news.xgwegewd.site Open in urlscan Pro
93.95.103.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.xgwegewd.site/
Effective URL:
https://news.xgwegewd.site/
Submission: On June 02 via manual (June 2nd 2023, 4:32:31 am UTC) from RU — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 21 domains to perform 77 HTTP transactions. The main IP is 93.95.103.233, located in Russian Federation and belongs to MTW-AS, RU. The main domain is news.xgwegewd.site. The Cisco Umbrella rank of the primary domain is 505962.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time news.xgwegewd.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	93.95.103.233 93.95.103.233	48347 (MTW-AS) (MTW-AS)
31	93.95.99.151 93.95.99.151	48347 (MTW-AS) (MTW-AS)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
4	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
2	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 2	195.54.48.25 195.54.48.25	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
2 4	34.111.205.194 34.111.205.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	149.5.244.53 149.5.244.53	174 (COGENT-174) (COGENT-174)
8	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	34.149.247.216 34.149.247.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.182.139 34.107.182.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 1	195.54.48.26 195.54.48.26	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
4	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	54.237.77.135 54.237.77.135	14618 (AMAZON-AES) (AMAZON-AES)
1 2	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
77	23

3 93.95.103.233 (Russian Federation) 1 redirects

ASN48347 (MTW-AS, RU)
PTR: awesome.pamaquine.org

news.xgwegewd.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 93.95.99.151 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: mail3.itech-group.ru

zn2.2xclick.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.54.48.25 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-01-vip.weborama.fr

gnezdoruanalytics.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.205.194 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.205.111.34.bc.googleusercontent.com

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.5.244.53 (Cannes, France) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.247.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.247.149.34.bc.googleusercontent.com

ds.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.182.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.182.107.34.bc.googleusercontent.com

bsd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.54.48.26 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-02-vip.weborama.fr

wam-google.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.237.77.135 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-77-135.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.228.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	2xclick.ru zn2.2xclick.ru	455 KB
15	weborama.fr 4 redirects cstatic.weborama.fr — Cisco Umbrella Rank: 26335 gnezdoruanalytics.solution.weborama.fr rd.frontend.weborama.fr — Cisco Umbrella Rank: 17475 ds.frontend.weborama.fr — Cisco Umbrella Rank: 105488 bsd.frontend.weborama.fr — Cisco Umbrella Rank: 98513 wam-google.solution.weborama.fr — Cisco Umbrella Rank: 148652 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22269	15 KB
12	yandex.ru 3 redirects an.yandex.ru — Cisco Umbrella Rank: 4027 mc.yandex.ru — Cisco Umbrella Rank: 3197	92 KB
8	yastatic.net yastatic.net — Cisco Umbrella Rank: 5835	201 KB
4	weborama.com 2 redirects dx.frontend.weborama.com — Cisco Umbrella Rank: 36544	616 B
4	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 111 cm.g.doubleclick.net — Cisco Umbrella Rank: 231	1 KB
3	audrte.com 2 redirects a.audrte.com — Cisco Umbrella Rank: 2137	2 KB
3	xgwegewd.site 1 redirects news.xgwegewd.site — Cisco Umbrella Rank: 505962	12 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 762	541 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1001	2 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 485	1 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 416	714 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 446	2 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 23926	861 B
2	gstatic.com fonts.gstatic.com	25 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 419	98 B
1	google.de www.google.de — Cisco Umbrella Rank: 5230	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 3	408 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	70 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 66	1003 B
77	21

	Domain	Requested by
31	zn2.2xclick.ru	news.xgwegewd.site zn2.2xclick.ru
10	mc.yandex.ru	3 redirects news.xgwegewd.site cdn.jsdelivr.net
8	yastatic.net	an.yandex.ru
4	idsync.frontend.weborama.fr
4	dx.frontend.weborama.com	2 redirects news.xgwegewd.site
4	cstatic.weborama.fr	news.xgwegewd.site cstatic.weborama.fr
3	a.audrte.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	news.xgwegewd.site	1 redirects news.xgwegewd.site
2	image6.pubmatic.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects
2	pixel.tapad.com	1 redirects
2	gum.criteo.com	2 redirects
2	secure.adnxs.com	2 redirects
2	mc.webvisor.org	1 redirects news.xgwegewd.site
2	rd.frontend.weborama.fr	2 redirects
2	gnezdoruanalytics.solution.weborama.fr	1 redirects news.xgwegewd.site
2	fonts.gstatic.com	fonts.googleapis.com
2	an.yandex.ru	news.xgwegewd.site an.yandex.ru
2	www.google-analytics.com	news.xgwegewd.site www.google-analytics.com
1	idsync.rlcdn.com	news.xgwegewd.site
1	wam-google.solution.weborama.fr	1 redirects
1	bsd.frontend.weborama.fr	cstatic.weborama.fr
1	ds.frontend.weborama.fr	cstatic.weborama.fr
1	www.google.de	news.xgwegewd.site
1	www.google.com	news.xgwegewd.site
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.jsdelivr.net	news.xgwegewd.site
1	fonts.googleapis.com	zn2.2xclick.ru
77	29

This site contains no links.

Subject Issuer	Validity	Valid
gnezdo.news R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
zn2.2xclick.ru R3	`2023-04-03` - `2023-07-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-17` - `2023-11-17`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-04-08` - `2023-10-07`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-02-01` - `2023-08-01`	6 months	crt.sh
*.frontend.weborama.fr Gandi Standard SSL CA 2	`2023-02-22` - `2024-03-24`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2022-08-30` - `2023-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://news.xgwegewd.site/
Frame ID: 8E99C7EB330DB24E8959F2B5D732EA06
Requests: 64 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.xgwegewd.site&site=485736
Frame ID: DD3ADA97811A31A9B6136F2CEAEFCF02
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

news.partners.ru.com

Page URL History Show full URLs

http://news.xgwegewd.site/ HTTP 301
https://news.xgwegewd.site/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

77
Requests

84 %
HTTPS

38 %
IPv6

21
Domains

29
Subdomains

23
IPs

7
Countries

890 kB
Transfer

1896 kB
Size

40
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.xgwegewd.site/ HTTP 301
https://news.xgwegewd.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A2%3Adp%3A0%3Als%3A996111314855%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A20567570%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Ast%3A1685680345&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A2%3Adp%3A0%3Als%3A996111314855%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A20567570%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Ast%3A1685680345&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 42

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%2284.19.175.165%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22114.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A771625846694%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A875036783%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Arqnl%3A1%3Ast%3A1685680345%3At%3Anews.partners.ru.com&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%2284.19.175.165%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22114.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A771625846694%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A875036783%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Arqnl%3A1%3Ast%3A1685680345%3At%3Anews.partners.ru.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 46

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref= HTTP 302
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref=&BOUNCE=OK

Request Chain 47

https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.xgwegewd.site%2F HTTP 307
https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.xgwegewd.site%2F&bounce=1&random=1792572698 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync HTTP 307
https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=4089529608 HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=znWhfB6OfKrO

Request Chain 51

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10021.6r69Tu3-_1F74jgpv9P1vqfZyKaRHj28y93H2WXbo7f2Mm9VJjf7HA_FmFI7SlOw.cWWIOn9E-RcJMWHQk3z2Ql8Jvpk%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=10021.J-3MU7sDSX_SxxyZByjYERD-dNOPYZ7VWB50tgW9iddhCldZOpTEWD43BifvAemJKUcQguT6nisEcJAJZCksXgX_fZA5pLOqrjcv5qEWP0choT8M2TketStEud-5eW7R-RhZUlRWLkjHzLPyoj8feVszu5LfZ7UCkqnDRX7oLWgN6Yi3dSY_69p-n_IsuYRLNITSpAoh4cFBq113qkYq1uvzeW5qUqnvRsNoYAjbe3g%2C.YsKgg7qzv2NoAkJqZoGAreCMh90%2C

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc= HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEHgLSslIHMlIaZuRUf4pz2o&google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1

Request Chain 65

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=380322761712125255

Request Chain 66

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=zQ_e_0_LjreUbzYKikVKG0k1imuDFiJL

Request Chain 69

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=znWhfB6OfKrO HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=znWhfB6OfKrO

Request Chain 70

https://a.audrte.com/match?p=1468142154&uid=JCNqsknp3BfXQShD3xYzyO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=M2VodFctN1NQY2JUd3VRZnFNdzYyRmxKQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 71

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw&dcc=t

Request Chain 72

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51FD899E-FEDE-42E9-A0CC-5F5A6D1DCB79

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
news.xgwegewd.site/
Redirect Chain

http://news.xgwegewd.site/
https://news.xgwegewd.site/

21 KB
7 KB

208ms
93ms

Document
text/html

93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: db061c1b2318c93cc4273c6d7f182d7e84c3780784a5330ed7430c12a092ecfc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 02 Jun 2023 04:32:24 GMT
expires: Fri, 02 Jun 2023 04:32:25 GMT
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 02 Jun 2023 04:32:24 GMT
Location: https://news.xgwegewd.site/
P3P: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Server: nginx

