margarets-devised-502782.appspot.com Open in urlscan Pro
2a00:1450:4001:812::2014 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Submission: On August 18 via api (August 18th 2023, 9:24:35 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 49 HTTP transactions. The main IP is 2a00:1450:4001:812::2014, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is margarets-devised-502782.appspot.com.
TLS certificate: Issued by GTS CA 1C3 on July 17th 2023. Valid for: 3 months.

This is the only time margarets-devised-502782.appspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a00:1450:400... 2a00:1450:4001:812::2014	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a11:27c0::93 2a11:27c0::93	210756 (EDGECENTE...) (EDGECENTERLLC)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	143.204.9.126 143.204.9.126	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 3	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	3.161.119.21 3.161.119.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:652	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	51.250.75.211 51.250.75.211	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	2600:9000:239... 2600:9000:2394:4400:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	54.172.29.48 54.172.29.48	14618 (AMAZON-AES) (AMAZON-AES)
49	21

12 2a00:1450:4001:812::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

margarets-devised-502782.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a11:27c0::93 (Russian Federation)

ASN210756 (EDGECENTERLLC, RU)

cdn-plus.roxot-panel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.vkbuikq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.9.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-126.mxp64.r.cloudfront.net

thetruestory.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-21.vie50.r.cloudfront.net

st.thetruestory.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:652 (United States)

ASN13335 (CLOUDFLARENET, US)

rsm.zona.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.250.75.211 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:4400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.29.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-29-48.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	appspot.com margarets-devised-502782.appspot.com	997 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 10691	3 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 stats.g.doubleclick.net — Cisco Umbrella Rank: 122	128 KB
4	thetruestory.news thetruestory.news — Cisco Umbrella Rank: 435355 st.thetruestory.news	17 KB
4	vkbuikq.net s3.vkbuikq.net	2 MB
3	skcrtxr.com cdn.skcrtxr.com — Cisco Umbrella Rank: 96601 skcrtxr.com — Cisco Umbrella Rank: 81252	121 KB
3	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 13253	1 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3768	60 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2706	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5345	515 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	160 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1431	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1722	15 KB
1	zona.media rsm.zona.media	259 B
1	gstatic.com www.gstatic.com	182 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	28 KB
1	roxot-panel.com cdn-plus.roxot-panel.com — Cisco Umbrella Rank: 569986	1 KB
49	18

	Domain	Requested by
12	margarets-devised-502782.appspot.com	margarets-devised-502782.appspot.com
7	mc.yandex.com	3 redirects margarets-devised-502782.appspot.com
4	s3.vkbuikq.net	margarets-devised-502782.appspot.com
3	www.tns-counter.ru	1 redirects margarets-devised-502782.appspot.com
3	mc.yandex.ru	2 redirects margarets-devised-502782.appspot.com
3	thetruestory.news	margarets-devised-502782.appspot.com thetruestory.news
2	cdn.skcrtxr.com	cdn-plus.roxot-panel.com cdn.skcrtxr.com
2	www.google.de	margarets-devised-502782.appspot.com
2	stats.g.doubleclick.net	www.googletagmanager.com margarets-devised-502782.appspot.com
2	securepubads.g.doubleclick.net	www.googletagservices.com margarets-devised-502782.appspot.com
2	www.google-analytics.com	www.googletagmanager.com margarets-devised-502782.appspot.com
2	www.google.com	margarets-devised-502782.appspot.com
2	www.googletagmanager.com	margarets-devised-502782.appspot.com www.googletagmanager.com
1	ping.chartbeat.net
1	static.chartbeat.com	margarets-devised-502782.appspot.com
1	skcrtxr.com	margarets-devised-502782.appspot.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rsm.zona.media	margarets-devised-502782.appspot.com
1	st.thetruestory.news	thetruestory.news
1	www.gstatic.com	www.google.com
1	www.googletagservices.com	margarets-devised-502782.appspot.com
1	cdn-plus.roxot-panel.com	margarets-devised-502782.appspot.com
49	22

This site contains links to these domains. Also see Links.

Domain
donate.zona.media
meduza.io
vk.com
www.facebook.com
connect.ok.ru
twitter.com
t.me
mediazona.by
mediazona.ca
www.instagram.com
www.youtube.com
ok.ru
telegram.me
www.tiktok.com

Subject Issuer	Validity	Valid
*.appspot.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.dmtgvn.com R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
vkbuikq.net E1	`2023-07-28` - `2023-10-26`	3 months	crt.sh
thetruestory.news Amazon RSA 2048 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2022-12-16` - `2024-01-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
st.thetruestory.news Amazon RSA 2048 M02	`2023-02-13` - `2024-03-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.skcrtxr.com R3	`2023-08-14` - `2023-11-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Frame ID: F3736162E19FD8022537512CEEA2C5D9
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

МВД объявило в розыск журналиста Карена Шаиняна

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

49
Requests

92 %
HTTPS

80 %
IPv6

18
Domains

22
Subdomains

21
IPs

4
Countries

4259 kB
Transfer

6242 kB
Size

21
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://donate.zona.media/?utm_campaign=website&utm_source=button
Title: Поддержать

Search URL Search Domain Scan URL

URL: https://meduza.io/feature/2020/11/29/eto-ne-ya-slishkom-vysovyvayus-eto-vy-slishkom-ne-vysovyvalis
Title: ведет

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen
Title: 1

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=833237983506081&display=popup&href=https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen
Title: 0

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen
Title: 0

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0%20https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen%3Futm_source%3Dmediazzzona%26utm_medium%3Dtelegram%26utm_campaign%3Dtelegram

