urlscan.io logo urlscan.io
SecurityTrails logo

newsyou.info Open in urlscan Pro
185.248.101.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Effective URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Submission: On December 23 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 93 IPs in 13 countries across 93 domains to perform 577 HTTP transactions. The main IP is 185.248.101.21, located in Russian Federation and belongs to IPSERVER-RU-NET Fiord, RU. The main domain is newsyou.info.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on February 23rd 2021. Valid for: a year.
This is the only time newsyou.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
37 185.248.101.21 44812 (IPSERVER-...)
21 2a00:1450:400... 15169 (GOOGLE)
2 85.192.12.169 12695 (DINET-AS)
31 62.76.25.28 61400 (NETRACK-AS)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
5 93.95.100.117 48347 (MTW-AS)
4 28 104.19.132.78 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 79.171.117.17 64494 (VARITI-AS)
29 51.77.59.234 16276 (OVH)
2 2a03:2880:f01... 32934 (FACEBOOK)
7 85.192.12.173 12695 (DINET-AS)
6 80.211.42.243 31034 (ARUBA-ASN)
8 147.135.189.55 16276 (OVH)
1 2 88.212.201.216 39134 (UNITEDNET)
1 1 91.198.36.16 43405 (DIGITAL-V...)
1 91.198.36.78 43405 (DIGITAL-V...)
3 2a00:1450:400... 15169 (GOOGLE)
3 7 2a02:6b8::1:119 208722 (YNDX)
8 37.48.86.87 60781 (LEASEWEB-...)
2 193.200.65.18 6681 (GIVEME-CLOUD)
3 185.187.81.40 43332 (IDSTRATEG...)
31 2a00:1450:400... 15169 (GOOGLE)
2 193.106.93.124 48614 (ITSOFT-AS)
2 143.204.98.82 16509 (AMAZON-02)
8 185.148.37.79 48347 (MTW-AS)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 193.200.65.5 6681 (GIVEME-CLOUD)
3 4 31.220.27.134 39572 (ADVANCEDH...)
1 136.243.84.74 24940 (HETZNER-AS)
1 34.120.139.69 15169 (GOOGLE)
1 2 193.232.150.148 48061 (UMA-TECH-AS)
4 37.18.16.23 205675 (HYBRID-AS)
4 217.65.2.150 3175 (CITYTELEC...)
5 5 46.4.114.109 24940 (HETZNER-AS)
1 1 157.90.6.171 24940 (HETZNER-AS)
1 1 195.201.243.72 24940 (HETZNER-AS)
4 4 96.46.186.57 7979 (SERVERS-COM)
2 2 88.198.31.232 24940 (HETZNER-AS)
22 2a00:1450:400... 15169 (GOOGLE)
9 185.148.37.26 48347 (MTW-AS)
1 77.123.132.42 35680 (VOLIA)
3 145.239.108.234 16276 (OVH)
1 94.23.153.171 16276 (OVH)
1 1 146.0.227.110 20773 (GODADDY)
1 193.200.65.6 6681 (GIVEME-CLOUD)
26 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 3 89.108.119.43 197695 (AS-REG)
6 93.95.102.105 48347 (MTW-AS)
2 2 195.209.108.35 52007 (ADRIVER-AS)
3 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::18 44788 (ASN-CRITE...)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
14 2a02:2638:1::3 44788 (ASN-CRITE...)
4 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
14 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
3 8 2a00:1450:400... 15169 (GOOGLE)
3 185.29.132.242 30419 (MEDIAMATH...)
1 217.67.179.205 29226 (MASTERTEL...)
4 45.133.44.37 39572 (ADVANCEDH...)
4 78.46.23.46 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
3 2600:1901:0:7... 15169 (GOOGLE)
42 2606:4700:20:... 13335 (CLOUDFLAR...)
1 178.250.2.148 44788 (ASN-CRITE...)
4 144.76.91.199 24940 (HETZNER-AS)
3 5 2620:116:800d... 16509 (AMAZON-02)
5 35.227.252.103 15169 (GOOGLE)
8 8 198.47.127.19 62713 (AS-PUBMATIC)
3 27 142.250.185.130 15169 (GOOGLE)
5 6 69.173.144.139 26667 (RUBICONPR...)
1 2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 4 79.137.69.91 16276 (OVH)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 54.171.63.239 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
2 2 145.239.193.130 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
8 46.236.13.147 12703 (PULSANT-AS)
3 4 142.250.185.134 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
1 3 104.111.239.217 16625 (AKAMAI-AS)
4 4 104.111.215.191 16625 (AKAMAI-AS)
1 1 18.196.159.27 16509 (AMAZON-02)
4 143.204.98.117 16509 (AMAZON-02)
8 104.19.136.78 13335 (CLOUDFLAR...)
8 8 84.200.5.215 31400 (ACCELERAT...)
2 2 78.46.85.162 24940 (HETZNER-AS)
2 82.113.101.132 6805 (TDDE-ASN1)
2 2 46.4.62.19 24940 (HETZNER-AS)
2 82.113.101.236 6805 (TDDE-ASN1)
1 148.251.139.77 24940 (HETZNER-AS)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 1 23.37.42.132 16625 (AKAMAI-AS)
2 23.79.143.124 16625 (AKAMAI-AS)
1 104.19.217.61 13335 (CLOUDFLAR...)
5 5 18.197.42.49 16509 (AMAZON-02)
3 4 213.19.147.45 3356 (LEVEL3)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 2 52.208.97.166 16509 (AMAZON-02)
2 2 37.157.4.28 198622 (ADFORM)
1 104.16.199.73 13335 (CLOUDFLAR...)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 35.212.212.222 15169 (GOOGLE)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.138.131 201081 (SMARTADSE...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
1 8.39.36.142 26667 (RUBICONPR...)
1 1 62.149.0.72 15497 (COLOCALL ...)
8 34.242.207.34 16509 (AMAZON-02)
577 93
37    185.248.101.21 (Russian Federation)