GET
H2 200 style15.css
zn2.2xclick.ru/new-lenta/ 8 KB
8 KB 324ms
55ms Stylesheet
text/css 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.2xclick.ru/new-lenta/style15.css?1234
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 30 Sep 2020 04:23:00 GMT
server: nginx
etag: "5f740824-1e61"
content-type: text/css
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7777
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 health.css
zn2.2xclick.ru/new-lenta/ 2 KB
3 KB 378ms
108ms Stylesheet
text/css 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.2xclick.ru/new-lenta/health.css?1
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 29 Sep 2020 05:06:00 GMT
server: nginx
etag: "5f72c0b8-8f1"
content-type: text/css
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2289
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 health.jpg
news.xgwegewd.site/tests/health/ 4 KB
5 KB 56ms
55ms Image
image/jpeg 93.95.103.233
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.xgwegewd.site/tests/health/health.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.103.233 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: awesome.pamaquine.org
Software: nginx /
Resource Hash: 1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 08 Nov 2018 10:09:56 GMT
server: nginx
etag: "5be40b74-110b"
content-type: image/jpeg
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4363
expires: Sat, 01 Jun 2024 04:32:24 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
zn2.2xclick.ru/js/ 84 KB
84 KB 364ms
109ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.2xclick.ru/js/jquery-2.2.4.min.js
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Fri, 20 Apr 2018 12:54:00 GMT
server: nginx
etag: "5ad9e2e8-14e4a"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 85578
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr.js Show response
zn2.2xclick.ru/new-lenta/ 3 KB
3 KB 419ms
164ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.2xclick.ru/new-lenta/modernizr.js
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 28 Jun 2018 10:55:00 GMT
server: nginx
etag: "5b34be84-aa9"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2729
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 new_lenta_colors15.js Show response
zn2.2xclick.ru/js/ 5 KB
5 KB 418ms
163ms Script
application/javascript 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 19 Oct 2022 06:06:24 GMT
server: nginx
etag: "634f93e0-1253"
content-type: application/javascript
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4691
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1003 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/new-lenta/style15.css?1234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

366b852a67aeca6a82b972ff59d842387c2a000f984976700ee15fb1045d19fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn2.2xclick.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Jun 2023 04:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Jun 2023 03:12:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jun 2023 04:32:24 GMT

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 166 KB
70 KB 76ms
21ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ace4ecd36bf785fb1a8c6904475ecfafe7949386c7afbc874eef6ccb4a9f851f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Jun 2023 04:32:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 9242
x-jsd-version: 1.277.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70752
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
etag: W/"29646-BGASZfNpLryXUQzKIpaRSWv9LqY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 71ms
21ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Jun 2023 03:04:54 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5250
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 02 Jun 2023 05:04:54 GMT

GET
H2 200 products.js Show response
cstatic.weborama.fr/js/ 20 KB
7 KB 116ms
21ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/products.js
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D0B) /
Resource Hash: e997c350a113c5629432c0cfbaa960874da77cc36b1420658a678d4e3c7f4baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 06:38:14 GMT
server: ECAcc (frc/4D0B)
age: 78612
etag: "164916729+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6765
expires: Fri, 09 Jun 2023 04:32:24 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 295 KB
86 KB 223ms
77ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

320eb99d23af0b205405fbf15e0d6fda6f3ea2c8384d4c63488366ae3c5ce7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1685680344923621-538378581279808443200241-production-app-host-vla-pcode-192
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Fri, 02 Jun 2023 05:32:24 GMT

GET
H2 200 1190423_342308e709.jpg
zn2.2xclick.ru/img/300x300/423/ 26 KB
26 KB 61ms
59ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/423/1190423_342308e709.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 3f08bcbb219989f7dc3866386e63e99a1b33ad06582c65f3152df999585ff1fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 01 Sep 2021 20:25:00 GMT
server: nginx
etag: "612fe19c-67ed"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26605
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 like.png
zn2.2xclick.ru/new-lenta/img/ 684 B
1 KB 61ms
59ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/new-lenta/img/like.png
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/new-lenta/style15.css?1234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn2.2xclick.ru/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 28 Jun 2018 10:56:00 GMT
server: nginx
etag: "5b34bec0-2ac"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 684
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 close.png
zn2.2xclick.ru/new-lenta/img/ 276 B
667 B 62ms
59ms Image
image/png 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/new-lenta/img/close.png
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/new-lenta/style15.css?1234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zn2.2xclick.ru/new-lenta/style15.css?1234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 28 Jun 2018 10:56:00 GMT
server: nginx
etag: "5b34bec0-114"
content-type: image/png
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 276
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1668170_f1c0c5efec.jpg
zn2.2xclick.ru/img/280x217/170/ 11 KB
11 KB 62ms
60ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/170/1668170_f1c0c5efec.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 02fcaaf5ebc88086c8419e601a727757c93562f2ab2a0ce8ecc4d5ae0db71226

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 19:30:05 GMT
server: nginx
etag: "6477a03d-2acb"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10955
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1624013_ac1bc41d3c.jpg
zn2.2xclick.ru/img/280x217/013/ 10 KB
10 KB 62ms
60ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/013/1624013_ac1bc41d3c.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: bfbd4000d081890780c811f934b776b229875b1451cf21c5b7f5c352bb53bf1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 09 Apr 2023 18:11:13 GMT
server: nginx
etag: "6432ffc1-2650"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9808
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1459951_f98ad461f6.jpg
zn2.2xclick.ru/img/300x300/951/ 29 KB
30 KB 62ms
60ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/951/1459951_f98ad461f6.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: ae600a9b563ae4a1e563d2caed7e5cd9426960d62a73aea16ba6a80c130b4b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 10 Nov 2022 19:45:49 GMT
server: nginx
etag: "636d54ed-758e"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30094
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1668175_91b091a3c8.jpg
zn2.2xclick.ru/img/280x217/175/ 9 KB
10 KB 63ms
61ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/175/1668175_91b091a3c8.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd901589a3b7d5c283b32d51cb7e5ca80f59301621b65ef0898837e95e782c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 19:31:16 GMT
server: nginx
etag: "6477a084-2588"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1665552_8c2ffc9cf8.jpg
zn2.2xclick.ru/img/280x217/552/ 15 KB
15 KB 63ms
61ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/552/1665552_8c2ffc9cf8.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 2ee3db66b6020b8e8206b47ff4f16dde5d3fce9bc4c8ed14fe1f10e452b9e11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 28 May 2023 12:04:28 GMT
server: nginx
etag: "6473434c-3b33"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15155
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1476850_e8a0bda071.jpg
zn2.2xclick.ru/img/280x217/850/ 10 KB
10 KB 63ms
61ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/850/1476850_e8a0bda071.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 7a202351052eeb3d1991be689a940418d034dc83390ae15eb06af8a11e79478a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Fri, 02 Dec 2022 10:30:09 GMT
server: nginx
etag: "6389d3b1-2758"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10072
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1667749_cbc0f6f927.jpg
zn2.2xclick.ru/img/280x217/749/ 16 KB
17 KB 63ms
61ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/749/1667749_cbc0f6f927.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f881bb2e957b90562cd60b9d264f69d322113aec369183632511504038d7aa02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 12:17:43 GMT
server: nginx
etag: "64773ae7-40de"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 16606
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1618603_742a6fe928.jpg
zn2.2xclick.ru/img/280x217/603/ 9 KB
10 KB 63ms
61ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/603/1618603_742a6fe928.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 04 Apr 2023 04:02:34 GMT
server: nginx
etag: "642ba15a-25bd"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9661
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1635548_2f18b83086.jpg
zn2.2xclick.ru/img/280x217/548/ 10 KB
10 KB 113ms
112ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/548/1635548_2f18b83086.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 18 Apr 2023 18:40:39 GMT
server: nginx
etag: "643ee427-2757"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1612208_c5eee1b336.jpg
zn2.2xclick.ru/img/300x300/208/ 15 KB
16 KB 114ms
112ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/208/1612208_c5eee1b336.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b42e7c13e71bb112dd31d77e1047d189a1b28824f1a5e34e4d9eaf2cfaed4c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 26 Mar 2023 16:30:47 GMT
server: nginx
etag: "64207337-3ce0"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15584
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1644506_03c5472391.jpg
zn2.2xclick.ru/img/280x217/506/ 10 KB
10 KB 114ms
112ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/506/1644506_03c5472391.jpg
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 03e4f140bc200eaef205fca6ff44f43e4dc41ca3d19aa065fc3a3502122ffcd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 02 May 2023 16:15:05 GMT
server: nginx
etag: "64513709-27ac"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10156
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 15:44:14 GMT
x-content-type-options: nosniff
age: 478090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 15:44:14 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 76ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Sat, 27 May 2023 18:48:29 GMT
x-content-type-options: nosniff
age: 467035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 May 2024 18:48:29 GMT

GET
H2 200 1190423_342308e709.jpg
zn2.2xclick.ru/img/300x300/423/ 26 KB
26 KB 233ms
116ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/423/1190423_342308e709.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 3f08bcbb219989f7dc3866386e63e99a1b33ad06582c65f3152df999585ff1fc

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 01 Sep 2021 20:25:00 GMT
server: nginx
etag: "612fe19c-67ed"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26605
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1668170_f1c0c5efec.jpg
zn2.2xclick.ru/img/280x217/170/ 11 KB
11 KB 293ms
176ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/170/1668170_f1c0c5efec.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 02fcaaf5ebc88086c8419e601a727757c93562f2ab2a0ce8ecc4d5ae0db71226