Search URL Search Domain Scan URL

URL: https://mediazona.by/
Title: Медиазона. Беларусь

Search URL Search Domain Scan URL

URL: https://mediazona.ca/
Title: Медиазона. Центральная Азия

Search URL Search Domain Scan URL

URL: https://twitter.com/mediazzzona

Search URL Search Domain Scan URL

URL: https://vk.com/mediazzzona

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mediazzzona/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mediazzzona/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/mediazzzona/

Search URL Search Domain Scan URL

URL: https://ok.ru/mediazzzona

Search URL Search Domain Scan URL

URL: https://telegram.me/mediazzzona

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@mediazona

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.tns-counter.ru/V13a***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219

Request Chain 35

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10099.t3bH70S7JmRlkOhCnbVQTVkPgUXvvrdhrr8-xZE3NwO6YROURa9dTdHFs3ONo14L.kR5ywPIQtyb1WXH9P4Xbhxgzja8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10099.S-19AgO1AV7Ct0WRIMGPUl50rTGnNA6dmbRxQJzGEg-YD2_dNNeLGzpmJw_xa7u8NCnM90DPDL91fiPwmEz4TjZK_TLbQ5PCycdjCvOZBMU%2C.xL5cOoSzRds_uzvVXc1NHXD_Nkc%2C

Request Chain 47

https://mc.yandex.com/watch/25839866?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A118020859219%3Ahid%3A137784383%3Az%3A120%3Ai%3A20230818112430%3Aet%3A1692350671%3Ac%3A1%3Arn%3A515025190%3Arqn%3A1%3Au%3A1692350671977900401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A18%2C86%2C938%2C14%2C0%2C0%2C%2C495%2C0%2C%2C%2C%2C1553%3Aco%3A0%3Acpf%3A1%3Ans%3A1692350668826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692350671%3At%3A%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/25839866/1?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A118020859219%3Ahid%3A137784383%3Az%3A120%3Ai%3A20230818112430%3Aet%3A1692350671%3Ac%3A1%3Arn%3A515025190%3Arqn%3A1%3Au%3A1692350671977900401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A18%2C86%2C938%2C14%2C0%2C0%2C%2C495%2C0%2C%2C%2C%2C1553%3Aco%3A0%3Acpf%3A1%3Ans%3A1692350668826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692350671%3At%3A%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 48

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10099.iP6dkXbB_T12N21nac_Hws8etRIhQ8nEcePO3kHKiim6eE4gi6dEcDd4_p-qvGUt.xgqHA41Lj8_KC46HmYfsnbYbpPk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10099.izQts9JS5_QsJSz1NPb9FitPJ2iLVVhRVLlq8cMwL-Aa5VOz6dUr82UJ2qajd-6VPFCNm_t5ap4Ttzjt0QcHSF-U6OZEVRdnnO2Wpu-Zl5o%2C.rrhwvBA73yONX310c5b6_sgjBI8%2C

49 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rozysk_karen Show response
margarets-devised-502782.appspot.com/news/2023/08/18/ 60 KB
20 KB 1043ms
938ms Document
text/html 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a3687c40b7a793b82a2f74c8e7290bf742482fbe0edb5a8086102a3be4f6f865

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: s-max-age=200, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7f891aa12da54c49-MXP
content-encoding: gzip
content-length: 20117
content-type: text/html; charset=utf-8
date: Fri, 18 Aug 2023 09:24:29 GMT
none
server: Google Frontend
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding Accept-Encoding
x-appengine-log-flush-count: 1
x-cloud-trace-context: 8560e758e413b0417459a2fd36374091;o=1

GET
H2 200 main.04f373be980ef4013b67.css
margarets-devised-502782.appspot.com/css/ 263 KB
55 KB 210ms
208ms Stylesheet
text/css 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/css/main.04f373be980ef4013b67.css

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

d4baf7dfa56c416e80c6854c5a3315455f674859bcc20c897e1a89a8c724c707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
date: Fri, 18 Aug 2023 09:24:29 GMT
age: 967
x-appengine-log-flush-count: 1
content-length: 56509
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:22 GMT
server: Google Frontend
etag: W/"64dd4be2-41d76"
vary: Accept-Encoding, Accept-Encoding
none
content-type: text/css
x-cloud-trace-context: 9f3ea0592e3364771d375d900e8ba762
cache-control: max-age=7200
cf-ray: 7f891aa72bed0d69-MXP
expires: Fri, 18 Aug 2023 09:38:22 GMT

GET
H2 200 Graphik-Bold-Cy-Web.woff
margarets-devised-502782.appspot.com/font/ 64 KB
65 KB 107ms
105ms Font
application/font-woff 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/Graphik-Bold-Cy-Web.woff

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

85c6f093a018f2f414319ebf4b1b5ef62c9e34be9d809205a71bc153f1b1effd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1792
x-appengine-log-flush-count: 1
content-length: 65840
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: W/"64dd4bcd-10130"
none
vary: Accept-Encoding
content-type: application/font-woff
x-cloud-trace-context: 310181f2c316262317f49c3371e13e7e
cache-control: max-age=7200
cf-ray: 7f891aa71d135a13-MXP

GET
H2 200 Graphik-Regular-Cy-Web.woff
margarets-devised-502782.appspot.com/font/ 60 KB
60 KB 131ms
129ms Font
application/font-woff 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/Graphik-Regular-Cy-Web.woff

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

89d1f7b5a549ede92b11326126469a431e4a046ad287a7fe0347b32a9bdd4bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5573
x-appengine-log-flush-count: 1
content-length: 61038
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: W/"64dd4bcd-ee6e"
none
vary: Accept-Encoding
content-type: application/font-woff
x-cloud-trace-context: 47cfb1d54a5379f04e7539d2518d28fc
cache-control: max-age=7200
cf-ray: 7f891aa71dc94c49-MXP

GET
H2 200 firamono-regular-webfont.woff2
margarets-devised-502782.appspot.com/font/firamono/ 29 KB
29 KB 117ms
115ms Font
application/octet-stream 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/firamono/firamono-regular-webfont.woff2

