urlscan.io logo urlscan.io
SecurityTrails logo

mail.petrovistadynamiek.pro Open in urlscan Pro
66.29.153.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.petrovistadynamiek.pro/
Submission: On December 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 11 domains to perform 43 HTTP transactions. The main IP is 66.29.153.21, located in United States and belongs to NAMECHEAP-NET, US. The main domain is mail.petrovistadynamiek.pro.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 11th 2023. Valid for: a year.
This is the only time mail.petrovistadynamiek.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 66.29.153.21 22612 (NAMECHEAP...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 104.26.8.183 13335 (CLOUDFLAR...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
6 68.183.51.111 14061 (DIGITALOC...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.65.198 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
43 10
16    66.29.153.21 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server348-5.web-hosting.com
mail.petrovistadynamiek.pro
2    2607:f8b0:4006:816::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:21da:2600:12:352e:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.servedby-buysellads.com
1    2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.26.8.183 (None, )

ASN13335 (CLOUDFLARENET, US)
code.tidio.co
8    2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)
widget-v4.tidiochat.com
6    68.183.51.111 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-23.buysellads.com
srv.buysellads.com
5    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    142.250.65.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f6.1e100.net
ad.doubleclick.net
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
16 petrovistadynamiek.pro
mail.petrovistadynamiek.pro
649 KB
8 tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 19692
381 KB
6 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 21550
7 KB
5 gstatic.com
fonts.gstatic.com
104 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
3 KB
2 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 139
978 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
262 B
1 tidio.co
code.tidio.co — Cisco Umbrella Rank: 15811
487 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
85 KB
1 servedby-buysellads.com
m.servedby-buysellads.com — Cisco Umbrella Rank: 37002
16 KB
43 11
Domain Requested by
16 mail.petrovistadynamiek.pro mail.petrovistadynamiek.pro
8 widget-v4.tidiochat.com mail.petrovistadynamiek.pro
code.tidio.co
6 srv.buysellads.com m.servedby-buysellads.com
mail.petrovistadynamiek.pro
5 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com widget-v4.tidiochat.com
2 ad.doubleclick.net 1 redirects mail.petrovistadynamiek.pro
2 fonts.googleapis.com mail.petrovistadynamiek.pro
1 www.google-analytics.com www.googletagmanager.com
1 code.tidio.co 1 redirects
1 www.googletagmanager.com mail.petrovistadynamiek.pro
1 m.servedby-buysellads.com mail.petrovistadynamiek.pro
43 11

This site contains links to these domains. Also see Links.

Domain
srv.buysellads.com
discover.buysellads.com
Subject Issuer Validity Valid
*.web-hosting.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-11 -
2024-04-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
m.servedby-buysellads.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-17 -
2024-04-16		 a year crt.sh

This page contains 4 frames:

Primary Page: https://mail.petrovistadynamiek.pro/
Frame ID: 937ED0129FFF101A23FB56B0C2E8AD69
Requests: 31 HTTP requests in this frame

Frame: https://mail.petrovistadynamiek.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 27AC2D56EB1807F1B38ECAC7FC7F008B
Requests: 1 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_208_0/static/js/chunk-WidgetIframe-7753f5730ad1005f65b2.js
Frame ID: 03E06F2DAC5846C73302822D83A52C3D
Requests: 5 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: D1F8AC0E8F1F895CED1044288ACD27B1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Petrovistadynamiek

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

43
Requests

58 %
HTTPS

64 %
IPv6

11
Domains

11
Subdomains

10
IPs

2
Countries

1247 kB
Transfer

2356 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://code.tidio.co/3aux6fbenkjblovdtra8zqnem3uzmhrm.js HTTP 302
  • https://widget-v4.tidiochat.com/1_208_0/static/js/render.7753f5730ad1005f65b2.js
Request Chain 36
  • https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_pre=CP7n_5DElIMDFYGxnwodqcIF5g;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mail.petrovistadynamiek.pro/ 		32 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash
f08b6bb9d1109818f335d64c99004f26deb6cc0b9085d5d21ece5c31c11c76c2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 17:58:02 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
mail.petrovistadynamiek.pro/css/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/css/bootstrap.min.css
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
18586
expires
Sat, 23 Dec 2023 17:58:03 GMT
font-awesome.min.css
mail.petrovistadynamiek.pro/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/css/font-awesome.min.css
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c63377c10e51ed44191e27a8351a3828e290bd884a706e8bc03bbf27594dccd6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6657
expires
Sat, 23 Dec 2023 17:58:03 GMT
style.css
mail.petrovistadynamiek.pro/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/css/style.css
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
c0e7821294070fa44ec4c8e614169b42b3c088cde2edf5eceff5e24fbd3dca68