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 19:30:05 GMT
server: nginx
etag: "6477a03d-2acb"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10955
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1624013_ac1bc41d3c.jpg
zn2.2xclick.ru/img/280x217/013/ 10 KB
10 KB 293ms
176ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/013/1624013_ac1bc41d3c.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: bfbd4000d081890780c811f934b776b229875b1451cf21c5b7f5c352bb53bf1a

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 09 Apr 2023 18:11:13 GMT
server: nginx
etag: "6432ffc1-2650"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9808
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1459951_f98ad461f6.jpg
zn2.2xclick.ru/img/300x300/951/ 29 KB
30 KB 291ms
174ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/951/1459951_f98ad461f6.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: ae600a9b563ae4a1e563d2caed7e5cd9426960d62a73aea16ba6a80c130b4b59

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Thu, 10 Nov 2022 19:45:49 GMT
server: nginx
etag: "636d54ed-758e"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 30094
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1668175_91b091a3c8.jpg
zn2.2xclick.ru/img/280x217/175/ 9 KB
10 KB 293ms
177ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/175/1668175_91b091a3c8.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: cd901589a3b7d5c283b32d51cb7e5ca80f59301621b65ef0898837e95e782c3b

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 19:31:16 GMT
server: nginx
etag: "6477a084-2588"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9608
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1665552_8c2ffc9cf8.jpg
zn2.2xclick.ru/img/280x217/552/ 15 KB
15 KB 293ms
176ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/552/1665552_8c2ffc9cf8.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 2ee3db66b6020b8e8206b47ff4f16dde5d3fce9bc4c8ed14fe1f10e452b9e11d

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 28 May 2023 12:04:28 GMT
server: nginx
etag: "6473434c-3b33"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15155
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1476850_e8a0bda071.jpg
zn2.2xclick.ru/img/280x217/850/ 10 KB
10 KB 293ms
176ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/850/1476850_e8a0bda071.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 7a202351052eeb3d1991be689a940418d034dc83390ae15eb06af8a11e79478a

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Fri, 02 Dec 2022 10:30:09 GMT
server: nginx
etag: "6389d3b1-2758"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10072
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1667749_cbc0f6f927.jpg
zn2.2xclick.ru/img/280x217/749/ 16 KB
17 KB 291ms
175ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/749/1667749_cbc0f6f927.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f881bb2e957b90562cd60b9d264f69d322113aec369183632511504038d7aa02

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Wed, 31 May 2023 12:17:43 GMT
server: nginx
etag: "64773ae7-40de"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 16606
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1618603_742a6fe928.jpg
zn2.2xclick.ru/img/280x217/603/ 9 KB
10 KB 293ms
176ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/603/1618603_742a6fe928.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 04 Apr 2023 04:02:34 GMT
server: nginx
etag: "642ba15a-25bd"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 9661
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1635548_2f18b83086.jpg
zn2.2xclick.ru/img/280x217/548/ 10 KB
10 KB 291ms
175ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/548/1635548_2f18b83086.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 18 Apr 2023 18:40:39 GMT
server: nginx
etag: "643ee427-2757"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10071
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1612208_c5eee1b336.jpg
zn2.2xclick.ru/img/300x300/208/ 15 KB
16 KB 291ms
175ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/300x300/208/1612208_c5eee1b336.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: b42e7c13e71bb112dd31d77e1047d189a1b28824f1a5e34e4d9eaf2cfaed4c2b

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Sun, 26 Mar 2023 16:30:47 GMT
server: nginx
etag: "64207337-3ce0"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 15584
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1644506_03c5472391.jpg
zn2.2xclick.ru/img/280x217/506/ 10 KB
10 KB 290ms
175ms Image
image/jpeg 93.95.99.151
MTW-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zn2.2xclick.ru/img/280x217/506/1644506_03c5472391.jpg
Requested by: Host: zn2.2xclick.ru
URL: https://zn2.2xclick.ru/js/new_lenta_colors15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.95.99.151 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS: mail3.itech-group.ru
Software: nginx /
Resource Hash: 03e4f140bc200eaef205fca6ff44f43e4dc41ca3d19aa065fc3a3502122ffcd1

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
last-modified: Tue, 02 May 2023 16:15:05 GMT
server: nginx
etag: "64513709-27ac"
content-type: image/jpeg
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=315360000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 10156
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 28ms
28ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2136173473&t=pageview&_s=1&dl=https%3A%2F%2Fnews.xgwegewd.site%2F&ul=en-us&de=UTF-8&dt=news.partners.ru.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1206115681&gjid=87348859&cid=776341918.1685680345&tid=UA-5044672-6&_gid=31588046.1685680345&_r=1&_slc=1&z=312672618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.xgwegewd.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.xgwegewd.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

264 B
300 B

66ms
65ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A2%3Adp%3A0%3Als%3A996111314855%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A20567570%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Ast%3A1685680345&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0216044649e4707ef49cd045b45b31f0de5e4bc560aa0e42eed73d270edf0ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A2%3Adp%3A0%3Als%3A996111314855%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A20567570%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Ast%3A1685680345&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
187 B 181ms
61ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30 May 2023 06:12:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64756982-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 02 Jun 2023 05:32:25 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/11859022/
Redirect Chain

https://mc.yandex.ru/watch/11859022?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22...
https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%...

428 B
559 B

60ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%2284.19.175.165%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22114.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A771625846694%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A875036783%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Arqnl%3A1%3Ast%3A1685680345%3At%3Anews.partners.ru.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

12e962ae6c9aa87c208116c5bb76c0af4bd213ab5859fcafb7645c5d1176bded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/11859022/1?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&site-info=%7B%22gnezdoSourceId%22%3A0%2C%22gnezdoTagId%22%3A0%2C%22gnezdoTeaserId%22%3A0%2C%22gnezdoGroupId%22%3A%220%22%2C%22gnezdoSubId%22%3A0%2C%22gnezdoADGender%22%3A%22%22%2C%22gnezdoADAge%22%3A%22%22%2C%22gnezdoAIDGender%22%3A%22%22%2C%22gnezdoAIDAge%22%3A%22%22%2C%22gnezdoWBGender%22%3A%22%22%2C%22gnezdoWBAge%22%3A%22%22%2C%22gnezdoIp%22%3A%2284.19.175.165%22%2C%22gnezdoFP%22%3A%22%22%2C%22gnezdoDevice%22%3A%22desktop%22%2C%22gnezdoOs%22%3A%22windows%22%2C%22gnezdoBrowser%22%3A%22chrome%22%2C%22gnezdoBrowserV%22%3A%22114.0%22%2C%22gnezdoLentaId%22%3A%22def%22%7D&ut=noindex&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A771625846694%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043224%3Aet%3A1685680345%3Ac%3A1%3Arn%3A875036783%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C%2C%2C%2C845%3Aco%3A0%3Acpf%3A1%3Ans%3A1685680343992%3Arqnl%3A1%3Ast%3A1685680345%3At%3Anews.partners.ru.com&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 81ms
27ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-5044672-6&cid=776341918.1685680345&jid=1206115681&gjid=87348859&_gid=31588046.1685680345&_u=IEBAAEAAAAAAACAAI~&z=1755692628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://news.xgwegewd.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Jun 2023 04:32:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.xgwegewd.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
cstatic.weborama.fr/iframe/ Frame DD3A 336 B
314 B 22ms
21ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.xgwegewd.site&site=485736
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD7) /
Resource Hash: 3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Referer: https://news.xgwegewd.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 197991
cache-control: max-age=604800
content-encoding: gzip
content-length: 207
content-type: text/html
date: Fri, 02 Jun 2023 04:32:24 GMT
etag: "282943589+gzip"
expires: Fri, 09 Jun 2023 04:32:24 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (frc/4CD7)
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 topics.js Show response
cstatic.weborama.fr/js/topics/ 1 KB
749 B 21ms
21ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/topics/topics.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/products.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CB6) /
Resource Hash: daa6e706a0764c808758a080119ca8c914f453bb753686d2255518d7c3d93a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 06:45:23 GMT
server: ECAcc (frc/4CB6)
age: 77803
etag: "1327094998+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 650
expires: Fri, 09 Jun 2023 04:32:24 GMT

GET
H/1.1

200
OK

comptage_wreport.fcgi
gnezdoruanalytics.solution.weborama.fr/fcgi-bin/
Redirect Chain

https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref=
https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref=&BOUNCE=OK

67 B
721 B

54ms
53ms

Image
image/gif

195.54.48.25
WEBORAMA Weborama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref=&BOUNCE=OK
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: HTTP/1.1
Server: 195.54.48.25 , France, ASN12516 (WEBORAMA Weborama provides Internet Services, FR),
Reverse DNS: aub-collect-lb-c03-01-vip.weborama.fr
Software: Apache /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
cache-control: no-cache
server: Apache
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://gnezdoruanalytics.solution.weborama.fr/fcgi-bin/comptage_wreport.fcgi?WRP_ID=485736&WRP_SECTION=Home&WRP_SUBSECTION=Home&ver=2&da2=1685680344&ta=1600x1200&co=24&ref=&BOUNCE=OK
date: Fri, 02 Jun 2023 04:32:25 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: Apache
content-length: 399
content-type: text/html; charset=iso-8859-1