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

c35755c3299bb1739908187102395e0c33a962a9d4d1764124b0d9eb80d10909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3806
x-appengine-log-flush-count: 1
content-length: 29904
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:22 GMT
server: Google Frontend
etag: "64dd4be2-74d0"
none
vary: Accept-Encoding
content-type: application/octet-stream
x-cloud-trace-context: 79815d190dd500d83b8ed59c1792ca4c
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7f891aa719fa0e56-MXP

GET
H2 200 firamono-bold-webfont.woff2
margarets-devised-502782.appspot.com/font/firamono/ 29 KB
29 KB 141ms
140ms Font
application/octet-stream 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/firamono/firamono-bold-webfont.woff2

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

24bc5f6147aaf087cda91a5874c9f2a64fe75037dfd20b1a3ff0ca5f584f9eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3385
x-appengine-log-flush-count: 1
content-length: 29868
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: "64dd4bcd-74ac"
none
vary: Accept-Encoding
content-type: application/octet-stream
x-cloud-trace-context: 59262289d4ad75b1c50c5b372826ac25
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 7f891aa71cea0e13-MXP

GET
H2 200 WilliamTextStd-Regular.woff
margarets-devised-502782.appspot.com/font/williamtext/ 246 KB
246 KB 222ms
221ms Font
application/font-woff 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/williamtext/WilliamTextStd-Regular.woff

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

6dc415f1743764c2fb44cd16d108a6a1012b63a54ec44f475ae6e84f647abfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3399
x-appengine-log-flush-count: 1
content-length: 251668
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:22 GMT
server: Google Frontend
etag: W/"64dd4be2-3d714"
none
vary: Accept-Encoding
content-type: application/font-woff
x-cloud-trace-context: 42ea4ab00815c425da3ed5699f9b197e
cache-control: max-age=7200
cf-ray: 7f891aa71dc959ef-MXP

GET
H2 200 WilliamTextStd-RegularItalic.woff
margarets-devised-502782.appspot.com/font/williamtext/ 291 KB
291 KB 245ms
244ms Font
application/font-woff 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/williamtext/WilliamTextStd-RegularItalic.woff

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0b39671bd2a9cffcec3c8fed2783bc2460d3abf88e9e447ef43783309c7b467b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2854
x-appengine-log-flush-count: 1
content-length: 297536
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: W/"64dd4bcd-48a40"
none
vary: Accept-Encoding
content-type: application/font-woff
x-cloud-trace-context: 47a74bf0ef700c7f8d50faa2a7c00084
cache-control: max-age=7200
cf-ray: 7f891aa729460e91-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 205 KB
70 KB 158ms
68ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76cee8c907b93915fed281e7f8f7453094eccd909ec6078cf03c240fbcb34554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71143
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Aug 2023 09:24:30 GMT

GET
H2 200 roxot-manager.js Show response
cdn-plus.roxot-panel.com/roxot-wrapper/js/ 3 KB
1 KB 384ms
79ms Script
text/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=56d60cf6-fe21-45d9-9499-2f7c8fa84c36
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3040c807f8356c6011f11240fccf5c280c4d761bc3c57519b5e16e906ca62f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: m9-up-gc85
date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2023-08-18T09:20:04+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600, public, s-maxage=600
cache: HIT
x-node: m9-up-gc85

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 140ms
49ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

158589b741eac0343f21e5729a7cac29619c17c33f614d75123c4036692b994b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
x-xss-protection: 1; mode=block
expires: Fri, 18 Aug 2023 09:24:30 GMT

GET
H2 200 3de02d75c5700c1187c07b5bd60cb1da
s3.vkbuikq.net/i/ 749 KB
750 KB 251ms
126ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.vkbuikq.net/i/3de02d75c5700c1187c07b5bd60cb1da

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be629880d6a79a7e79eaf34283cbf24a40f2779f2f4ffe4f41708dde12222ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
x-amz-version-id: 6Kn0qDBbK9AJpFqtCv7crUis1Isp.Tif
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VPGMHAQC78P2GS2G
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 766739
x-amz-id-2: lMHa5PKMz7v8mJbBJsTSOf0OK0xRvgBBKEOHnDVYO7f7gffdhJdIiXB8jrn6IJxNj4FnZn5Ufq0=
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Aug 2023 09:00:46 GMT
server: cloudflare
etag: "9502a7ce3b41565cc122b7e6b44fffe3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KharimosBdhfOaihQSfJEB3n%2FG3qZdA1EohxmUPGXuwoF9cTkn1cw%2BOTogpFayAR1ncCM48kIzVzQ%2BjvAElsMkNFmYdr%2FEu1EeAgvjnNlxJXrcR9jkRRHIkAYer7brh8SyEYA%2BqWbcpcLeatmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7f891aa93c4b4da4-FRA

GET
H2 200 widget-top.iife.js Show response
thetruestory.news/ 30 KB
10 KB 174ms
62ms Script
application/javascript 143.204.9.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruestory.news/widget-top.iife.js
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-126.mxp64.r.cloudfront.net
Software: /
Resource Hash: 64a0f8a6de9f2dd1e81769d17b128e122aeb395f4964bf15601be94d6fffaf02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: gzip
via: 1.1 932fae480d62106deccf09cea69a7db2.cloudfront.net (CloudFront)
last-modified: Wed, 16 Aug 2023 23:01:00 GMT
x-amz-cf-pop: MXP64-C1
etag: W/"7922-18a0094b3e0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: p92Eayg_PD7wM_wuO-0iwDhNVPpdh7i7WvoZFx7DCAF5x4mk9pY9EA==

GET
H2 200 df0a9b38cab7c2c20f8839468edd6e9b
s3.vkbuikq.net/i/e/ 1 MB
1 MB 251ms
126ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.vkbuikq.net/i/e/df0a9b38cab7c2c20f8839468edd6e9b