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
5227
expires
Sat, 23 Dec 2023 17:58:03 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600,700
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef6961f534cc764e8434311853bae1025551678e4f47152919f378088f6e11d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 17:58:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 17:58:03 GMT
css
fonts.googleapis.com/ 		1 KB
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:400,700
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4882455843074fb8273c6b49bbbf75e7a6e1e8e87796e8271c93851c01245b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 16:19:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 17:58:03 GMT
monetization.js
m.servedby-buysellads.com/ 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.servedby-buysellads.com/monetization.js
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:2600:12:352e:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:42:36 GMT
content-encoding
gzip
via
1.1 16490f661d04b5f69e5cda7988ce930a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 15:37:34 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
62127
etag
W/"c89307314053bc69d48ccd0533eb7ff6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tpA-fZdJJx2_eD5BhPiI_KrtCqj2HlmTfKOjRUo874nvyPVAK7Z_wg==
js
www.googletagmanager.com/gtag/ 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-98H8KRKT85
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
025d03489ea8a97c92b0c25a298b3da994c451270dc131029d4eb0b00f7492cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 17:58:03 GMT
font-awesome.min.css
mail.petrovistadynamiek.pro/assests/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/assests/css/font-awesome.min.css
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
ab1.png
mail.petrovistadynamiek.pro/images/ 		171 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/ab1.png
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d4c5e49a93d3eb3cf6844daf75b0a3b83b07c47f3e106cd6599e3cc6092b8b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
175056
expires
Sat, 23 Dec 2023 17:58:03 GMT
blog3.jpg
mail.petrovistadynamiek.pro/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/blog3.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
52a7cdbe8878a3a6bef605c8fed0436f3e8efce47862b9e5b0ec38edaa44c707

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
43923
expires
Sat, 23 Dec 2023 17:58:03 GMT
blog1.jpg
mail.petrovistadynamiek.pro/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/blog1.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
9425f51a698bbd09dc21cc265116410de0f02ffdaef777b0ca859201e48895b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
24104
expires
Sat, 23 Dec 2023 17:58:03 GMT
blog2.jpg
mail.petrovistadynamiek.pro/images/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/blog2.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
d18598d1c42ce56fa65822f8f5137c9fd2848491ed0da0da2e150e4a140cb374

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
36492
expires
Sat, 23 Dec 2023 17:58:03 GMT
blog4.jpg
mail.petrovistadynamiek.pro/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/blog4.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
13f4bf4580a38f49e25daecb9246258dd0eaa892312fedd283d2300dad397535

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
17303
expires
Sat, 23 Dec 2023 17:58:03 GMT
render.7753f5730ad1005f65b2.js
widget-v4.tidiochat.com/1_208_0/static/js/
Redirect Chain
  • https://code.tidio.co/3aux6fbenkjblovdtra8zqnem3uzmhrm.js
  • https://widget-v4.tidiochat.com/1_208_0/static/js/render.7753f5730ad1005f65b2.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_208_0/static/js/render.7753f5730ad1005f65b2.js
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44c55032ffd23bb4c0742cf1f74994b8357cf41c4e30e2f308ec1003da82597

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 13:19:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2157
etag
W/"65785df6-1472"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlOfc2sKZCYmc8lpx6xX5%2FhYwW0rFQBLZkH42BszoEIgUT76AblVG6rBSz6x5qUP1PAr%2BO0AryG5ck9qSAp7MJ4cYTmVISKesbWJWJmbC7o2eLzedgYov%2FRALefDu1czKcPCxKU%2FmKxmcWxYmCBw%2BZKlD9DF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8368cfeeca995e6e-EWR