GET
H3

204

collect
dx.frontend.weborama.com/
Redirect Chain

https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.xgwegewd.site%2F
https://dx.frontend.weborama.com/collect?touchpoint=0&src=wai&site=485736&url=https%3A%2F%2Fnews.xgwegewd.site%2F&bounce=1&random=1792572698
https://rd.frontend.weborama.fr/rd?key=wamsync
https://rd.frontend.weborama.fr/rd?key=wamsync&bounce=1&random=4089529608
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=znWhfB6OfKrO

0
17 B

28ms
28ms

Image
text/plain

34.111.205.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=znWhfB6OfKrO
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H3
Server: 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.205.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:24 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:24 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=znWhfB6OfKrO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame DD3A 8 KB
3 KB 21ms
21ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.xgwegewd.site&site=485736
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D04) /
Resource Hash: 724d685239669ac4db6763d8fc4ff79d629067941a7bc5b738ef8a46f3970df1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=all&src=products.js&ref=news.xgwegewd.site&site=485736
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:24 GMT
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 09:15:53 GMT
server: ECAcc (frc/4D04)
age: 241815
etag: "892405118+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3050
expires: Fri, 09 Jun 2023 04:32:24 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 84ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5044672-6&cid=776341918.1685680345&jid=1206115681&_u=IEBAAEAAAAAAACAAI~&z=808337083

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
33ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-5044672-6&cid=776341918.1685680345&jid=1206115681&_u=IEBAAEAAAAAAACAAI~&z=808337083

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10021.6r69Tu3-_1F74jgpv9P1vqfZyKaRHj28y93H2WXbo7f2Mm9VJjf7HA_FmFI7SlOw.cWWIOn9E-RcJMWHQk3z2Ql8Jvpk%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=10021.J-3MU7sDSX_SxxyZByjYERD-dNOPYZ7VWB50tgW9iddhCldZOpTEWD43BifvAemJKUcQguT6nisEcJAJZCksXgX_fZA5pLOqrjcv5qEWP0choT8M2TketStEud-5eW7R-RhZUlRW...

43 B
507 B

77ms
76ms

Image
image/gif

149.5.244.53
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=10021.J-3MU7sDSX_SxxyZByjYERD-dNOPYZ7VWB50tgW9iddhCldZOpTEWD43BifvAemJKUcQguT6nisEcJAJZCksXgX_fZA5pLOqrjcv5qEWP0choT8M2TketStEud-5eW7R-RhZUlRWLkjHzLPyoj8feVszu5LfZ7UCkqnDRX7oLWgN6Yi3dSY_69p-n_IsuYRLNITSpAoh4cFBq113qkYq1uvzeW5qUqnvRsNoYAjbe3g%2C.YsKgg7qzv2NoAkJqZoGAreCMh90%2C

Requested by

Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/

Protocol

Server

149.5.244.53 Cannes, France, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=10021.J-3MU7sDSX_SxxyZByjYERD-dNOPYZ7VWB50tgW9iddhCldZOpTEWD43BifvAemJKUcQguT6nisEcJAJZCksXgX_fZA5pLOqrjcv5qEWP0choT8M2TketStEud-5eW7R-RhZUlRWLkjHzLPyoj8feVszu5LfZ7UCkqnDRX7oLWgN6Yi3dSY_69p-n_IsuYRLNITSpAoh4cFBq113qkYq1uvzeW5qUqnvRsNoYAjbe3g%2C.YsKgg7qzv2NoAkJqZoGAreCMh90%2C
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 7891711fed4e782988b4.js Show response
yastatic.net/partner-code-bundles/781642/ 14 KB
5 KB 299ms
153ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/7891711fed4e782988b4.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

de57d85664416c72270f198e33c729e29533ff22a82c0e3fa53e3aa490a86c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4775
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "3aa068c6bd15a52097882522cdfcb6a7"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:11 GMT

GET
H2 200 064e4e84c4e4402387d2.js Show response
yastatic.net/partner-code-bundles/781642/ 19 KB
7 KB 311ms
166ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/064e4e84c4e4402387d2.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

37a2a7e4ce3b9697de200ee646207527d10964900c1f18daf90b3e1b8ddc3708

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6593
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "7257c77e0deabf143064a60f087afb47"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:11 GMT

GET
H2 200 1cec826bc58237f55e80.js Show response
yastatic.net/partner-code-bundles/781642/ 116 KB
25 KB 337ms
193ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/1cec826bc58237f55e80.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

da6bda75d9bc1435e4e9229dd7da6ddd4493befc39cd462d99d0df78361efbf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24681
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "0abbb54d2dde240226add859eeaa22b8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:11 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 357ms
213ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:03:44 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 265ms
122ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 4110286d40fe0584
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Jun 2024 10:17:05 GMT