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7435dde16fa0aa5b0ab1627f904a9f313409faa33effe9fb6ce54ce78cdb2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
x-amz-version-id: VuLQZZLc1AvGVjFywDtL0mziG76K6nCX
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VPGT88ZRVW49Z2EY
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1481908
x-amz-id-2: duxEu6tcBiGscFtyzXODbGmHvdWBUFxMOcMt+7N8YKxkpkOTOvAdpLrOjPjCFBHEfZiKeVtj70Y=
x-xss-protection: 1; mode=block
last-modified: Thu, 17 Aug 2023 08:39:24 GMT
server: cloudflare
etag: "049aa57a458dabce35721c7c1de32f47"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jotN8vtI04VhhjQdMqdmRiRVIex2Dgh5PlkphvfdX%2FZqMNOv0lgPseY7DhJcYg1RhpJdS5bMgdw02ZsqX8ndOBpXDpdu%2BJJyuIkadE2TmzRycWOXSBr1ixzNrDItxnEBpGTAElO0dvfEvMeoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7f891aa93c4c4da4-FRA

GET
H3 200 main.8bc7ca08.js Show response
margarets-devised-502782.appspot.com/js/ 377 KB
136 KB 128ms
126ms Script
application/javascript 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

632e2cd8ca492d89ba44932e537974a0eb6c910204d648ed6d1138a101eed56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
date: Fri, 18 Aug 2023 09:24:30 GMT
age: 1664
x-appengine-log-flush-count: 1
content-length: 138980
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: W/"64dd4bcd-5e574"
vary: Accept-Encoding, Accept-Encoding
none
content-type: application/javascript
x-cloud-trace-context: 862cb92c297fba855b2d966590d15e6b
cache-control: max-age=7200
cf-ray: 7f891aa8bb230e91-MXP
expires: Fri, 18 Aug 2023 09:26:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 97 KB
28 KB 234ms
144ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

257900ac4b1f41c266f969df486b1b5afa41acdb1441d4590b0b3edf4e590cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28543
x-xss-protection: 0
server: cafe
etag: 418 / 19587 / 31077123 / config-hash: 7328467961731406261
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 09:24:30 GMT

GET
H3 200 counter
margarets-devised-502782.appspot.com/ 35 B
58 B 210ms
209ms Image
image/gif 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://margarets-devised-502782.appspot.com/counter?postId=76351&t=0.29918795120516717

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:30 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 24 Jul 2023 07:51:30 GMT
server: Google Frontend
etag: W/"23-18986e1c3d0"
none
content-type: image/gif
x-cloud-trace-context: 108bcdb6a0457346d68efe99017286be
cache-control: public, max-age=0, s-max-age=200, max-age=0
accept-ranges: bytes
cf-ray: 7f891aa8bdc80d69-MXP
x-appengine-log-flush-count: 1
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 168 KB
59 KB 298ms
148ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-eb67"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 60263
expires: Fri, 18 Aug 2023 10:24:30 GMT

GET
H2 200 tcounter.js Show response
www.tns-counter.ru/ 552 B
803 B 235ms
75ms Script
application/javascript 2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tns-counter.ru/tcounter.js
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: 92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
last-modified: Tue, 31 Jan 2023 12:18:17 GMT
server: ms-counter-4.0.4/1.22.1
etag: "63d90709-228"
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
cache-control: max-age=20736000
accept-ranges: bytes
content-length: 552
expires: Sun, 14 Apr 2024 09:24:30 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/ 453 KB
182 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/QybaJej5brGL8d7EvWmfKMZU/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://margarets-devised-502782.appspot.com/
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:50:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186041
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 14:49:49 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Aug 2024 05:50:12 GMT

GET
H2 200 mediazona Show response
thetruestory.news/api/widget/ 5 KB
2 KB 201ms
103ms Fetch
application/json 143.204.9.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruestory.news/api/widget/mediazona
Requested by: Host: thetruestory.news
URL: https://thetruestory.news/widget-top.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-126.mxp64.r.cloudfront.net
Software: /
Resource Hash: e9cc272ab36384932b33e5cc00fe9f0b8553d339394959fd0c634a72604bff52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:21:56 GMT
content-encoding: gzip
via: 1.1 724ae8639c3b24c0f2bb4704d434f5be.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
age: 154
etag: "81jrtqdcaz3sc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=3600, public, stale-while-revalidate
x-amz-cf-id: Bct6_DE98BNX-f9MRN9NzYVcilcxXc3eDssliCZjUsK-tQjoRcqcEw==

GET
H2 200 main Show response
thetruestory.news/api/widget/ 10 KB
5 KB 159ms
62ms Fetch
application/json 143.204.9.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thetruestory.news/api/widget/main?with_icons=1&edition=ru&limit=5&slug=mediazona
Requested by: Host: thetruestory.news
URL: https://thetruestory.news/widget-top.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-126.mxp64.r.cloudfront.net
Software: /
Resource Hash: e1d38002c1197317e565770a1f57d936c52a1ea5f0f6b3b576293a2e095b16b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:22:32 GMT
content-encoding: gzip
via: 1.1 724ae8639c3b24c0f2bb4704d434f5be.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
age: 118
etag: "t1qw2cfypp7oj"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=120, max-age=120, public, stale-while-revalidate
x-amz-cf-id: Lm31t8YMU7E0S632Tt2YT2xGc6l2G6h29LgIhpi1TytAyenbiRJHHA==

GET
H2 403 null
s3.vkbuikq.net/ 0
0 115ms
115ms Image
application/xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.vkbuikq.net/null
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 df602b20db5df6d852203891c6fb354c
s3.vkbuikq.net/i/e/ 324 KB
325 KB 146ms
146ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.vkbuikq.net/i/e/df602b20db5df6d852203891c6fb354c