ASN44812 (IPSERVER-RU-NET Fiord, RU)
newsyou.info
21    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    85.192.12.169 (Russian Federation)

ASN12695 (DINET-AS, RU)
vcmjf535tx.ru
31    62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)
ocmurc.com
8    2606:4700:10::6816:284a (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
calculator.codes
5    93.95.100.117 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
news.2xclick.ru
news.gnezdo.ru
28    104.19.132.78 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)
ppvesdfiojol.com
29    51.77.59.234 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: vps-2181085f.vps.ovh.net
a4p.adpartner.pro
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    85.192.12.173 (Russian Federation)

ASN12695 (DINET-AS, RU)
pxksnymto.ru
dmpprof.com
dprof.site
6    80.211.42.243 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: host243-42-211-80.serverdedicati.aruba.it
telegram.im
8    147.135.189.55 (France)

ASN16276 (OVH, FR)
PTR: m.mixadvert.com
m.mixadvert.com
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
1    91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua
r.i.ua
1    91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua
i.i.ua
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
8    37.48.86.87 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ns4.24smi.org
data.24smi.net
2    193.200.65.18 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: utarget.pro
utarget.ru
3    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
31    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    193.106.93.124 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
prodmp.ru
2    143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net
openfpcdn.io
8    185.148.37.79 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi5.gnezdo.ru
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
15    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
recreativ.ru
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
2    193.232.150.148 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp15.sender.ltmse.com
px.adhigh.net
4    37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
4    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
5    46.4.114.109 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1271137.aucourant.info
www.acint.net
1    157.90.6.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1359720.sapientru.net
ssp-rtb.sape.ru
1    195.201.243.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: regensburg.aucourant.info
acint.net
4    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    88.198.31.232 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.198.31.232.clients.your-server.de
exchange.buzzoola.com
22    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    185.148.37.26 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
zn3.2xclick.ru
1    77.123.132.42 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 42.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
3    145.239.108.234 (France)