GET
H2 404 320977 Show response
an.yandex.ru/meta/ 29 B
423 B 76ms
75ms XHR
text/html 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&pcode-test-ids=775189%2C0%2C10%3B770133%2C0%2C57%3B767547%2C0%2C32%3B769344%2C0%2C43%3B771762%2C0%2C96%3B766726%2C0%2C62%3B777004%2C0%2C21%3B780720%2C0%2C8%3B776171%2C0%2C77%3B765112%2C0%2C99%3B770136%2C0%2C95%3B766403%2C0%2C28%3B780231%2C0%2C94&pcode-flags-map=eJytWNty2zYQ%2FZWOnjspryCZN5AEJVQkwQKgFSWTwSiJ4qhjOx3HTtNk8u9dgJREUg7kXF5smdYegHs7Z%2FfL7AILJRZspXCuSpySUhWMK1qrFNc14bOnL77MPm6u7rezpzPJWzL7fXa3%2FXBH38DfCPl%2BEM2%2Bvvz9CNNwlreZFIrVqsGtIFaEyE0Cv0MgNU5LokjGqiNISYXUl7mgOWH6A%2Fw3ZQrzagS7%2FfTPBDX0Q4OaU2FgM9bWUnGSU04yDYmbxn4zzwkC7%2FBu8CKqaktJOStLQKul%2FkC4WmGZLUiuJK2IYkUhiLTj%2Bp4TTXwmqYQr4jpXKcvXOhIN5rgiEvBzUmA4d4RZ4FKMQYMoQEdQTiRf6wDURK4YXyrCObOHMgpRECUHhD4YIsPws6RL%2BNjyC7IGxBVcSdB5bYdDTuRHJ3A%2Fg1Gyeq6KEs%2B1z9oyVxDBcq3Ekjad8y9w2Z7JtghFMRrFVN8FIGpFLghfrxaEn4OIgsA%2FQEDosyXUzZq1UomSwQ%2F6nEAY2zrHnBJxBix2A%2FeYC9J4CS4iKBv7Br7pO%2F7INnZ91OV4W9OS4RySRZcurkaJfXd7vx2YBV7sJ05nBq8vhKn1ic20ngZGkJuCkFqxVBAI5jiptjebV1fbkaWPvKSLYUGfqQrOWhA6X0hVS%2FuRQegnnWvWUBjkmeKtylmFaW0zC53I89HhvJSzJVwWzlJzTnOrpRuFfW5MD1TQRCSnqdXccx0UGPPnpPZU0UKbWNFcLhSt8JxYbQM3iJ2j7b5npYzroHKc01b89kiENdb37i6scLnCa2G39KPez3nRQOcQDashMXRFQU6PTD3Hcca2geN379xkLNdNFkxraT8vBJg%2BlQoGXiY6d%2FfnKfLMmhZwZBR5p%2Ba00F1zpYsIsvNHEPYXOOkivvOwdUkwr1XFuO48nOLJe3ujQ0PH6b3ccMo4lWuVroHVyKph3O4wFKG%2B9vZ50XNYJrjVMHGjeJCRFLoVBh6QCmcZRElYukSY%2BKHrjmxNFgtIabnQbmpwntN6bgcJwqC7uWFfSGW5bojy7bcO4igchKfiGfhJ0JSW4DX7cUmEvmmp6TArabY8c%2Foew5B9p4EUNNiCAsdT%2FRIFzuzVnMReT%2FDdPXqQTsJIZugdGCPFwBxHIWGDRI4X%2BN4oHAtiGj4ImlMinVq7oYe6OGi246SAKl8An85pZreL%2Fb6lwTULyiuds5zUe6ZpOEntTRVBV%2FTcUfIC63DIJBBjHXfqRikyrjlFCGvtIzdxg2CoFSeqsJdK8KCgNZUEkjRbgliw1hcKQgeh0RVFhblUf7WkJRr83LVChHoi1iQuFxwU3eRmRn%2FpDKQ19BeaG6lgBY3cqI84SLASTHu%2F40LXES20PFSG9e0BiOIEJQe6L0CS1Dmops5eM39jf7mxfbo0%2BsZqgRK%2Fj9LAQpiEGXvFfm4SONEBBXptrhGsqh%2BhOEDu9GRVgebH9rM8z%2Bl8PUhGrRe0Sl1KZvdQjALXPzlVzu1ngltjd5jLR1H8gKtM2z039aDEQ70ImFgXJdPCMO91uB0kifvE%2BxaIiecI4%2B3uk7refFLvtrvLd3ffgDMjl1qSFKcKtJl1fnOABEbZ3xUQyPN62DBqIDPTmuYtNEKVtnrCywi9sBdF5DpBzzGcq64nyhbIvCsuwxKmjtv54sz0CkhddZT4%2BdrUozJSaGj2ZfZ2e%2Ff6XbW5vdzdzJ66IQiK6%2Fevdldb8Xpztbu5nD31vo5QQ2AQgzrsRKCMVFpq0tBD8fCAF7Prze7qye093O2%2Fzc2b7Sf4%2FMfuenO5%2FTB6dLm5Nk%2FefN7edF%2FffNzdve8%2BXj8Z%2FPHmZtc%2F1cgHBHhwu%2Fl89f7zu%2F7fn2%2B73%2Fe3myc3238%2FnHzh7837650xffnwKw6L5hhae%2FhQ4Dunxjo%2F8ZnAg2VXdTWWkCbQHPi8bxFK4rlVKkND9gb9pSCQcpzgTMKwdsYw9B3vVBHQugEm1JLgO%2FVA5CMfxd8EHHQUPdo%2BEkkQeWBQA1O3VXrmHqHrR10kzKrHrFXAEoguJVnHMEaB2XsOwEROeBjagG%2B14pqW0YkV8hx3IE%2BgB3SbHugY2pd2Wx8Y1tjOwcqDG5dru0Gc9LuIfvugJTQn%2FerGrG00m4JG%2Bj6iiyLgOXcIbMZyuS7JvAWUX4naz5MMxnbIt%2B%2BGRH7v7ikxHBuyZG226M6CKUo3ZKllNyuZPY%2F0Xib8cWz9%2FRKGdpHhxp4zjzmoJ%2F2few299Oo2mURPeSOzTJZjs9CNj6s3s%2BfSzd7suhrOMiIEjFowZQqpnlXlmZWS4%2Fr%2B48G0pAdJqMQavPDroWFKVBXtnmclE5qlORTn2cXYj7yF2UG0vHw09l7wH3KhYSvCBb7Q2JVGA1zKxH52g8M7IVIRmILtVIOiMPj%2BxXbBmJYg0AbPSJiJyuZ6edy1QbsZiF3U7yFYBbOo0G2%2FYYLK6crxJLkjxxlNX5w0BEvTRjTVTN7kwdnr9c3d1XiJ6USeM5XBe9NzHcqCVtKKyn43rFeAQzt3XLJu3yjPdR4jNnUKa3oTUgszTv4kmTwXqdB1HxTUZvVf9Gx1fGkzJcLlT3f2ryevqxMZHddv020suMMDtTN2kGf0z9f%2FAVgipns%3D&pcode-active-testids=776171%2C0%2C77&pcode-icookie=%2FwZgfOX6nZ2xoJwt6seW6aErlCFR7gLYGks2J8A4XRp%2FcT7Y3Gpoy4LX0xen5U919mxFzv4xXqBnTRst3eyyEeW0fXM%3D&duid=MTY4NTY4MDM0NTMyOTg4ODA5MA%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=181419418583042&ad-session-id=73571685680345187&target-id=45894663&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.xgwegewd.site&top-ancestor-undetermined=0&pcode-version=781642&pcodever=781642&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A639%2C%22top%22%3A975%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1716&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyOX0KSqg0kSSp7yIY1KdQpd9ppee-_nyqqPpNkfSLsqS7srvwvFvtO9QmdRL7iZJf0PuSragm6F_hS1f4aqBHCHCFMaOtqdt41fuL3HZoCCFmxowZM9dXRjADPV4s95WRPNDLZXoChQo-cYVYgaziCjGFn-D7KrU2wY9ijTbxQ18daRHEnegyxESXiREqNDC0iSaElRKo4yAAlZRAofQjpU8KPp08CDURYSzPVNokwIuV2opcmRVCkVR2QSnSahf06qbVq_Zp7IJT0BNdE0x0jZkexYP5JAuRRB0Gy5qJUxGkzRRbIPjEWtOPO06sTfC0FVJOU3CqU7DTyq5OWoWPFkJ1qrByqpcWSYFa3YclOuTqFWjVrawiSSuv8o9P-kiEBa2ggpLo8BjRxuCKURWHShKELvVD3EieahQyQnVEA9kfbQW4YFdmWkV_EXU50h8nfVz8X8a63-y0Ch6ifVouUTqQheYV7BM9GDyLVvhoeANGFWIgIzRzQh56Bf0O2QUlp_2zOXxho51hTyGY-Zg_sAA76sPQh-ZRpbY2SqoFQS1TfZ7gPLXvRuB1wB8ihy5U77ENeP-N1Gb82cwDc2cn5-6w8sknjJYWjMOzZ8SDnAxRWqDP-8o0_Bp0MNK7694ekh4-529xMs4i7d08g3uozmb7iNH0er2xAyCFGllAvguAPAl_kczMnDYRTkd-Wn1agX6E0oJpkhedCG_2xVhMtyFYX8jmst27DD_ANFo8YHcYc4YC6j560yS6xMzKpUps4AQc38cLiHQ6uSwIwvgKr45gRhHsL15ndLeReotnklvofmA9uHdz9bJxvzX-xm7NeSPvTW_6Xt6RM3LeVVa67jU-HZh3_T90evR21-ifwy4om-Sm-sx5pZvc4r2txYxsTpp1iNN1iGmk3mTNG9K0bfonWvyDN5fdAX9lKF8DVsOa2mu1oGA1My_zbQyMW7TR08jtEsaJ2ak5OauAO18u965VzsntUs9g3CD6EWGkJrPeISNmplUt7nu9rXgz5IpfUeDkQl_Z8_NgHFofKtfIA_ExuSuduWUfHZw2D7ugLfDKWqq89VdqZVF2Iw59XFgRriaLIPIK7uncyr21GR7yNynazU-Us7NV2xfBJyIq6B8TlLz8DX3IsgwcOKKS43dou7agw1vca2PMLnF2V45zo0sK6mXUu3ULp_y3giCUqUgCBWwFeXsXr0-6YCbw2_Y38gc-BXptFIyWoaLVJJXikzJEwkUkKeWG73q2s0nMD60CdlsrM5jQbPCWo5SFOvAKVayEE_pk-gBEXk_z_vORO7tmrt8GOzUl1gwtOjAhYrVbuoRkYkCwUhGdgLuaWzt5x26bTPem2q00hc-i56f35LkGvoAGIybXIbhTv_WwpIOe8l2cFqxx99JWrT7A8rHte2h3gtm6w-sguAC-EqHlRhA2Uqw9mvnc5rat9TsUbFQBfensoh36StdPx8mQfMgteyzGisERduEwWF6kXs354JvbKdA_hX6Vl6e2Mt-bRu9DQUTZ4gJ7o5YFEKXcQ4aaOZeO3N1ikSyec3ceT_MjgrW5xT06APzU6Vg5x2Tk6GybWlyb1AyLaPxLy_oV50QDozwonyymQ9cS95bVM6fVxZP10Z3Yo7BtkIGjcQV8sAxgU9eAFwH6&uniformat=true&callback=Ya%5B3875210549482%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.xgwegewd.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
x-yandex-req-id: 1685680345232147-885004359672219364400213-production-app-host-sas-pcode-336
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://news.xgwegewd.site
content-type: text/html; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Fri, 02 Jun 2023 04:32:25 GMT

GET
H2 200 b2562b45c0273fc9a9fb.js Show response
yastatic.net/partner-code-bundles/781642/ 23 KB
8 KB 333ms
221ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/b2562b45c0273fc9a9fb.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

bd0fb648048293de8c2046ace7235372bed92f5e6cbd46f5411da0bfe4adf44f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7932
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "bb3ec669cc3cc91b4a784a1bcdf91331"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:11 GMT

GET
H2 200 b7fa144005f2e19d17f5.js Show response
yastatic.net/partner-code-bundles/781642/ 7 KB
3 KB 81ms
80ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/b7fa144005f2e19d17f5.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

963d16d534b04bbe5a6f4b6182a6e3f66bedfe60538bf577b4c6afeea483287d

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2073
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "a274f0d27c368fe11e6bd996cf6e8f7f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:10 GMT

GET
H2 200 0bac080bec79944d74d1.js Show response
yastatic.net/partner-code-bundles/781642/ 621 KB
118 KB 97ms
97ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/781642/0bac080bec79944d74d1.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ff1804d5f3405529ecd84dfe1d51d53cf6df67ccb88c28baf8b96fdd78ff96f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://news.xgwegewd.site/
Origin: https://news.xgwegewd.site
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 120162
last-modified: Thu, 01 Jun 2023 19:19:31 GMT
server: nginx/1.17.9
etag: "2d828c236448049730989dd1c8be273f"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 01 Jun 2053 11:06:11 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/11859022/ 43 B
74 B 63ms
63ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/11859022/1?page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&ut=noindex&hittoken=1685680345_f3fc765f53119bb0fa5413fb796bc7c2fdaf94545c7476f70d53153531c7973f&browser-info=pa%3A1%3Aar%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A1%3Als%3A771625846694%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043225%3Aet%3A1685680345%3Ac%3A1%3Arn%3A529419225%3Arqn%3A2%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1685680343992%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685680345&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.xgwegewd.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

GET
H2 200 sync Show response
ds.frontend.weborama.fr/ Frame DD3A 1 KB
1 KB 88ms
28ms Script
application/javascript 34.149.247.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=all&src=products.js&site=485736&v=20230118&callback=Utils.handleDataSync&ref=news.xgwegewd.site
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.247.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.247.149.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: 0a924046f0b14d70ccdb131e8d238aa5305da4fc8db674e3aaf3abd9438134a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1062
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 prx Show response
bsd.frontend.weborama.fr/ Frame DD3A 25 B
359 B 118ms
37ms Script
application/javascript 34.107.182.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bsd.frontend.weborama.fr/prx?callback=Utils.handleDataSync
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.182.107.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:24 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DD3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm=&google_tc=
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEHgLSslIHMlIaZuRUf4pz2o&google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1