Redirect headers

date
Sat, 16 Dec 2023 17:58:03 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status
HIT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTCJ25KJhJGgfIKlBRtx5xaVR3TkqwZuQBKfQYVfFooKR%2Fm3uMrMOMdmQPX%2BRfSYoGGaQ3VMeT0Hg08qhB0gfISxSQVjAFBf5qva6gQ%2F883oMMzRP1xjnOebSyS%2Bl04%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://widget-v4.tidiochat.com/1_208_0/static/js/render.7753f5730ad1005f65b2.js
cache-control
public, s-maxage=300, max-age=0
cf-ray
8368cfed5ef8440d-EWR
email-decode.min.js
mail.petrovistadynamiek.pro/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
CKYI627U.json
srv.buysellads.com/ads/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CKYI627U.json?segment=placement:w3layoutscom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client,x-origin
Access-Control-Request-Method
GET
Origin
https://mail.petrovistadynamiek.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-length
23
date
Sat, 16 Dec 2023 17:58:03 GMT
server
//srv.buysellads.com
vary
Accept-Encoding
CKYI653J.json
srv.buysellads.com/ads/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CKYI653J.json?segment=placement:w3layoutscom
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-client,x-origin
Access-Control-Request-Method
GET
Origin
https://mail.petrovistadynamiek.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-origin
*
content-encoding
gzip
content-length
23
date
Sat, 16 Dec 2023 17:58:03 GMT
server
//srv.buysellads.com
vary
Accept-Encoding
CKYI627U.json
srv.buysellads.com/ads/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CKYI627U.json?segment=placement:w3layoutscom
Requested by
Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
3fcb5d406b0a425767bbed5745809407ea7262ccf29ea2c0661a4baf30ee0c42

Request headers

Referer
https://mail.petrovistadynamiek.pro/
x-origin
https://mail.petrovistadynamiek.pro/
accept-language
en-US,en;q=0.9
x-client
monetization.js/20231024 (target:body;noViewable:true;script_id:_bsa_srv-CKYI627U_0;platforms:desktop%2Cmobile;skippedVisible:true)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
1231
CKYI653J.json
srv.buysellads.com/ads/ 		2 KB
949 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CKYI653J.json?segment=placement:w3layoutscom
Requested by
Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
ae0c22d4985994db2ed76187d639dbd9e291c9aafd733d478e164318d511ac47

Request headers

Referer
https://mail.petrovistadynamiek.pro/
x-origin
https://mail.petrovistadynamiek.pro/
accept-language
en-US,en;q=0.9
x-client
monetization.js/20231024 (target:body;noViewable:true;script_id:_bsa_srv-CKYI653J_1;platforms:desktop%2Cmobile;skippedVisible:true)
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
895
b3.jpg
mail.petrovistadynamiek.pro/images/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/b3.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
80d122fd7d685f98ae5aef1245500abe5ee192c3a4b6c12f855ea710b6c385b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
159880
expires
Sat, 23 Dec 2023 17:58:03 GMT
sr1.jpg
mail.petrovistadynamiek.pro/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/sr1.jpg
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
81228f27e4242eff1c73d85beac48f5649b0ce275b5aefb6956585b530ae97b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Fri, 15 Nov 2019 11:15:32 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
86868
expires
Sat, 23 Dec 2023 17:58:03 GMT
arrow.png
mail.petrovistadynamiek.pro/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.petrovistadynamiek.pro/images/arrow.png
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
ffd78bc285aced5814c1fa771b9830afec766e2f8f7bf23e06e897b9623c6cef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
3758
expires
Sat, 23 Dec 2023 17:58:03 GMT
va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnSKzeRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 19:41:40 GMT
x-content-type-options
nosniff
age
339383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24868
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 19:41:40 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:01:54 GMT
x-content-type-options
nosniff
age
86169
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24020
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 18:01:54 GMT
2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 04:20:49 GMT
x-content-type-options
nosniff
age
135434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16172
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:30:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 04:20:49 GMT
2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:45:59 GMT
x-content-type-options
nosniff
age
90724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16348
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 16:45:59 GMT
fontawesome-webfont-v=4.7.0.woff2
mail.petrovistadynamiek.pro/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/fonts/fontawesome-webfont-v=4.7.0.woff2
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://mail.petrovistadynamiek.pro/css/font-awesome.min.css
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
last-modified
Thu, 10 Jan 2019 12:15:54 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
77160
expires
Sat, 23 Dec 2023 17:58:03 GMT
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:400,500,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 08:47:40 GMT
x-content-type-options
nosniff
age
119423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 08:47:40 GMT
collect
www.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-98H8KRKT85&gtm=45je3bt0v890463896&_p=1702749483481&gcd=11l1l1l1l1&dma=0&cid=1468571020.1702749484&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702749483&sct=1&seg=0&dl=https%3A%2F%2Fmail.petrovistadynamiek.pro%2F&dt=Petrovistadynamiek&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1239
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-98H8KRKT85
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mail.petrovistadynamiek.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
mail.petrovistadynamiek.pro/cdn-cgi/challenge-platform/scripts/jsd/ Frame 27AC 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.petrovistadynamiek.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.153.21 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server348-5.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
1238
content-type
text/html
chunk-WidgetIframe-7753f5730ad1005f65b2.js
widget-v4.tidiochat.com/1_208_0/static/js/ Frame 03E0 		479 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_208_0/static/js/chunk-WidgetIframe-7753f5730ad1005f65b2.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/3aux6fbenkjblovdtra8zqnem3uzmhrm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d118fa8775403adb4f7c697df8c01ca760987d106101d4f9800e89a3335d4697