ASN16276 (OVH, FR)
PTR: d5.mix.storage.badvps.com
i.mixadvert.com
1    94.23.153.171 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: d5.mix.site.badvps.com
mixadvert.com
1    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
1    193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team
m.trafmag.com
26    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    89.108.119.43 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru
x01.aidata.io
6    93.95.102.105 (Russian Federation)

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru
fcgi4.gnezdo.ru
2    195.209.108.35 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
3    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
14    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700:20::681a:134 (United States)

ASN13335 (CLOUDFLARENET, US)
img.servestatic.net
14    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
4    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
8    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    217.67.179.205 (Balashikha, Russian Federation)

ASN29226 (MASTERTEL-AS Moscow, Russia, RU)
PTR: 217-67-179-205.in-addr.mastertelecom.ru
guepslka.com
4    45.133.44.37 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
i.cdnkimg.com
4    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
42    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    144.76.91.199 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
5    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
8    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
27    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
4    79.137.69.91 (France)

ASN16276 (OVH, FR)
PTR: gcm11.host.hit.gemius.pl
googlecm.hit.gemius.pl
3    2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    54.171.63.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-63-239.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
1    88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
8    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
4    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
8019191.fls.doubleclick.net
ad.doubleclick.net
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
4    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    18.196.159.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com
d.agkn.com
4    143.204.98.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net
analytics.webgains.io
8    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
8    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
www.telefonica-partner.de
www.lead-alliance.net
2    78.46.85.162 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads1.sunbonet.de
partner.o2online.de
2    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
2    46.4.62.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads4.sunbonet.de
partner.blau.de
2    82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de
portal.blau.de
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
5    18.197.42.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-42-49.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
2    52.208.97.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-97-166.eu-west-1.compute.amazonaws.com
ad.360yield.com
2    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.212.212.222 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 222.212.212.35.bc.googleusercontent.com
rtb-usw.mfadsrvr.com
2    109.206.161.21 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.21.serverel.net
sync.e-volution.ai
1    185.86.138.131 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.adtelligent.com
8    34.242.207.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
60 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
ad.doubleclick.net
155 KB
47 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
423 KB
42 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