0
45 B

33ms
31ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEHgLSslIHMlIaZuRUf4pz2o&google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESEHgLSslIHMlIaZuRUf4pz2o&google_gid=CAESEHgLSslIHMlIaZuRUf4pz2o&google_cver=1
date: Fri, 02 Jun 2023 04:32:25 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DD3A
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=380322761712125255

0
45 B

89ms
34ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=380322761712125255
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Date: Fri, 02 Jun 2023 04:32:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: da9c2211-f209-45e1-9c47-ce3b73d85da9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=380322761712125255
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DD3A
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=zQ_e_0_LjreUbzYKikVKG0k1imuDFiJL

0
284 B

65ms
31ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=zQ_e_0_LjreUbzYKikVKG0k1imuDFiJL
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=zQ_e_0_LjreUbzYKikVKG0k1imuDFiJL
date: Fri, 02 Jun 2023 04:32:25 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1133825
content-length: 0

GET
H2 451 401736.gif
idsync.rlcdn.com/ Frame DD3A 0
98 B 80ms
29ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=JCNqsknp3BfXQShD3xYzyO
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 collect
dx.frontend.weborama.com/ Frame DD3A 0
17 B 29ms
28ms Image
text/plain 34.111.205.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=znWhfB6OfKrO
Requested by: Host: news.xgwegewd.site
URL: https://news.xgwegewd.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.205.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.205.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame DD3A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=znWhfB6OfKrO
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=znWhfB6OfKrO

95 B
435 B

33ms
32ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=znWhfB6OfKrO

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=znWhfB6OfKrO
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200

p
a.audrte.com/ Frame DD3A
Redirect Chain

https://a.audrte.com/match?p=1468142154&uid=JCNqsknp3BfXQShD3xYzyO
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=M2VodFctN1NQY2JUd3VRZnFNdzYyRmxKQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

116ms
115ms

Image
image/png

54.237.77.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 54.237.77.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-77-135.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Fri, 02 Jun 2023 04:32:26 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 02 Jun 2023 04:32:26 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame DD3A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw&dcc=t

43 B
855 B

202ms
202ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw&dcc=t

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jun 2023 04:32:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B58F7J4WR0SRWPFT1C8Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 02 Jun 2023 04:32:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CQ6JM6JZ0RDCW9DJ4GB3
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=SkNOcXNrbnAzQmZYUVNoRDN4WXp5Tw&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DD3A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51FD899E-FEDE-42E9-A0CC-5F5A6D1DCB79

0
45 B

73ms
32ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51FD899E-FEDE-42E9-A0CC-5F5A6D1DCB79
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:24 GMT
via: 1.1 google
last-modified: Fri, 02 Jun 2023 04:32:25 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=51FD899E-FEDE-42E9-A0CC-5F5A6D1DCB79
date: Fri, 02 Jun 2023 04:32:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 416 B
970 B 62ms
62ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?wmode=7&page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A3%3Adp%3A1%3Als%3A1116876592351%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043225%3Aet%3A1685680346%3Ac%3A1%3Arn%3A476671740%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1685680343992%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685680346%3At%3Anews.partners.ru.com&t=mc(p-1)clc(0-0-0)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9fd12c26d9c56491d51903626b940b98d95b99c726560a947c6ab5c56c68b986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 416
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/320977/ 43 B
86 B 65ms
65ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977/1?page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&cnt-class=1&hittoken=1685680345_92ca11d63979026a5691641dd2585a8b2da84369454a86d773de09795279bd63&browser-info=pa%3A1%3Aar%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afp%3A789%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A3%3Adp%3A1%3Als%3A1116876592351%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043225%3Aet%3A1685680346%3Ac%3A1%3Arn%3A1001904839%3Arqn%3A1%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A1%2C113%2C93%2C0%2C134%2C0%2C%2C502%2C6%2C1647%2C1647%2C1%2C845%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1685680343992%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685680346&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://news.xgwegewd.site/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

GET
H2 200 320977 Show response
mc.yandex.ru/watch/ 43 B
74 B 67ms
67ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/320977?page-url=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&cnt-class=1&hittoken=1685680345_92ca11d63979026a5691641dd2585a8b2da84369454a86d773de09795279bd63&browser-info=pv%3A1%3Aar%3A1%3Avf%3A7sm39m606e08f6hcinvj34v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A3%3Adp%3A1%3Als%3A1116876592351%3Ahid%3A504042939%3Az%3A0%3Ai%3A20230602043225%3Aet%3A1685680346%3Ac%3A1%3Arn%3A509057343%3Arqn%3A2%3Au%3A1685680345329888090%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1685680343992%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685680346%3At%3Anews.partners.ru.com&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.xgwegewd.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jun 2023 04:32:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 02-Jun-2023 04:32:25 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://news.xgwegewd.site
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 02-Jun-2023 04:32:25 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xgwegewd.site/	1970-01-20 21:50:40	Name: _ga Value: GA1.2.776341918.1685680345
.xgwegewd.site/	1970-01-20 12:16:06	Name: _gid Value: GA1.2.31588046.1685680345
.xgwegewd.site/	1970-01-20 12:14:40	Name: _gat Value: 1
.xgwegewd.site/	1970-01-20 21:00:16	Name: _ym_uid Value: 1685680345329888090
.xgwegewd.site/	1970-01-20 21:00:16	Name: _ym_d Value: 1685680345
.weborama.com/	1970-01-20 21:40:35	Name: wui Value: 7FB9C976-FC2F-4AD4-8AF3-C0770EB2ACE1
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2639535071685680345
.yandex.ru/	1970-01-20 21:50:40	Name: i Value: E2OyVs3xSPaO7mwydR0X444e3lOMWrS9pUPrW0WKUXaac6m4vAQh0a5vBDmkHeyxnXOUg4/d+pZKkVrBErUsy615JbQ=
.yandex.ru/	1970-01-20 21:50:40	Name: yandexuid Value: 6082437191685680345
.yandex.ru/	1970-01-20 21:00:16	Name: yuidss Value: 6082437191685680345
.yandex.ru/	1970-01-20 21:00:16	Name: bh Value: KgI/MA==
.xgwegewd.site/	1970-01-20 12:15:52	Name: _ym_isad Value: 2
.weborama.fr/	1970-01-20 12:14:42	Name: wbo_temps_reel Value: NDg1NzM2
.weborama.fr/	1970-01-20 21:40:35	Name: AFFICHE_W Value: znWhfB6OfKrO33
.xgwegewd.site/	1970-01-20 12:14:42	Name: _ym_visorc Value: b
.mc.webvisor.org/	1970-01-20 12:14:40	Name: sync_cookie_csrf Value: 55183523fake
.mc.yandex.ru/	1970-01-20 12:14:40	Name: sync_cookie_csrf Value: 2502933256fake
.webvisor.org/	1970-01-20 21:50:40	Name: yandexuid Value: 6082437191685680345
.webvisor.org/	1970-01-20 21:50:40	Name: yuidss Value: 6082437191685680345
.webvisor.org/	1970-01-20 21:50:40	Name: i Value: E2OyVs3xSPaO7mwydR0X444e3lOMWrS9pUPrW0WKUXaac6m4vAQh0a5vBDmkHeyxnXOUg4/d+pZKkVrBErUsy615JbQ=
.mc.webvisor.org/	1970-01-20 12:16:06	Name: sync_cookie_ok Value: synced
cstatic.weborama.fr/	1970-01-20 12:18:43	Name: _xttrk2_all Value: 1
cstatic.weborama.fr/	1970-01-20 12:18:43	Name: _xttrk2_ids Value: 1
cstatic.weborama.fr/	1970-01-20 12:18:43	Name: _xttrk2 Value: 1
cstatic.weborama.fr/	1970-01-20 12:18:43	Name: _xttrk2_mpub Value: 1
cstatic.weborama.fr/	1970-01-20 12:18:43	Name: _xttrk2_uk Value: 1
.tapad.com/	1970-01-20 13:41:04	Name: TapAd_TS Value: 1685680345615
.tapad.com/	1970-01-20 13:41:04	Name: TapAd_DID Value: cd831387-e712-40f6-aeec-5e9b458738b0
.adnxs.com/	1970-01-20 14:24:16	Name: uuid2 Value: 380322761712125255
.criteo.com/	1970-01-20 21:36:16	Name: uid Value: ae313bbd-db5e-404d-ac0d-2bee7f9c175a
.pubmatic.com/	1970-01-20 12:16:06	Name: KTPCACOOKIE Value: YES
.tapad.com/	1970-01-20 13:41:04	Name: TapAd_3WAY_SYNCS Value:
.doubleclick.net/	1970-01-20 21:36:16	Name: IDE Value: AHWqTUlJgAOImK8n8kd3qq5NIWT5EmcdWL0yFeNa2d_18C9Urr0eJaiL0fVyBryBBcE
.pubmatic.com/	1970-01-20 21:00:16	Name: KADUSERCOOKIE Value: 51FD899E-FEDE-42E9-A0CC-5F5A6D1DCB79
.yandex.ru/	1970-01-20 21:00:16	Name: ymex Value: 1717216345.yrts.1685680345#1717216345.yrtsi.1685680345
.amazon-adsystem.com/	1970-01-20 17:21:23	Name: ad-id Value: A8SQwlMnDEPNoZMdyybeWc8
.amazon-adsystem.com/	1970-01-20 21:50:40	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 12:36:16	Name: arcki2 Value: 3ehtW-7SPcbTwuQfqMw62FlJA!20220908!1685680345964!ip#84.19.175.165
.audrte.com/	1970-01-20 12:36:16	Name: arcki2_weborama Value: JCNqsknp3BfXQShD3xYzyO!20220908!1685680345966
.audrte.com/	1970-01-20 12:36:16	Name: arcki2_ddp2 Value: 3ehtW-7SPcbTwuQfqMw62FlJA!20220908!1685680346127

