLu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
57.128.74.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3227056.ip-57-128-74.eu
Software
nginx /
Resource Hash
bda3c418bede2fc25394e8e1a1b02c3b2c16c07cf63073adc5cc187b70d37293
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 08 Apr 2024 14:50:57 GMT
Content-Security-Policy
frame-ancestors 'none';
Server
nginx
X-Botmode
no
X-Geoip
DE;BY;Nuremberg
X-Frame-Options
DENY
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://thenalog.com
Access-Control-Expose-Headers
X-Geoip, X-Botmode
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Max-Age
1728000
Content-Length
231
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10333.YPtuOxzzsRPp8cLUQgmrNPtd5QJaiB__D8a6k_uKMNd8GXRK8p9imB5s1IR21bf-.Bpb_IM78GhksJCv-Je6nvqpViSk%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10333.8eZDLamX86_S3YdCoEyr9x0p5NwLmkZEWqb4KPxIbHI53ZGCzeq0hJYNiYcawM8hyXEMhHU2hhBQOM13L8BbPudqcw9Yx9valm2Lfrpf8JxHqhcZe9EU8Zx9pv3TGeHFmYZdy9zy6v...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10333.JEAt2K8JODKitU_lm9FzNiCPHD2S0XeGYd_YGpld5DDzcB3FjPwa6V_WQcGAxU-3aQmCB2XWXZM2KDnTbYofF5dsrH2rPQr1ffG5rqYIxgIKN...
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10333.JEAt2K8JODKitU_lm9FzNiCPHD2S0XeGYd_YGpld5DDzcB3FjPwa6V_WQcGAxU-3aQmCB2XWXZM2KDnTbYofF5dsrH2rPQr1ffG5rqYIxgIKNCg3mQNVcTnmYEvDDXenuUJoHo4Mc8F0eVZOYZo29dpSNvj-BWMIBt9V0Huw3SqP5DrDtpXGS3Ua_VkR0Dyy7LoOWtWuOlUD0aL8g1zTkw%2C%2C.IQPFuOM1PJxlO2zWtRFKRfJUgUE%2C
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thenalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10333.JEAt2K8JODKitU_lm9FzNiCPHD2S0XeGYd_YGpld5DDzcB3FjPwa6V_WQcGAxU-3aQmCB2XWXZM2KDnTbYofF5dsrH2rPQr1ffG5rqYIxgIKNCg3mQNVcTnmYEvDDXenuUJoHo4Mc8F0eVZOYZo29dpSNvj-BWMIBt9V0Huw3SqP5DrDtpXGS3Ua_VkR0Dyy7LoOWtWuOlUD0aL8g1zTkw%2C%2C.IQPFuOM1PJxlO2zWtRFKRfJUgUE%2C
date
Mon, 08 Apr 2024 14:50:57 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 14:50:57 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 05 Apr 2024 08:05:36 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"660fb0d0-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 08 Apr 2024 15:50:57 GMT
1
mc.yandex.com/watch/96960282/
Redirect Chain
  • https://mc.yandex.com/watch/96960282?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%2...
  • https://mc.yandex.com/watch/96960282/1?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium...
447 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/96960282/1?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.105%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.105%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.105%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1290%3Acn%3A1%3Adp%3A0%3Als%3A321322362344%3Ahid%3A1015814925%3Az%3A120%3Ai%3A20240408165057%3Aet%3A1712587858%3Ac%3A1%3Arn%3A679921200%3Arqn%3A1%3Au%3A1712587858467583519%3Aw%3A1600x1200%3As%3A800x600x24%3Ask%3A1%3Afp%3A129%3Awv%3A2%3Ads%3A0%2C18%2C15%2C7%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C65%3Aco%3A0%3Acpf%3A1%3Ans%3A1712587857307%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1712587858%3At%3A%D0%91%D0%B5%D0%BD%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
Requested by
Host: thenalog.com
URL: https://thenalog.com/
Protocol
H2
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8960566aeeadfd968299420b39cbf294ceb538cc87bf0390f84afa40554accc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://thenalog.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 14:50:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Mon, 08-Apr-2024 14:50:58 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thenalog.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Mon, 08-Apr-2024 14:50:58 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Apr 2024 14:50:57 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08-Apr-2024 14:50:57 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96960282/1?wmode=7&page-url=https%3A%2F%2Fthenalog.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22123%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22123%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A123.0.6312.105%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22123.0.6312.105%22%2C%22Not%3AA-Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22123.0.6312.105%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1290%3Acn%3A1%3Adp%3A0%3Als%3A321322362344%3Ahid%3A1015814925%3Az%3A120%3Ai%3A20240408165057%3Aet%3A1712587858%3Ac%3A1%3Arn%3A679921200%3Arqn%3A1%3Au%3A1712587858467583519%3Aw%3A1600x1200%3As%3A800x600x24%3Ask%3A1%3Afp%3A129%3Awv%3A2%3Ads%3A0%2C18%2C15%2C7%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C65%3Aco%3A0%3Acpf%3A1%3Ans%3A1712587857307%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1712587858%3At%3A%D0%91%D0%B5%D0%BD%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29eco%2821037572%29aw%281%29rcm%281%29cdl%28na%29ti%281%29
access-control-allow-origin
https://thenalog.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 08-Apr-2024 14:50:57 GMT
favicon.ico
thenalog.com/ 		196 B
268 B 		Other
General
Check archive.org
Download Go to
Full URL
https://thenalog.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.188.226 Prague, Czech Republic, ASN60068 (CDN77 _, GB),
Reverse DNS
darkhost.pro
Software
nginx /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