1 MB
37 newsyou.info
newsyou.info
2 MB
36 mgid.com
jsc.mgid.com
cm.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
s-img.mgid.com
440 KB
32 criteo.net
static.criteo.net
pix.eu.criteo.net
csm.eu.criteo.net
1 MB
31 ocmurc.com
ocmurc.com
596 KB
30 adpartner.pro
a4p.adpartner.pro
file.adpartner.pro
70 KB
22 gstatic.com
fonts.gstatic.com
424 KB
18 gnezdo.ru
fcgi5.gnezdo.ru
news.gnezdo.ru
fcgi4.gnezdo.ru
30 KB
16 24smi.net
jsn.24smi.net
data.24smi.net
50 KB
15 googleapis.com
fonts.googleapis.com
10 KB
12 webgains.io
analytics.webgains.io
api.webgains.io
205 KB
12 criteo.com
rtb.fr.eu.criteo.com
ads.eu.criteo.com
rtb.nl.eu.criteo.com
cat.fr.eu.criteo.com
cat.nl.eu.criteo.com
96 KB
12 google.com
adservice.google.com
www.google.com
1 KB
12 mixadvert.com
m.mixadvert.com
i.mixadvert.com
mixadvert.com
203 KB
11 rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-us-west.rubiconproject.com
14 KB
10 2xclick.ru
news.2xclick.ru
zn3.2xclick.ru
250 KB
9 googletagservices.com
www.googletagservices.com
329 KB
8 webgains.com
track.webgains.com
63 KB
8 pubmatic.com
image6.pubmatic.com
4 KB
8 redintelligence.net
hal9000.redintelligence.net
hal900018.redintelligence.net
56 KB
8 ppvesdfiojol.com
ppvesdfiojol.com
109 KB
6 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
12 KB
6 acint.net
www.acint.net
acint.net
2 KB
6 telegram.im
telegram.im
21 KB
5 bidswitch.net
x.bidswitch.net
3 KB
5 openx.net
rtb.openx.net
747 B
5 quantserve.com
cms.quantserve.com
2 KB
5 yandex.com
mc.yandex.com
2 KB
4 blau.de
partner.blau.de
portal.blau.de
4 KB
4 o2online.de
partner.o2online.de
portal.o2online.de
4 KB
4 lead-alliance.net
www.lead-alliance.net
3 KB
4 telefonica-partner.de
www.telefonica-partner.de
1 KB
4 addthis.com
e.dlx.addthis.com
3 KB
4 gemius.pl
googlecm.hit.gemius.pl
907 B
4 cdnkimg.com
i.cdnkimg.com
209 KB
4 mathtag.com
tags.mathtag.com
pixel.mathtag.com
3 KB
4 betweendigital.com
ads.betweendigital.com
3 KB
4 new-programmatic.com
match.new-programmatic.com
860 B
4 hybrid.ai
dm.hybrid.ai
949 B
4 uuidksinc.net
s.uuidksinc.net
885 B
4 cloudflare.com
cdnjs.cloudflare.com
45 KB
3 awin1.com
www.awin1.com
2 KB
3 aidata.io
x01.aidata.io
1 KB
3 dmpprof.com
dmpprof.com
2 KB
3 google.de
adservice.google.de
1 KB
3 google-analytics.com
www.google-analytics.com
40 KB
2 e-volution.ai
sync.e-volution.ai
918 B
2 mfadsrvr.com
rtb-usw.mfadsrvr.com
756 B
2 adsrvr.org
match.adsrvr.org
906 B
2 adform.net
c1.adform.net
947 B
2 360yield.com
ad.360yield.com
613 B
2 creativecdn.com
creativecdn.com
687 B
2 1rx.io
sync.1rx.io
743 B
2 unrulymedia.com
usermatch.targeting.unrulymedia.com
sync.targeting.unrulymedia.com
614 B
2 adtelligent.com
s.adtelligent.com
sync.adtelligent.com
1 KB
2 medialead.de
pv.medialead.de
2 KB
2 everesttech.net
pixel.everesttech.net
862 B
2 innovid.com
ag.innovid.com
726 B
2 dprof.site
dprof.site
1 KB
2 adriver.ru
ad.adriver.ru
1 KB
2 buzzoola.com
exchange.buzzoola.com
380 B
2 adhigh.net
px.adhigh.net
731 B
2 trafmag.com
t.trafmag.com
m.trafmag.com
702 B
2 openfpcdn.io
openfpcdn.io
845 B
2 prodmp.ru
prodmp.ru
356 B
2 zmctrack.net
s.zmctrack.net
24 KB
2 utarget.ru
utarget.ru
49 KB
2 yandex.ru
mc.yandex.ru
66 KB
2 i.ua
r.i.ua
i.i.ua
2 KB
2 yadro.ru
counter.yadro.ru
1 KB
2 pxksnymto.ru
pxksnymto.ru
96 KB
2 facebook.net
connect.facebook.net
83 KB
2 vcmjf535tx.ru
vcmjf535tx.ru
60 KB
1 zeotap.com
mwzeom.zeotap.com
453 B
1 smartadserver.com
ssbsync.smartadserver.com
345 B
1 idealmedia.io
cm.idealmedia.io
412 B
1 lentainform.com
cm.lentainform.com
495 B
1 congstar.de
banner.congstar.de
517 B
1 agkn.com
d.agkn.com
816 B
1 ad-server.eu
ad-server.eu
312 B
1 media01.eu
pb.media01.eu
628 B
1 mookie1.com
odr.mookie1.com
324 B
1 guepslka.com
guepslka.com
29 KB
1 servestatic.net
img.servestatic.net
18 KB
1 admixer.net
inv-nets.admixer.net
497 B
1 sape.ru
ssp-rtb.sape.ru
658 B
1 eskimi.com
dsp-trk.eskimi.com
224 B
1 recreativ.ru
recreativ.ru