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cstatic.weborama.fr/js/topics/topics.js(Line 10) Message: Unrecognized feature: 'browsing-topics'.
network	error	URL: https://an.yandex.ru/meta/320977?target-ref=https%3A%2F%2Fnews.xgwegewd.site%2F&charset=utf-8&pcode-test-ids=775189%2C0%2C10%3B770133%2C0%2C57%3B767547%2C0%2C32%3B769344%2C0%2C43%3B771762%2C0%2C96%3B766726%2C0%2C62%3B777004%2C0%2C21%3B780720%2C0%2C8%3B776171%2C0%2C77%3B765112%2C0%2C99%3B770136%2C0%2C95%3B766403%2C0%2C28%3B780231%2C0%2C94&pcode-flags-map=eJytWNty2zYQ%2FZWOnjspryCZN5AEJVQkwQKgFSWTwSiJ4qhjOx3HTtNk8u9dgJREUg7kXF5smdYegHs7Z%2FfL7AILJRZspXCuSpySUhWMK1qrFNc14bOnL77MPm6u7rezpzPJWzL7fXa3%2FXBH38DfCPl%2BEM2%2Bvvz9CNNwlreZFIrVqsGtIFaEyE0Cv0MgNU5LokjGqiNISYXUl7mgOWH6A%2Fw3ZQrzagS7%2FfTPBDX0Q4OaU2FgM9bWUnGSU04yDYmbxn4zzwkC7%2FBu8CKqaktJOStLQKul%2FkC4WmGZLUiuJK2IYkUhiLTj%2Bp4TTXwmqYQr4jpXKcvXOhIN5rgiEvBzUmA4d4RZ4FKMQYMoQEdQTiRf6wDURK4YXyrCObOHMgpRECUHhD4YIsPws6RL%2BNjyC7IGxBVcSdB5bYdDTuRHJ3A%2Fg1Gyeq6KEs%2B1z9oyVxDBcq3Ekjad8y9w2Z7JtghFMRrFVN8FIGpFLghfrxaEn4OIgsA%2FQEDosyXUzZq1UomSwQ%2F6nEAY2zrHnBJxBix2A%2FeYC9J4CS4iKBv7Br7pO%2F7INnZ91OV4W9OS4RySRZcurkaJfXd7vx2YBV7sJ05nBq8vhKn1ic20ngZGkJuCkFqxVBAI5jiptjebV1fbkaWPvKSLYUGfqQrOWhA6X0hVS%2FuRQegnnWvWUBjkmeKtylmFaW0zC53I89HhvJSzJVwWzlJzTnOrpRuFfW5MD1TQRCSnqdXccx0UGPPnpPZU0UKbWNFcLhSt8JxYbQM3iJ2j7b5npYzroHKc01b89kiENdb37i6scLnCa2G39KPez3nRQOcQDashMXRFQU6PTD3Hcca2geN379xkLNdNFkxraT8vBJg%2BlQoGXiY6d%2FfnKfLMmhZwZBR5p%2Ba00F1zpYsIsvNHEPYXOOkivvOwdUkwr1XFuO48nOLJe3ujQ0PH6b3ccMo4lWuVroHVyKph3O4wFKG%2B9vZ50XNYJrjVMHGjeJCRFLoVBh6QCmcZRElYukSY%2BKHrjmxNFgtIabnQbmpwntN6bgcJwqC7uWFfSGW5bojy7bcO4igchKfiGfhJ0JSW4DX7cUmEvmmp6TArabY8c%2Foew5B9p4EUNNiCAsdT%2FRIFzuzVnMReT%2FDdPXqQTsJIZugdGCPFwBxHIWGDRI4X%2BN4oHAtiGj4ImlMinVq7oYe6OGi246SAKl8An85pZreL%2Fb6lwTULyiuds5zUe6ZpOEntTRVBV%2FTcUfIC63DIJBBjHXfqRikyrjlFCGvtIzdxg2CoFSeqsJdK8KCgNZUEkjRbgliw1hcKQgeh0RVFhblUf7WkJRr83LVChHoi1iQuFxwU3eRmRn%2FpDKQ19BeaG6lgBY3cqI84SLASTHu%2F40LXES20PFSG9e0BiOIEJQe6L0CS1Dmops5eM39jf7mxfbo0%2BsZqgRK%2Fj9LAQpiEGXvFfm4SONEBBXptrhGsqh%2BhOEDu9GRVgebH9rM8z%2Bl8PUhGrRe0Sl1KZvdQjALXPzlVzu1ngltjd5jLR1H8gKtM2z039aDEQ70ImFgXJdPCMO91uB0kifvE%2BxaIiecI4%2B3uk7refFLvtrvLd3ffgDMjl1qSFKcKtJl1fnOABEbZ3xUQyPN62DBqIDPTmuYtNEKVtnrCywi9sBdF5DpBzzGcq64nyhbIvCsuwxKmjtv54sz0CkhddZT4%2BdrUozJSaGj2ZfZ2e%2Ff6XbW5vdzdzJ66IQiK6%2Fevdldb8Xpztbu5nD31vo5QQ2AQgzrsRKCMVFpq0tBD8fCAF7Prze7qye093O2%2Fzc2b7Sf4%2FMfuenO5%2FTB6dLm5Nk%2FefN7edF%2FffNzdve8%2BXj8Z%2FPHmZtc%2F1cgHBHhwu%2Fl89f7zu%2F7fn2%2B73%2Fe3myc3238%2FnHzh7837650xffnwKw6L5hhae%2FhQ4Dunxjo%2F8ZnAg2VXdTWWkCbQHPi8bxFK4rlVKkND9gb9pSCQcpzgTMKwdsYw9B3vVBHQugEm1JLgO%2FVA5CMfxd8EHHQUPdo%2BEkkQeWBQA1O3VXrmHqHrR10kzKrHrFXAEoguJVnHMEaB2XsOwEROeBjagG%2B14pqW0YkV8hx3IE%2BgB3SbHugY2pd2Wx8Y1tjOwcqDG5dru0Gc9LuIfvugJTQn%2FerGrG00m4JG%2Bj6iiyLgOXcIbMZyuS7JvAWUX4naz5MMxnbIt%2B%2BGRH7v7ikxHBuyZG226M6CKUo3ZKllNyuZPY%2F0Xib8cWz9%2FRKGdpHhxp4zjzmoJ%2F2few299Oo2mURPeSOzTJZjs9CNj6s3s%2BfSzd7suhrOMiIEjFowZQqpnlXlmZWS4%2Fr%2B48G0pAdJqMQavPDroWFKVBXtnmclE5qlORTn2cXYj7yF2UG0vHw09l7wH3KhYSvCBb7Q2JVGA1zKxH52g8M7IVIRmILtVIOiMPj%2BxXbBmJYg0AbPSJiJyuZ6edy1QbsZiF3U7yFYBbOo0G2%2FYYLK6crxJLkjxxlNX5w0BEvTRjTVTN7kwdnr9c3d1XiJ6USeM5XBe9NzHcqCVtKKyn43rFeAQzt3XLJu3yjPdR4jNnUKa3oTUgszTv4kmTwXqdB1HxTUZvVf9Gx1fGkzJcLlT3f2ryevqxMZHddv020suMMDtTN2kGf0z9f%2FAVgipns%3D&pcode-active-testids=776171%2C0%2C77&pcode-icookie=%2FwZgfOX6nZ2xoJwt6seW6aErlCFR7gLYGks2J8A4XRp%2FcT7Y3Gpoy4LX0xen5U919mxFzv4xXqBnTRst3eyyEeW0fXM%3D&duid=MTY4NTY4MDM0NTMyOTg4ODA5MA%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=181419418583042&ad-session-id=73571685680345187&target-id=45894663&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fnews.xgwegewd.site&top-ancestor-undetermined=0&pcode-version=781642&pcodever=781642&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22supportHDRBrightness%22%3Afalse%2C%22isInIframe%22%3Afalse%2C%22w%22%3A801%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A639%2C%22top%22%3A975%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=1716&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoyOX0KSqg0kSSp7yIY1KdQpd9ppee-_nyqqPpNkfSLsqS7srvwvFvtO9QmdRL7iZJf0PuSragm6F_hS1f4aqBHCHCFMaOtqdt41fuL3HZoCCFmxowZM9dXRjADPV4s95WRPNDLZXoChQo-cYVYgaziCjGFn-D7KrU2wY9ijTbxQ18daRHEnegyxESXiREqNDC0iSaElRKo4yAAlZRAofQjpU8KPp08CDURYSzPVNokwIuV2opcmRVCkVR2QSnSahf06qbVq_Zp7IJT0BNdE0x0jZkexYP5JAuRRB0Gy5qJUxGkzRRbIPjEWtOPO06sTfC0FVJOU3CqU7DTyq5OWoWPFkJ1qrByqpcWSYFa3YclOuTqFWjVrawiSSuv8o9P-kiEBa2ggpLo8BjRxuCKURWHShKELvVD3EieahQyQnVEA9kfbQW4YFdmWkV_EXU50h8nfVz8X8a63-y0Ch6ifVouUTqQheYV7BM9GDyLVvhoeANGFWIgIzRzQh56Bf0O2QUlp_2zOXxho51hTyGY-Zg_sAA76sPQh-ZRpbY2SqoFQS1TfZ7gPLXvRuB1wB8ihy5U77ENeP-N1Gb82cwDc2cn5-6w8sknjJYWjMOzZ8SDnAxRWqDP-8o0_Bp0MNK7694ekh4-529xMs4i7d08g3uozmb7iNH0er2xAyCFGllAvguAPAl_kczMnDYRTkd-Wn1agX6E0oJpkhedCG_2xVhMtyFYX8jmst27DD_ANFo8YHcYc4YC6j560yS6xMzKpUps4AQc38cLiHQ6uSwIwvgKr45gRhHsL15ndLeReotnklvofmA9uHdz9bJxvzX-xm7NeSPvTW_6Xt6RM3LeVVa67jU-HZh3_T90evR21-ifwy4om-Sm-sx5pZvc4r2txYxsTpp1iNN1iGmk3mTNG9K0bfonWvyDN5fdAX9lKF8DVsOa2mu1oGA1My_zbQyMW7TR08jtEsaJ2ak5OauAO18u965VzsntUs9g3CD6EWGkJrPeISNmplUt7nu9rXgz5IpfUeDkQl_Z8_NgHFofKtfIA_ExuSuduWUfHZw2D7ugLfDKWqq89VdqZVF2Iw59XFgRriaLIPIK7uncyr21GR7yNynazU-Us7NV2xfBJyIq6B8TlLz8DX3IsgwcOKKS43dou7agw1vca2PMLnF2V45zo0sK6mXUu3ULp_y3giCUqUgCBWwFeXsXr0-6YCbw2_Y38gc-BXptFIyWoaLVJJXikzJEwkUkKeWG73q2s0nMD60CdlsrM5jQbPCWo5SFOvAKVayEE_pk-gBEXk_z_vORO7tmrt8GOzUl1gwtOjAhYrVbuoRkYkCwUhGdgLuaWzt5x26bTPem2q00hc-i56f35LkGvoAGIybXIbhTv_WwpIOe8l2cFqxx99JWrT7A8rHte2h3gtm6w-sguAC-EqHlRhA2Uqw9mvnc5rat9TsUbFQBfensoh36StdPx8mQfMgteyzGisERduEwWF6kXs354JvbKdA_hX6Vl6e2Mt-bRu9DQUTZ4gJ7o5YFEKXcQ4aaOZeO3N1ikSyec3ceT_MjgrW5xT06APzU6Vg5x2Tk6GybWlyb1AyLaPxLy_oV50QDozwonyymQ9cS95bVM6fVxZP10Z3Yo7BtkIGjcQV8sAxgU9eAFwH6&uniformat=true&callback=Ya%5B3875210549482%5D Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/401736.gif?partner_uid=JCNqsknp3BfXQShD3xYzyO Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