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

036b53b0f9d524f39394624f82970f1a760597512566e6c984d9388c2a31b8d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
x-amz-version-id: OEhwj315trurGwWTYX_CyvbPmubr.uUH
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: VPGQ0CG3TP9MT9G1
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 331464
x-amz-id-2: RK9dWT9yik4gpRgB1pEeohIWQbhjnl5yOqXc5INh4OqXyQHVTKtzUl3IbpCRhet7Ecyshbb80tPSNeuy+8l2XA==
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Aug 2023 06:37:50 GMT
server: cloudflare
etag: "e9248d2f4e473ce1dc2b7b3e0967459b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVQ4KYEq%2BmxQH64tKRR3BUMWDZEtd5JZVzz8ZwD7tSB6u3bbAzM5doZ%2BElQAm%2FBfYCpyI3%2FikC5TpVDJTjHkdwtos4oTo9TCT6kGvHCgj0OOQjDytaQrnvybXVsXMef%2B%2F626poiU5gcA3APycw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 7f891aa99ca94da4-FRA

GET
H3 200 Graphik-Medium-Cy-Web.woff
margarets-devised-502782.appspot.com/font/ 65 KB
65 KB 109ms
108ms Font
application/font-woff 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/font/Graphik-Medium-Cy-Web.woff

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/css/main.04f373be980ef4013b67.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

3378f5008e0f5a080b11fe9bc142af6f07a78c3a9b9eaf98cddf08ddf94a2eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://margarets-devised-502782.appspot.com/css/main.04f373be980ef4013b67.css
Origin: https://margarets-devised-502782.appspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4898
x-appengine-log-flush-count: 1
content-length: 66984
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 16 Aug 2023 22:21:01 GMT
server: Google Frontend
etag: W/"64dd4bcd-105a8"
none
vary: Accept-Encoding
content-type: application/font-woff
x-cloud-trace-context: 963f4376a8a3373b845f753e0ed94c82
cache-control: max-age=7200
cf-ray: 7f891aa9d8ce5a13-MXP

GET
H2 200 w Show response
st.thetruestory.news/ 3 B
412 B 161ms
45ms Fetch
text/plain 3.161.119.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://st.thetruestory.news/w?slug=mediazona
Requested by: Host: thetruestory.news
URL: https://thetruestory.news/widget-top.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-21.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 06:19:47 GMT
via: 1.1 f811752792f4ce137c80f3c4c59d11a8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 11084
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3
last-modified: Mon, 13 Feb 2023 12:20:19 GMT
server: AmazonS3
etag: "eff5bc1ef8ec9d03e640fc4370f5eacd"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: xdsJPtGDLvPmRdIEdpGNEnHBUbxbha7x7Iij9vHToCSpN9wd3bnQNQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
43ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 18 Aug 2023 07:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5687
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 18 Aug 2023 09:49:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8VFP5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

868e06ec90d0c14013d42116decdccbc304d1dd01f6c686d263b8598fd8191bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 18 Aug 2023 09:24:30 GMT

GET
H2 200 campaigns Show response
rsm.zona.media/ 2 B
259 B 162ms
68ms XHR
text/plain 2606:4700:10::ac43:652
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsm.zona.media/campaigns?rnd=965
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:652 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: */*
Referer: https://margarets-devised-502782.appspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7f891aaaa87b377b-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 2

GET
H3 200 _shares Show response
margarets-devised-502782.appspot.com/ 45 B
94 B 519ms
518ms XHR
application/json 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://margarets-devised-502782.appspot.com/_shares?url=https%3A%2F%2Fzona.media%2Fnews%2F2023%2F08%2F18%2Frozysk_karen

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

4b34ff96419107c60c08f09b3089619ddadde39ddac8473dcad25c70807aab6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
server: Google Frontend
date: Fri, 18 Aug 2023 09:24:30 GMT
etag: W/"2d-cnfmlpXqtL2Enxljdye3M+n4sfg"
vary: Accept-Encoding, Accept-Encoding
none
content-type: application/json; charset=utf-8
x-cloud-trace-context: 626998b906d7e931cf2b0e7065cc57fd
cache-control: s-max-age=200, max-age=0
cf-ray: 7f891aaa4ffd0d69-MXP
x-appengine-log-flush-count: 1
content-length: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

506891219
www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219
https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219

43 B
296 B

79ms
78ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*zonamedia_ru/ru/UTF-8/tmsec=zonamedia_total/506891219
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ 402 KB
127 KB 141ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 19:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50309
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129634
x-xss-protection: 0
server: cafe
etag: 8962464231799197432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 16 Aug 2024 19:26:01 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 58 B
602 B 174ms
76ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=margarets-devised-502782.appspot.com

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0241397dd6d01420d431e3d6e2b0c4c5852872d286686f5e41b3134819525918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Fri, 18 Aug 2023 09:24:30 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
268 B 140ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MQ4BHWPRFV&gtm=45je38g0&_p=1729862691&_gaz=1&cid=379360719.1692350671&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692350670&sct=1&seg=0&dl=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&dt=%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
268 B 146ms
48ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MQ4BHWPRFV&cid=379360719.1692350671&gtm=45je38g0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MQ4BHWPRFV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 166ms
80ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MQ4BHWPRFV&cid=379360719.1692350671&gtm=45je38g0&aip=1&z=2120406047

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10099.t3bH70S7JmRlkOhCnbVQTVkPgUXvvrdhrr8-xZE3NwO6YROURa9dTdHFs3ONo14L.kR5ywPIQtyb1WXH9P4Xbhxgzja8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10099.S-19AgO1AV7Ct0WRIMGPUl50rTGnNA6dmbRxQJzGEg-YD2_dNNeLGzpmJw_xa7u8NCnM90DPDL91fiPwmEz4TjZK_TLbQ5PCycdjCvOZBMU%2C.xL5cOoSzRds_uzvVXc1NHXD_Nkc%2C