110 B
1 googleadservices.com
partner.googleadservices.com
649 B
1 loadercdn.net
loadercdn.net
169 B
1 calculator.codes
calculator.codes
20 KB
577 93
Domain Requested by
37 newsyou.info newsyou.info
31 ocmurc.com newsyou.info
ocmurc.com
29 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
newsyou.info
29 a4p.adpartner.pro newsyou.info
a4p.adpartner.pro
27 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
newsyou.info
26 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
22 fonts.gstatic.com fonts.googleapis.com
21 pagead2.googlesyndication.com newsyou.info
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
18 assets.ad4m.at as.ad4m.at
15 fonts.googleapis.com client
newsyou.info
googleads.g.doubleclick.net
cdnjs.cloudflare.com
vcmjf535tx.ru
hal900018.redintelligence.net
14 pix.eu.criteo.net ads.eu.criteo.com
googleads.g.doubleclick.net
14 static.criteo.net ads.eu.criteo.com
13 cm.mgid.com 4 redirects jsc.mgid.com
s.adtelligent.com
12 ad4m.at as.ad4m.at
ad4m.at
12 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
9 www.googletagservices.com googleads.g.doubleclick.net
9 zn3.2xclick.ru newsyou.info
news.2xclick.ru
8 api.webgains.io analytics.webgains.io
8 s-img.mgid.com
8 track.webgains.com newsyou.info
googleads.g.doubleclick.net
as.ad4m.at
8 image6.pubmatic.com 8 redirects
8 www.google.com 3 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
8 fcgi5.gnezdo.ru news.2xclick.ru
newsyou.info
8 data.24smi.net jsn.24smi.net
8 m.mixadvert.com newsyou.info
m.mixadvert.com
8 ppvesdfiojol.com newsyou.info
ppvesdfiojol.com
8 jsn.24smi.net newsyou.info
jsn.24smi.net
7 jsc.mgid.com newsyou.info
jsc.mgid.com
6 pixel.rubiconproject.com 5 redirects
6 fcgi4.gnezdo.ru newsyou.info
6 telegram.im newsyou.info
telegram.im
5 x.bidswitch.net 5 redirects
5 rtb.openx.net googleads.g.doubleclick.net
5 cms.quantserve.com 3 redirects googleads.g.doubleclick.net
5 www.acint.net 5 redirects
5 mc.yandex.com 2 redirects newsyou.info
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 analytics.webgains.io track.webgains.com
4 cdn.mgid.com newsyou.info
jsc.mgid.com
4 e.dlx.addthis.com 4 redirects
4 googlecm.hit.gemius.pl 2 redirects newsyou.info
4 hal900018.redintelligence.net hal9000.redintelligence.net
hal900018.redintelligence.net
4 hal9000.redintelligence.net newsyou.info
hal900018.redintelligence.net
4 i.cdnkimg.com newsyou.info
4 csm.eu.criteo.net ads.eu.criteo.com
4 cat.fr.eu.criteo.com ads.eu.criteo.com
googleads.g.doubleclick.net
4 news.gnezdo.ru newsyou.info
news.2xclick.ru
4 ads.betweendigital.com 4 redirects
4 match.new-programmatic.com newsyou.info
4 dm.hybrid.ai newsyou.info
4 s.uuidksinc.net 3 redirects newsyou.info
4 adservice.google.com pagead2.googlesyndication.com
8019191.fls.doubleclick.net
4 cdnjs.cloudflare.com newsyou.info
ads.eu.criteo.com
3 servicer.mgid.com jsc.mgid.com
3 www.awin1.com 1 redirects googleads.g.doubleclick.net
as.ad4m.at
3 static-de.ad4mat.net as.ad4m.at
3 prod-rtb.ad4mat.net googleads.g.doubleclick.net
newsyou.info
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
3 x01.aidata.io 1 redirects newsyou.info
3 i.mixadvert.com newsyou.info
3 dmpprof.com pxksnymto.ru
3 adservice.google.de pagead2.googlesyndication.com
3 www.google-analytics.com newsyou.info
a4p.adpartner.pro
www.google-analytics.com
2 sync.e-volution.ai 2 redirects
2 rtb-usw.mfadsrvr.com 2 redirects
2 match.adsrvr.org 2 redirects
2 c1.adform.net 2 redirects
2 ad.360yield.com 2 redirects
2 creativecdn.com 2 redirects
2 sync.1rx.io 2 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 ad.doubleclick.net 2 redirects
2 portal.blau.de as.ad4m.at
2 partner.blau.de 2 redirects
2 portal.o2online.de as.ad4m.at
2 partner.o2online.de 2 redirects
2 8019191.fls.doubleclick.net 1 redirects newsyou.info
2 pv.medialead.de 2 redirects
2 pixel.everesttech.net 2 redirects
2 ag.innovid.com 1 redirects googleads.g.doubleclick.net
2 dprof.site pxksnymto.ru