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 13:19:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2158
etag
W/"65785df6-77c7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFhrcdmK9rhyOXk9VrYWY88rwi6s4Vxc7YjfpPm9HSnCD7itwZ%2BoiQ3QnfwJbzNVxWdBTgfYqgWQXREO21jtTBfQDqXBhyWqtRBLHnXMu96dvDAQkdQ901Rs1SQFm3BIiHshHcpaezf8bJ%2FD1sqVPXwN2FiT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8368cff0bcad5e6e-EWR
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 03E0 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/3aux6fbenkjblovdtra8zqnem3uzmhrm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
cf-cache-status
MISS
last-modified
Tue, 12 Dec 2023 13:19:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65785df2-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QYHSjEzbmQ%2Fam376poL4JlIiTtPNYO3aqisNlOaz7Zt4yEI3wWOFtcHI0r8d%2FdUjJ3dxsJj%2FPcjDgqs9FLs%2BxNSgO4%2B%2BRgwap%2FMxm7eJNDirz%2FyJ8vAyX2ZC9%2BVinfoT24BK5IlprtgtvBxp74ItH%2BXNF7G"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8368cff12b4742c3-EWR
content-length
27400
tururu.mp3
widget-v4.tidiochat.com// Frame 03E0 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
884725
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 05 Dec 2023 13:49:47 GMT
server
cloudflare
etag
"656f2a7b-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRmkxUDld%2FumZs%2BmiPr209CT0ObOOrMQepRCIWHN5UywbgwD0tfBY3a2OhUVb2PfYSicE1kXEk4bSxiW%2FGfGxRNZV9e3stVRmHbgaYZjzG9HhJIwezTgU%2B%2BYxdRYTem6VADLQehjfJEx3NmpVGSi73EG2eZs"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8368cff0cccf5e6e-EWR
expires
Wed, 20 Dec 2023 12:12:38 GMT
widget.7753f5730ad1005f65b2.js
widget-v4.tidiochat.com/1_208_0/static/js/ Frame 03E0 		494 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/1_208_0/static/js/widget.7753f5730ad1005f65b2.js
Requested by
Host: code.tidio.co
URL: https://code.tidio.co/3aux6fbenkjblovdtra8zqnem3uzmhrm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd7fe5692eb31f770e79cdd85890e0d486a3c422918624d9924fac4ffb0d8d0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 13:19:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2153
etag
W/"65785df6-7b7b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BoPuVyPROwdVwBE8eSnETUjfRrRIO%2B1eLEcuBulBrBjPck2LU8CjAFRBcJpFYAyohhRM0CX7unuK%2BWXBv6C8SbBA%2Bw9FSmauqaEX1iJqdEn3jco2JlUeisZDy%2FH5Kw%2FWZ%2B6QPapP7mNnkSz9SDqQ449pbzJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
8368cff0ece75e6e-EWR
41639338548a01938836c949978576885a46ad81
srv.buysellads.com/static/30242/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.buysellads.com/static/30242/41639338548a01938836c949978576885a46ad81
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
fe23d719033b41a4465f58c34fd402d8904a3ba691ae10059a4146f67ac94d6a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
server
//srv.buysellads.com
etag
41639338548a01938836c949978576885a46ad81
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800, immutable
content-length
1583
758f0dc7d830e0ffcb1168849f05e83797d8a369
srv.buysellads.com/static/30242/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv.buysellads.com/static/30242/758f0dc7d830e0ffcb1168849f05e83797d8a369
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
68.183.51.111 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-23.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
content-encoding
gzip
server
//srv.buysellads.com
etag
758f0dc7d830e0ffcb1168849f05e83797d8a369
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800, immutable
content-length
3259
B29332811.375756690;dc_pre=CP7n_5DElIMDFYGxnwodqcIF5g;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc...
ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_pre=CP7n_5DElIMDFYGxnwodqcIF5g;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;...
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_pre=CP7n_5DElIMDFYGxnwodqcIF5g;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1?
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Server