server
nginx
date
Mon, 08 Apr 2024 14:49:35 GMT
content-type
text/html; charset=iso-8859-1
96960282
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/96960282?wv-part=1&wv-type=7&wmode=0&wv-hit=1015814925&page-url=https%3A%2F%2Fthenalog.com%2F&rn=676731715&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1712587860%3Aw%3A1600x1200%3Av%3A1290%3Az%3A120%3Ai%3A20240408165100%3Au%3A1712587858467583519%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Ast%3A1712587860&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 14:51:00 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08-Apr-2024 14:51:00 GMT
content-type
image/gif
access-control-allow-origin
https://thenalog.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 08-Apr-2024 14:51:00 GMT
96960282
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/96960282?wv-part=1&wv-type=7&wmode=0&wv-hit=1015814925&page-url=https%3A%2F%2Fthenalog.com%2F&rn=569250057&browser-info=we%3A1%3Aet%3A1712587861%3Aw%3A1600x1200%3Av%3A1290%3Az%3A120%3Ai%3A20240408165100%3Au%3A1712587858467583519%3Avf%3A6q5vo8idydw3m5q59jr2ws8gr%3Ast%3A1712587861&t=gdpr(14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://thenalog.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Apr 2024 14:51:00 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08-Apr-2024 14:51:00 GMT
content-type
image/gif
access-control-allow-origin
https://thenalog.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 08-Apr-2024 14:51:00 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ym function| __jivoOnError boolean| __hasStorage boolean| jivo_magic_var function| __jivoBundleOnLoad function| __jivoBundleInit function| jivo_init function| jivo_destroy object| Ya object| yaCounter96960282 object| jivo_config