2 rtb.nl.eu.criteo.com newsyou.info
googleads.g.doubleclick.net
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 ad.adriver.ru 2 redirects
2 exchange.buzzoola.com 2 redirects
2 px.adhigh.net 1 redirects newsyou.info
2 openfpcdn.io pxksnymto.ru
2 prodmp.ru pxksnymto.ru
2 s.zmctrack.net newsyou.info
2 utarget.ru newsyou.info
utarget.ru
2 mc.yandex.ru 1 redirects newsyou.info
2 counter.yadro.ru 1 redirects newsyou.info
2 pxksnymto.ru vcmjf535tx.ru
ppvesdfiojol.com
2 connect.facebook.net newsyou.info
connect.facebook.net
2 vcmjf535tx.ru newsyou.info
vcmjf535tx.ru
1 sync.adtelligent.com 1 redirects
1 pixel-us-west.rubiconproject.com eus.rubiconproject.com
1 token.rubiconproject.com eus.rubiconproject.com
1 mwzeom.zeotap.com
1 ssbsync.smartadserver.com 1 redirects
1 cm.idealmedia.io
1 sync.targeting.unrulymedia.com
1 usermatch.targeting.unrulymedia.com 1 redirects
1 cm.lentainform.com
1 secure-assets.rubiconproject.com 1 redirects
1 s.adtelligent.com cm.mgid.com
1 banner.congstar.de as.ad4m.at
1 d.agkn.com 1 redirects
1 c.mgid.com jsc.mgid.com
1 ad-server.eu googleads.g.doubleclick.net
1 pb.media01.eu hal900018.redintelligence.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 cat.nl.eu.criteo.com googleads.g.doubleclick.net
1 pixel.mathtag.com tags.mathtag.com
1 guepslka.com newsyou.info
1 img.servestatic.net newsyou.info
1 m.trafmag.com newsyou.info
1 inv-nets.admixer.net 1 redirects
1 mixadvert.com newsyou.info
1 file.adpartner.pro newsyou.info
1 acint.net 1 redirects
1 ssp-rtb.sape.ru 1 redirects
1 dsp-trk.eskimi.com newsyou.info
1 recreativ.ru newsyou.info
1 t.trafmag.com newsyou.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 loadercdn.net newsyou.info
1 i.i.ua newsyou.info
1 r.i.ua 1 redirects
1 news.2xclick.ru newsyou.info
1 calculator.codes newsyou.info
577 133
Subject Issuer Validity Valid
newsyou.info
AlphaSSL CA - SHA256 - G2		 2021-02-23 -
2022-03-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
tpizy1uy3x.ru
R3		 2021-10-27 -
2022-01-25		 3 months crt.sh
ocmurc.com
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-13 -
2022-10-12		 a year crt.sh
calculator.codes
R3		 2021-12-22 -
2022-03-22		 3 months crt.sh
news.2xclick.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
ppvesdfiojol.com
R3		 2021-12-01 -
2022-03-01		 3 months crt.sh
adpartner.pro
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-02 -
2021-12-31		 3 months crt.sh
pwrlkyotm.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
telegram.im
R3		 2021-12-23 -
2022-03-23		 3 months crt.sh
m.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.24smi.net
AlphaSSL CA - SHA256 - G2		 2021-01-02 -
2022-02-03		 a year crt.sh
*.utarget.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-07		 a year crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
loadercdn.net
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
prodmp.ru
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
openfpcdn.io
Amazon		 2021-11-11 -
2022-12-10		 a year crt.sh
fcgi5.gnezdo.ru
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
dmpprof.com
R3		 2021-11-22 -
2022-02-20		 3 months crt.sh
news.gnezdo.ru
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
zn3.2xclick.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
i.mixadvert.com
R3		 2021-11-07 -
2022-02-05		 3 months crt.sh
mixadvert.com
R3		 2021-12-12 -
2022-03-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-03 -
2022-01-31		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
guepslka.com
R3		 2021-11-09 -
2022-02-07		 3 months crt.sh
i.cdnkimg.com
R3		 2021-12-05 -
2022-03-05		 3 months crt.sh
redintelligence.net
R3		 2021-12-21 -
2022-03-21		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-12-21 -
2022-03-21		 3 months crt.sh
my.aidata.me
Sectigo RSA Domain Validation Secure Server CA		 2020-02-25 -
2022-02-25		 2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh

This page contains 57 frames:

Primary Page: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: 71E54F75E049C2BF789169145F6290E2
Requests: 270 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9DA3C6E97C3B60E8519B4B737ACB8EB8
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 991862D64CE6B7750B1613FFD3E601FC
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: 5E036124D8F11EDAB05EBC7F4AE72891
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696046519761&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: B3D08C769BDF027040539AAA0392AAB5
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696045727656&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: FD238C4C0E65C5F976FA9D21FDD0BED6
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=29284772869286190&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: DF790C32294F94B616B993CE04903C7D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 21F516BBF4B7DDB4C53068D5EE4B3326
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=300&screen_width=1600&reload_count=0&banner_num=1640280696098222156&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Frame ID: 5CAF25AB8B5BA525DF0F00D896ABCA73
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280696&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696185&bpp=2&bdt=704&idt=298&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2738633273524&frm=20&pv=2&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Frame ID: AE5E46A4888E37D6F4A3940BDF968579
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Frame ID: 17B2F66DB75EE6E2C4999CE2D4CA9DE5
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: D34E07852CD9BCEF5876F9EA02D469F5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Frame ID: B53396B5C2CAD7A97F60AAD637CAFB46
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Frame ID: EBA9BC39EEDCE150F138591686D8B39F
Requests: 14 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%2522%257D
Frame ID: 7325A721DE8BCFF1F244560F7E1F29AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Frame ID: FEA0F7F01E13E0C1E3AD7EC15DCFF1B3
Requests: 15 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c9f0d441-cb82-46e4-96ae-9a0cad6cd453%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22480166c6-b392-4adb-a5ac-0f683496818a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22561f251f-1eed-4d49-93f6-cabfdeb849ec%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2230548b30-aa34-4d2d-bb00-7a980e36a658%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Frame ID: 5288FDF8D06762EAA6F84F1DC0CB96D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Frame ID: 0F193ABFB61699049F5F01AB5CABE0BB
Requests: 19 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 488CEDD336F45473C5C11874269FA258
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Frame ID: 0297425C03F86A21569787B10A180E61
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222510a153-2e11-4429-9092-d9efd196a4ab%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea238a30-854e-43aa-9add-5c9137c9ab3a%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Frame ID: 3DD1F73FFE62F275920EABB5FF1595F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Frame ID: 9EED3D6519B49040830E94220695712C
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220ccad42d-a90c-43e9-93f0-77e1518cc6e4%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222f9452ef-029a-4d27-b708-1b24198b8c67%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22466b31a6-363f-4c44-933d-a1686633802e%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Frame ID: 33FC6BF7803971BCD374D13BA4A9D75C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Frame ID: EF5FF0D2BFBBE5D1A0FFAFFEFF1EB1DB
Requests: 1 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 01B5CEED70B8A3AF1EC738FA3690573D
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: D88B4161AC6EA11765D8EDD171EEDEC4
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Frame ID: E5531F715F3B978EF8154191E1306B64
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: 689CDC1FBC43C69AA8E0F91EC752BC7D
Requests: 21 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: 5C4FA0B9F718A8E3C3F1D9C7E9356E06
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 196869337491F928F444E130ADC41DC2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0811BF560F7BFDF1B294D02C667EDB53
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: F6AD581F19E2FD48F54B28AA7338EBD0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ACD7FD67ACF75537EBD8A8A283208140
Requests: 9 HTTP requests in this frame