142.250.65.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://mail.petrovistadynamiek.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 17:58:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29332811.375756690;dc_pre=CP7n_5DElIMDFYGxnwodqcIF5g;dc_trk_aid=566258115;dc_trk_cid=187188328;ord=1702749483;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tururu.mp3
widget-v4.tidiochat.com// Frame 03E0 		7 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com//tururu.mp3
Requested by
Host: mail.petrovistadynamiek.pro
URL: https://mail.petrovistadynamiek.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 16 Dec 2023 17:58:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
884725
Content-Range
bytes 0-7223/7224
Content-Length
7224
pragma
public
last-modified
Tue, 05 Dec 2023 13:49:47 GMT
server
cloudflare
etag
"656f2a7b-1c38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXVJQ6Tt%2BkOEpZHf2vadaRcxUlLaS2LSHNLlfIFBMf8BFJT0NxPjAfGSILpShzDN7zADqw5ULKhxfS5gPRyBlAL9LH3qJ909ZAgwxEuP1Xlkw4HS44VOpvMbNUS4RCpvneu%2FqQVqfJLHeU7hbS0afsdmRKIH"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
cache-control
public, max-age=31536000
cf-ray
8368cff1ada65e6e-EWR
expires
Wed, 20 Dec 2023 12:12:38 GMT
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame D1F8 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:04 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 13:19:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
"65785df2-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqAQNp6BsY7XlDtjIiaCIIy8iD5njlfSO9BbuZnC8DeX8wkz%2BPUd8G%2BlCQxpreExSCvjZGMTF2EL4M4EsqSh7xrXxL71Cy2u3ksGalKyJhLnZA%2FY5AFRMPqVrg0tV%2FULfSjQ2S66l45ziuD8xbGmhI%2BEGPbE"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8368cff788fb42c3-EWR
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame D1F8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1487724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iDYplADdZCmAhQJJiol%2Bpm92fDc77nCbFEc2OvVzDYAbqOivfTh686n2jxKL3mHWRqhAhli30KM8nl6rxNjhI%2BJ4yBzGtfvHkBw3wcYbpTf1ja0qN3Gd%2Fsld1qtjpT9Bf8Lt2dY5L8dWI6mH1rhMTWK"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8368cff909018ce0-EWR
expires
Thu, 05 Dec 2024 17:58:04 GMT
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame D1F8 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin
https://mail.petrovistadynamiek.pro
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:05 GMT
cf-cache-status
HIT
last-modified
Tue, 12 Dec 2023 13:19:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
etag
"65785df2-6b08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmx%2Bcd5uck311MiX2%2FHjPGc93DZMH%2BdlqXa%2Bboxx%2B80buPUFrjZKjs2o%2Fj7cBjJ7oS26dFLzQKCBnMPiZ8wTS5k5jApFp9lrjgHQnx840kdfq1K7YElGDJZkOmnNq6bYSqRHj9xT3WVopmtGouqLuj5SEXiv"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
8368cffcbda342c3-EWR
content-length
27400
1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame D1F8 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png
Requested by
Host: widget-v4.tidiochat.com
URL: https://widget-v4.tidiochat.com/1_208_0/static/js/widget.7753f5730ad1005f65b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 17:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1487725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1224
last-modified
Sat, 19 Dec 2020 02:18:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fdd6306-505"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Llb%2FNH3ZfD6dt%2BOxcN6qS%2BVxgLkj%2F637OpBjXycBP%2BNd3XoIICIlRSiyUd8JXt2RkrkLwQv%2BoMGyvhXzVIVNF0KNFBfUlb7u%2B7HCQR8Z3kEr0y62mJ7SmV3mWJkggJd7gqyQQYhrxfiuZ9hdrGIN95u5"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8368cffcce9e8ce0-EWR
expires
Thu, 05 Dec 2024 17:58:05 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| hideURLbar object| _bsa function| _bsa_go function| _bsaViewableFaker object| _bsaViewable function| _bsa_serving_callback object| _bsa_queue function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| SENTRY_RELEASE object| tidioChatApi function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.petrovistadynamiek.pro/ Name: _ga_98H8KRKT85
Value: GS1.1.1702749483.1.0.1702749483.0.0.0
.petrovistadynamiek.pro/ Name: _ga
Value: GA1.1.1468571020.1702749484
.doubleclick.net/ Name: APC
Value: AfxxVi6E3lpFGjgUJaukdfGoAIeoQRniPnv8R7X8QKbWG7x4fnKEGw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