43 B
67 B

75ms
75ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10099.S-19AgO1AV7Ct0WRIMGPUl50rTGnNA6dmbRxQJzGEg-YD2_dNNeLGzpmJw_xa7u8NCnM90DPDL91fiPwmEz4TjZK_TLbQ5PCycdjCvOZBMU%2C.xL5cOoSzRds_uzvVXc1NHXD_Nkc%2C

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10099.S-19AgO1AV7Ct0WRIMGPUl50rTGnNA6dmbRxQJzGEg-YD2_dNNeLGzpmJw_xa7u8NCnM90DPDL91fiPwmEz4TjZK_TLbQ5PCycdjCvOZBMU%2C.xL5cOoSzRds_uzvVXc1NHXD_Nkc%2C
date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 523 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977724573f0a58c29d5c9e18e662946546ff26ce2070b17aa325dcd4c54d51f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 596 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89715990df415942d969461e09fda2b4e5281bfa89c4d6120cac4eb939a3c45f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 290 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a802e051099577c43e269f1286bafbdadbb752b37cba14bf0842bce9d21af1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f66ecf07c6f061159719509202fe1e21f894791a503215983db5da5184632d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 706 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bfef42d49f26a1036a3be1804675fbe03caedc8ba66f0f4bd57af9c69b99f89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
114 B 74ms
74ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Aug 2023 13:02:56 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64d4b5d0-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 18 Aug 2023 10:24:30 GMT

GET
H2 200 common-engine.js Show response
cdn.skcrtxr.com/wrapper/js/ 495 KB
120 KB 363ms
89ms Script
text/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-55fe024d-80ea-45b9-b74f-2fd35883b2ad
Requested by: Host: cdn-plus.roxot-panel.com
URL: https://cdn-plus.roxot-panel.com/roxot-wrapper/js/roxot-manager.js?pid=56d60cf6-fe21-45d9-9499-2f7c8fa84c36
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2d1fb6596f3677262182af4daf0de5a145bec82061e39626d2ba0e322b465bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: m9-up-gc8
date: Fri, 18 Aug 2023 09:24:30 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2023-08-07T10:47:36+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
cache: HIT
x-node: m9-up-gc8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
223 B 47ms
46ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1729862691&t=pageview&_s=1&dl=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&ul=en-us&de=UTF-8&dt=%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=452211517&gjid=1789824433&cid=379360719.1692350671&tid=UA-71413026-1&_gid=644541115.1692350671&_r=1&_slc=1&gtm=45He38g0n71N8VFP5&z=1161428203

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://margarets-devised-502782.appspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-71413026-1&cid=379360719.1692350671&jid=452211517&gjid=1789824433&_gid=644541115.1692350671&_u=YADAAEAAAAAAACAAI~&z=1422598472

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://margarets-devised-502782.appspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71413026-1&cid=379360719.1692350671&jid=452211517&_u=YADAAEAAAAAAACAAI~&z=196671340

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71413026-1&cid=379360719.1692350671&jid=452211517&_u=YADAAEAAAAAAACAAI~&z=196671340

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/25839866/
Redirect Chain

https://mc.yandex.com/watch/25839866?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf...
https://mc.yandex.com/watch/25839866/1?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3A...

428 B
789 B

75ms
74ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/25839866/1?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A118020859219%3Ahid%3A137784383%3Az%3A120%3Ai%3A20230818112430%3Aet%3A1692350671%3Ac%3A1%3Arn%3A515025190%3Arqn%3A1%3Au%3A1692350671977900401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A18%2C86%2C938%2C14%2C0%2C0%2C%2C495%2C0%2C%2C%2C%2C1553%3Aco%3A0%3Acpf%3A1%3Ans%3A1692350668826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692350671%3At%3A%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ba1f3fd0be60259d6a7e04bdec4d298891af94501cd9c45e489f2f482478231f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 18-Aug-2023 09:24:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Fri, 18-Aug-2023 09:24:30 GMT

Redirect headers

pragma: no-cache
date: Fri, 18 Aug 2023 09:24:30 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 18-Aug-2023 09:24:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/25839866/1?wmode=7&page-url=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afle5kqy8ltv55tkdn444gpr%3Afp%3A1346%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A118020859219%3Ahid%3A137784383%3Az%3A120%3Ai%3A20230818112430%3Aet%3A1692350671%3Ac%3A1%3Arn%3A515025190%3Arqn%3A1%3Au%3A1692350671977900401%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A18%2C86%2C938%2C14%2C0%2C0%2C%2C495%2C0%2C%2C%2C%2C1553%3Aco%3A0%3Acpf%3A1%3Ans%3A1692350668826%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1692350671%3At%3A%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 18-Aug-2023 09:24:30 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10099.iP6dkXbB_T12N21nac_Hws8etRIhQ8nEcePO3kHKiim6eE4gi6dEcDd4_p-qvGUt.xgqHA41Lj8_KC46HmYfsnbYbpPk%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10099.izQts9JS5_QsJSz1NPb9FitPJ2iLVVhRVLlq8cMwL-Aa5VOz6dUr82UJ2qajd-6VPFCNm_t5ap4Ttzjt0QcHSF-U6OZEVRdnnO2Wpu-Zl5o%2C.rrhwvBA73yONX310c...