23 Cookies

Domain/Path Name / Value
.yandex.ru/ Name: yashr
Value: 180814841712587857
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.thenalog.com/ Name: _ym_uid
Value: 1712587858467583519
.thenalog.com/ Name: _ym_d
Value: 1712587858
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2197902120fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTIzIiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjMiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: i
Value: D8DtrDNJDF3vpJzEZ+Hb7zGsZiW/0M7wTEQYbuEAUsDJCOdpigktaT4sc6Ea8RhYLtmouUm8ta7qaWEigggFmZ5r2EE=
.yandex.com/ Name: yandexuid
Value: 976432481712587857
.yandex.com/ Name: yashr
Value: 554857811712587857
.thenalog.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 507216562fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 976432481712587857
.yandex.ru/ Name: yuidss
Value: 976432481712587857
.yandex.ru/ Name: i
Value: D8DtrDNJDF3vpJzEZ+Hb7zGsZiW/0M7wTEQYbuEAUsDJCOdpigktaT4sc6Ea8RhYLtmouUm8ta7qaWEigggFmZ5r2EE=
.yandex.ru/ Name: yp
Value: 1712674257.yu.4494494041712587857
.yandex.ru/ Name: ymex
Value: 1715179857.oyu.4494494041712587857
mc.yandex.com/ Name: yabs-sid
Value: 1735502961712587857
.yandex.com/ Name: yuidss
Value: 976432481712587857
.yandex.com/ Name: ymex
Value: 1744123857.yrts.1712587857
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTIzIiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTIzIhoFIng4NiIiECIxMjMuMC42MzEyLjEwNSIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIkdvb2dsZSBDaHJvbWUiO3Y9IjEyMy4wLjYzMTIuMTA1IiwiTm90OkEtQnJhbmQiO3Y9IjguMC4wLjAiLCJDaHJvbWl1bSI7dj0iMTIzLjAuNjMxMi4xMDUiIg==
.thenalog.com/ Name: _ym_visorc
Value: w

73 Console Messages

Source Level URL
Text
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://thenalog.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thenalog.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jivo.ru
fccdtas.stripocdn.email
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
node-sber1-az1-20.jivosite.com
thenalog.com
2a00:1450:4001:800::2003
2a00:1450:4001:803::200a
2a02:6b8::1:119
2a13:1ec0::1037
57.128.74.69
89.187.188.226
95.216.246.53
0308a087538b97d72fe66ed794ab36f28d267eb80d31947d7698f49c2179d634
146be6eb2452c3f060b2fd0fc34ba9e2414cf2f96cebbec7b43399a85fbd9460
18cb96fdcadaf4c3622febe566b1b2020f5cfc13e190b740f483bba3fe1a399f
1bcafc9b3477ca0454898a2f66b6a654a8b70fc706bf48686158093ab00fecf5
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
3221fdddb002ae086dd9d6d9f015417ec5d6f7e23ddda62069a2b445a3fb3725
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
416fc6fe740e8b1e22ec7c5ae3fef43ee06ca9cee73d324eb901a210cc624208
48f5e9bae97a1fdc4de213ecc93ba091a6059a84c38cf735bcf2f3f74df8537a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6a6802f7891d22420c7fe900a269fd13a258076e43212711021715c15f4b76c9
6eedf7e6d72d844f2c64732129b7112906137772ef9e5654d6f668295ce816a7
6fe45aacab16e7046b02d9b2ef537a569e172794f6120ed33e785f1a9fa26d1e
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8960566aeeadfd968299420b39cbf294ceb538cc87bf0390f84afa40554accc8
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
90f21e0997ee4fca652d5aad8ccc321718c1eacfafc62974d3e6e8b289df95bd
9bd6eef7e2384c5f12bfc20b075f8415bba8ac8cb8d9f451302f164eb9ea5b87
9dea72170fcb086b117bdcafba467ff0a7e5289de9829450304e8c1700d44746
a600dc4d77181dd8b25309207e93e927c758425289b70d48f4c40cd5676b8d06
bda3c418bede2fc25394e8e1a1b02c3b2c16c07cf63073adc5cc187b70d37293
d516fecfbf95273bd36c1e8360f3c916cd311b7ba5cb963d7954e4f2cdc9f478
d721abf7c9b8554aa3ad4857f3ffa2c911b7c80c2d926538f72a892a38f1f181
da4d21a63d4c49fac1fce0dfbe03d12da22f82b1cae1a68d07b11384f0745e1f
dc8e02e4c8cbc847c79e57f90b4255e2d1fdc8938b8f63455eb8187f0981e6f9