4 Console Messages

Source Level URL
Text
network error URL: https://mail.petrovistadynamiek.pro/assests/css/font-awesome.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mail.petrovistadynamiek.pro/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mail.petrovistadynamiek.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: about:blank
Message:
The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdnjs.cloudflare.com
code.tidio.co
fonts.googleapis.com
fonts.gstatic.com
m.servedby-buysellads.com
mail.petrovistadynamiek.pro
srv.buysellads.com
widget-v4.tidiochat.com
www.google-analytics.com
www.googletagmanager.com
104.26.8.183
142.250.65.198
2600:9000:21da:2600:12:352e:e540:93a1
2606:4700:20::681a:98b
2606:4700::6811:190e
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::200a
2607:f8b0:4006:820::2008
66.29.153.21
68.183.51.111
025d03489ea8a97c92b0c25a298b3da994c451270dc131029d4eb0b00f7492cc
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
13f4bf4580a38f49e25daecb9246258dd0eaa892312fedd283d2300dad397535
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
3bdc29109b621ad2c793d86fdc3f61e810d4aeafc3b8419f8f2aeb9c7ce0d364
3fcb5d406b0a425767bbed5745809407ea7262ccf29ea2c0661a4baf30ee0c42
52a7cdbe8878a3a6bef605c8fed0436f3e8efce47862b9e5b0ec38edaa44c707
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
80d122fd7d685f98ae5aef1245500abe5ee192c3a4b6c12f855ea710b6c385b3
81228f27e4242eff1c73d85beac48f5649b0ce275b5aefb6956585b530ae97b5
8352e02d89ad51ae66a63c1a10f6aba4e2003f7737bbdc440eec9a1effe7d2f4
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
9425f51a698bbd09dc21cc265116410de0f02ffdaef777b0ca859201e48895b1
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
ae0c22d4985994db2ed76187d639dbd9e291c9aafd733d478e164318d511ac47
c0e7821294070fa44ec4c8e614169b42b3c088cde2edf5eceff5e24fbd3dca68
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
c63377c10e51ed44191e27a8351a3828e290bd884a706e8bc03bbf27594dccd6
d118fa8775403adb4f7c697df8c01ca760987d106101d4f9800e89a3335d4697
d18598d1c42ce56fa65822f8f5137c9fd2848491ed0da0da2e150e4a140cb374
d44c55032ffd23bb4c0742cf1f74994b8357cf41c4e30e2f308ec1003da82597
d4c5e49a93d3eb3cf6844daf75b0a3b83b07c47f3e106cd6599e3cc6092b8b8c
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4882455843074fb8273c6b49bbbf75e7a6e1e8e87796e8271c93851c01245b2
edd7fe5692eb31f770e79cdd85890e0d486a3c422918624d9924fac4ffb0d8d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6961f534cc764e8434311853bae1025551678e4f47152919f378088f6e11d7
f08b6bb9d1109818f335d64c99004f26deb6cc0b9085d5d21ece5c31c11c76c2
fe23d719033b41a4465f58c34fd402d8904a3ba691ae10059a4146f67ac94d6a
ffd78bc285aced5814c1fa771b9830afec766e2f8f7bf23e06e897b9623c6cef