43 B
79 B

76ms
76ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10099.izQts9JS5_QsJSz1NPb9FitPJ2iLVVhRVLlq8cMwL-Aa5VOz6dUr82UJ2qajd-6VPFCNm_t5ap4Ttzjt0QcHSF-U6OZEVRdnnO2Wpu-Zl5o%2C.rrhwvBA73yONX310c5b6_sgjBI8%2C

Requested by

Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:31 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10099.izQts9JS5_QsJSz1NPb9FitPJ2iLVVhRVLlq8cMwL-Aa5VOz6dUr82UJ2qajd-6VPFCNm_t5ap4Ttzjt0QcHSF-U6OZEVRdnnO2Wpu-Zl5o%2C.rrhwvBA73yONX310c5b6_sgjBI8%2C
date: Fri, 18 Aug 2023 09:24:31 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 dynamic.js Show response
cdn.skcrtxr.com/wrapper-builder/56d60cf6-fe21-45d9-9499-2f7c8fa84c36/ 0
122 B 80ms
80ms Script
text/javascript 2a11:27c0::93
EDGECENTERLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper-builder/56d60cf6-fe21-45d9-9499-2f7c8fa84c36/dynamic.js?host=margarets-devised-502782.appspot.com&v=d-1643721057__s-55fe024d-80ea-45b9-b74f-2fd35883b2ad
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-55fe024d-80ea-45b9-b74f-2fd35883b2ad
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a11:27c0::93 , Russian Federation, ASN210756 (EDGECENTERLLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-id: m9-up-gc99
date: Fri, 18 Aug 2023 09:24:31 GMT
content-encoding: gzip
server: nginx
x-cached-since: 2023-08-16T13:29:37+00:00
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, s-maxage=31536000
cache: HIT
x-node: m9-up-gc99

GET
H2 200 sync Show response
skcrtxr.com/user-sync-api/ 70 B
423 B 230ms
78ms XHR
application/json 51.250.75.211
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://skcrtxr.com/user-sync-api/sync
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/js/main.8bc7ca08.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.250.75.211 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: ycalb /
Resource Hash: cc7fdf63159ce22042d73b383edd7b01098911ac26bc76eb2cdf515016fc3c2c

Request headers

Accept: application/json, text/plain, */*
Referer: https://margarets-devised-502782.appspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:24:31 GMT
content-encoding: gzip
server: ycalb
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://margarets-devised-502782.appspot.com
cache-control: max-age=600, public, s-maxage=600
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 148ms
43ms Script
application/x-javascript 2600:9000:2394:4400:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: margarets-devised-502782.appspot.com
URL: https://margarets-devised-502782.appspot.com/news/2023/08/18/rozysk_karen
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:4400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 17:21:05 GMT
content-encoding: gzip
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: AMS1-P2
age: 57806
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: czbMWbNtsfThoFZd1WUzQS2jgHT-EJjYvK1FC4HUbHe_KPKQtyWymA==
expires: Fri, 18 Aug 2023 17:21:05 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 359ms
116ms Image
image/gif 54.172.29.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=zona.media&p=%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&u=pGuLqDtHRbTGHGxH&d=margarets-devised-502782.appspot.com&g=65540&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3346&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fmargarets-devised-502782.appspot.com%2Fnews%2F2023%2F08%2F18%2Frozysk_karen&b=2376&t=CM_rdXC1MYb_CWiNv6ds5CJCLt2yF&V=141&i=%D0%9C%D0%92%D0%94%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%B8%D0%BB%D0%BE%20%D0%B2%20%D1%80%D0%BE%D0%B7%D1%8B%D1%81%D0%BA%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%D0%B8%D1%81%D1%82%D0%B0%20%D0%9A%D0%B0%D1%80%D0%B5%D0%BD%D0%B0%20%D0%A8%D0%B0%D0%B8%D0%BD%D1%8F%D0%BD%D0%B0&tz=-120&sn=1&sv=DM1y1lBUnXVDqrejwBPjJWJCxCo8F&sd=1&im=061b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.29.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-29-48.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://margarets-devised-502782.appspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 18 Aug 2023 09:24:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tns-counter.ru/	1970-01-20 22:51:26	Name: guid Value: D8297A0164DF38CEX1692350670
.margarets-devised-502782.appspot.com/	1970-01-20 22:51:26	Name: _ym_uid Value: 1692350671977900401
.margarets-devised-502782.appspot.com/	1970-01-20 22:51:26	Name: _ym_d Value: 1692350671
.margarets-devised-502782.appspot.com/	1970-01-20 23:41:50	Name: _ga Value: GA1.3.379360719.1692350671
.margarets-devised-502782.appspot.com/	1970-01-20 14:07:17	Name: _gid Value: GA1.3.644541115.1692350671
.margarets-devised-502782.appspot.com/	1970-01-20 14:05:50	Name: _gat_UA-71413026-1 Value: 1
.mc.yandex.com/	1970-01-20 14:05:51	Name: sync_cookie_csrf Value: 1072806927fake
.margarets-devised-502782.appspot.com/	1970-01-20 14:07:02	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 14:05:51	Name: sync_cookie_csrf Value: 2466796022fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1424717021692350670
.yandex.com/	1970-01-20 23:41:50	Name: i Value: EfMV7AuxhyRkkMIY9KcRKiSfHzowKWEdmbBybwt/WFBWDlCTjtzQZMffrSLQiJgwxk9b5wMI95sAidNxU0t++6p4n6A=
.yandex.com/	1970-01-20 23:41:50	Name: yandexuid Value: 2811950021692350670
.yandex.com/	1970-01-20 22:51:26	Name: yuidss Value: 2811950021692350670
.yandex.com/	1970-01-20 22:51:26	Name: ymex Value: 1723886670.yrts.1692350670#1723886670.yrtsi.1692350670
.yandex.com/	1970-01-20 22:51:26	Name: bh Value: KgI/MA==
.margarets-devised-502782.appspot.com/	1970-01-20 14:05:52	Name: _ym_visorc Value: w
.margarets-devised-502782.appspot.com/	1970-01-20 23:41:50	Name: _ga_MQ4BHWPRFV Value: GS1.1.1692350670.1.0.1692350671.59.0.0
.skcrtxr.com/	1970-01-20 22:52:53	Name: rxt_uid Value: 61fdbe60-9efa-46c6-b528-468bf4f36a95
.margarets-devised-502782.appspot.com/	1970-01-20 23:34:38	Name: _cb Value: pGuLqDtHRbTGHGxH
.margarets-devised-502782.appspot.com/	1970-01-20 23:34:38	Name: _chartbeat2 Value: .1692350671357.1692350671357.1.DM1y1lBUnXVDqrejwBPjJWJCxCo8F.1
.margarets-devised-502782.appspot.com/	1970-01-20 14:05:52	Name: _cb_svref Value: null