an.yandex.ru
bsd.frontend.weborama.fr
cdn.jsdelivr.net
cm.g.doubleclick.net
cstatic.weborama.fr
ds.frontend.weborama.fr
dx.frontend.weborama.com
fonts.googleapis.com
fonts.gstatic.com
gnezdoruanalytics.solution.weborama.fr
gum.criteo.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
mc.webvisor.org
mc.yandex.ru
news.xgwegewd.site
pixel.tapad.com
rd.frontend.weborama.fr
secure.adnxs.com
stats.g.doubleclick.net
wam-google.solution.weborama.fr
www.google-analytics.com
www.google.com
www.google.de
yastatic.net
zn2.2xclick.ru
149.5.244.53
172.217.18.2
185.89.210.180
195.54.48.25
195.54.48.26
198.47.127.19
2001:4860:4802:36::178
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a04:4e42:600::485
34.107.182.139
34.111.113.62
34.111.131.239
34.111.205.194
34.149.247.216
35.190.24.218
35.244.174.68
54.237.77.135
67.220.228.202
93.184.221.133
93.95.103.233
93.95.99.151
01266b002c3a5fd944f5d5a6c9a7bcedf1274ea6c9baef3d2f14457d364014da
0216044649e4707ef49cd045b45b31f0de5e4bc560aa0e42eed73d270edf0ee0
02fcaaf5ebc88086c8419e601a727757c93562f2ab2a0ce8ecc4d5ae0db71226
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03e4f140bc200eaef205fca6ff44f43e4dc41ca3d19aa065fc3a3502122ffcd1
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0a924046f0b14d70ccdb131e8d238aa5305da4fc8db674e3aaf3abd9438134a4
0c51922d39f4e8913387848d2f7600901561b07d0bd9acef3206671bc0659791
12e962ae6c9aa87c208116c5bb76c0af4bd213ab5859fcafb7645c5d1176bded
1c38153acac347bda02a24b09e16db230167f0a51d6d1974ff1e505c1282bdd6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ee3db66b6020b8e8206b47ff4f16dde5d3fce9bc4c8ed14fe1f10e452b9e11d
320eb99d23af0b205405fbf15e0d6fda6f3ea2c8384d4c63488366ae3c5ce7b2
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
366b852a67aeca6a82b972ff59d842387c2a000f984976700ee15fb1045d19fa
37a2a7e4ce3b9697de200ee646207527d10964900c1f18daf90b3e1b8ddc3708
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f08bcbb219989f7dc3866386e63e99a1b33ad06582c65f3152df999585ff1fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
724d685239669ac4db6763d8fc4ff79d629067941a7bc5b738ef8a46f3970df1
7a202351052eeb3d1991be689a940418d034dc83390ae15eb06af8a11e79478a
840f575220d6b42197251483e8b3b486bce6f7c4c4bddfff022580d3bb39ce4b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
95f9f7d5fc896cddb14ac87de2c177488da4249aa25c977a620cf99463d615d4
963d16d534b04bbe5a6f4b6182a6e3f66bedfe60538bf577b4c6afeea483287d
9b6b5e0c551bac6ccde502c3bf5c75d1efe6b1da975c0d251a4a17b8adcc74a5
9fd12c26d9c56491d51903626b940b98d95b99c726560a947c6ab5c56c68b986
ace4ecd36bf785fb1a8c6904475ecfafe7949386c7afbc874eef6ccb4a9f851f
ae600a9b563ae4a1e563d2caed7e5cd9426960d62a73aea16ba6a80c130b4b59
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b42e7c13e71bb112dd31d77e1047d189a1b28824f1a5e34e4d9eaf2cfaed4c2b
b59d5d931ece7fab4c2378e6e3979c793f6e52e8a1bc6e7c1fa569e03d96f49f
bd0fb648048293de8c2046ace7235372bed92f5e6cbd46f5411da0bfe4adf44f
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
bfbd4000d081890780c811f934b776b229875b1451cf21c5b7f5c352bb53bf1a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cd901589a3b7d5c283b32d51cb7e5ca80f59301621b65ef0898837e95e782c3b
d05d4d69100284cb991eb0227b0859cc2942030d0ba419eee2e4aa55293b96db
da6bda75d9bc1435e4e9229dd7da6ddd4493befc39cd462d99d0df78361efbf6
daa6e706a0764c808758a080119ca8c914f453bb753686d2255518d7c3d93a84
db061c1b2318c93cc4273c6d7f182d7e84c3780784a5330ed7430c12a092ecfc
de57d85664416c72270f198e33c729e29533ff22a82c0e3fa53e3aa490a86c5b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e997c350a113c5629432c0cfbaa960874da77cc36b1420658a678d4e3c7f4baf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0afe0bd0f2d59875ff57857b9b8a91d8708ade1f6da6345828040de1e7e2001
f6f11d50372d88190696b17264e1609349ae7195af0cd44e95ffe632f8a322f3
f881bb2e957b90562cd60b9d264f69d322113aec369183632511504038d7aa02
fddb6fcfd2c86ef930d5427c3e664c6243d0fe3e9fda457e47a8bc5a852e0fc9
ff1804d5f3405529ecd84dfe1d51d53cf6df67ccb88c28baf8b96fdd78ff96f7

news.xgwegewd.site Open in urlscan Pro 93.95.103.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

84 %HTTPS

38 %IPv6

21 Domains

29 Subdomains

23 IPs

7 Countries

890 kBTransfer

1896 kBSize

40 Cookies

0 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.xgwegewd.site Open in urlscan Pro
93.95.103.233 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

84 %
HTTPS

38 %
IPv6

21
Domains

29
Subdomains

23
IPs

7
Countries

890 kB
Transfer

1896 kB
Size

40
Cookies

77 HTTP transactions
0 data transactions