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.vkbuikq.net/null Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-plus.roxot-panel.com
cdn.skcrtxr.com
margarets-devised-502782.appspot.com
mc.yandex.com
mc.yandex.ru
ping.chartbeat.net
region1.analytics.google.com
rsm.zona.media
s3.vkbuikq.net
securepubads.g.doubleclick.net
skcrtxr.com
st.thetruestory.news
static.chartbeat.com
stats.g.doubleclick.net
thetruestory.news
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tns-counter.ru
143.204.9.126
2001:4860:4802:32::36
2001:6d0:4001::226
2600:9000:2394:4400:18:1fcd:353:c61
2606:4700:10::ac43:652
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2014
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a06:98c1:3120::3
2a11:27c0::93
3.161.119.21
51.250.75.211
54.172.29.48
0241397dd6d01420d431e3d6e2b0c4c5852872d286686f5e41b3134819525918
036b53b0f9d524f39394624f82970f1a760597512566e6c984d9388c2a31b8d5
0b39671bd2a9cffcec3c8fed2783bc2460d3abf88e9e447ef43783309c7b467b
0c8b1f98b3af7160b780dfac0e91ab579d16130a518fb98d402efa1733894d58
158589b741eac0343f21e5729a7cac29619c17c33f614d75123c4036692b994b
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
24bc5f6147aaf087cda91a5874c9f2a64fe75037dfd20b1a3ff0ca5f584f9eb9
257900ac4b1f41c266f969df486b1b5afa41acdb1441d4590b0b3edf4e590cdb
2d1fb6596f3677262182af4daf0de5a145bec82061e39626d2ba0e322b465bac
3040c807f8356c6011f11240fccf5c280c4d761bc3c57519b5e16e906ca62f03
3378f5008e0f5a080b11fe9bc142af6f07a78c3a9b9eaf98cddf08ddf94a2eb9
4b34ff96419107c60c08f09b3089619ddadde39ddac8473dcad25c70807aab6f
4bfef42d49f26a1036a3be1804675fbe03caedc8ba66f0f4bd57af9c69b99f89
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
632e2cd8ca492d89ba44932e537974a0eb6c910204d648ed6d1138a101eed56b
64a0f8a6de9f2dd1e81769d17b128e122aeb395f4964bf15601be94d6fffaf02
6dc415f1743764c2fb44cd16d108a6a1012b63a54ec44f475ae6e84f647abfd9
76cee8c907b93915fed281e7f8f7453094eccd909ec6078cf03c240fbcb34554
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c6f093a018f2f414319ebf4b1b5ef62c9e34be9d809205a71bc153f1b1effd
868e06ec90d0c14013d42116decdccbc304d1dd01f6c686d263b8598fd8191bc
89715990df415942d969461e09fda2b4e5281bfa89c4d6120cac4eb939a3c45f
89d1f7b5a549ede92b11326126469a431e4a046ad287a7fe0347b32a9bdd4bd3
92a82d0233445685062df7115e244b34f3e71657d0c80f54cce716b5952eb8dc
977724573f0a58c29d5c9e18e662946546ff26ce2070b17aa325dcd4c54d51f4
9f66ecf07c6f061159719509202fe1e21f894791a503215983db5da5184632d9
a3687c40b7a793b82a2f74c8e7290bf742482fbe0edb5a8086102a3be4f6f865
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a802e051099577c43e269f1286bafbdadbb752b37cba14bf0842bce9d21af1a8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba1f3fd0be60259d6a7e04bdec4d298891af94501cd9c45e489f2f482478231f
be629880d6a79a7e79eaf34283cbf24a40f2779f2f4ffe4f41708dde12222ea4
c35755c3299bb1739908187102395e0c33a962a9d4d1764124b0d9eb80d10909
cc7fdf63159ce22042d73b383edd7b01098911ac26bc76eb2cdf515016fc3c2c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4baf7dfa56c416e80c6854c5a3315455f674859bcc20c897e1a89a8c724c707
d7435dde16fa0aa5b0ab1627f904a9f313409faa33effe9fb6ce54ce78cdb2b5
dc51b8c96c2d745df3bd5590d990230a482fd247123599548e0632fdbf97fc22
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1d38002c1197317e565770a1f57d936c52a1ea5f0f6b3b576293a2e095b16b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a162cb53d79e0ee3a6d020bc72c80cde5644ffbeb9913b96c3c4833a4a65d6
e9cc272ab36384932b33e5cc00fe9f0b8553d339394959fd0c634a72604bff52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

margarets-devised-502782.appspot.com Open in urlscan Pro 2a00:1450:4001:812::2014 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

92 %HTTPS

80 %IPv6

18 Domains

22 Subdomains

21 IPs

4 Countries

4259 kBTransfer

6242 kBSize

21 Cookies

17 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

margarets-devised-502782.appspot.com Open in urlscan Pro
2a00:1450:4001:812::2014 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

92 %
HTTPS

80 %
IPv6

18
Domains

22
Subdomains

21
IPs

4
Countries

4259 kB
Transfer

6242 kB
Size

21
Cookies

49 HTTP transactions
5 data transactions