Frame: https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Frame ID: CCE7F144B8BB462D02D2955498A776C9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 05188A670E34B9FFBB2B74423CEDC8AC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 75A4CFB2EE064F5F43C4827AE00737FC
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C57fpebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-AFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG_7PpfD4v_YldTJ3OfMEy-T5jyZieH-qsEbGVksWluD8U-RDpYmN4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=QItRAumpl3c&uach_m=[UACH]&cid=CAQSPACNIrLMmYv1s89EijWO2XzvH03k3h4xoBuvGORdmoSX2K4QuV15jBSuVbevlDoIRjXUjJN8sMbcxlP5BxgB
Frame ID: 1C18FA2D68A78A6E5ECA4A32B6941A01
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: CD16A04957F2399DCC957FCB10EEF2F8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C41FEB0493BF6AF0105D5DFC49E39B21
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CTIxeebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-AFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnk3FgLPCrZ0Jc-UazfflmqId1S6daH-_LR3_GFDrVSswX-zowu4U4AG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=fxpNj4EseYo&uach_m=[UACH]&cid=CAQSPACNIrLM1gs85mA-8mJVX1CrtXorJCUd7g8K0jogm-DRSM4F2JxOgwxpZiTkBk-17k47I1HTwc07HbNFShgB
Frame ID: 8F305CABB5F4F8BC51B1196EDE6C88CB
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Frame ID: C66FF7F4B3C68E81CD1711DE5F9D7D32
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 00A155F4FF7613F25DFF1E5A9AC8D204
Requests: 9 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90755200177226100951393011817018&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: 081E36A66D5823438216B2CF87A8C054
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503
Frame ID: 0C9B9A5DEC9249E7CC64CC8521FF9335
Requests: 2 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Frame ID: 7115A7AC4FA291FA7E89B2A2B91C5878
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 7D5D0C1F3908B423880DE3012476D723
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C15364F3F90F3A3E2AB206C7D095E5F3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC66FE2CED2FC1CDE66407F29D2A7161
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2B3B3AD183968A96A8ED76EE83C65666
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: EB2B8217A0EEB7A339ADC164811624F4
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: FAF7C14FDCBFDF048DFBB93306FFF3E7
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Frame ID: C20B514C0B52AC8B75C5B497D4DE8DBB
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A4BD3FEA3281AE494BDDBB639E3E7AA8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7C2CF9FA215C4E83DB591F050E61EB5
Requests: 2 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1640280698709792326496
Frame ID: 5ECC44CBEEDF74215C1127DAD132C768
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=658327
Frame ID: 6C941095B7F71F71E558D2B312D52123
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Frame ID: A9B766E563C61549553638E76C310E93
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Як потрібно харчуватися, щоб підтримувати гострий зір - Новости Ю

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 80%
Detected patterns
  • hit\.gemius\.pl
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

577
Requests

89 %
HTTPS

22 %
IPv6

93
Domains

133
Subdomains

93
IPs

13
Countries

9571 kB
Transfer

14257 kB
Size

138
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532
Request Chain 64
  • https://r.i.ua/s?u224079&p264&n0.08856925716328456&c1&d24&w1600&h1200&rnewsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR HTTP 302
  • https://i.i.ua/r/3_3_1.png
Request Chain 117
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.Wt2GCxYvi0LMK3vMa_NxNPu7r8ry19TAYrppEQq8TkXFqGRJTWbY2n1-96YcQvUY.ElmtxC00XItYyuMRtkLHZoO3-rw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.xUMg2T_QuwobfxP2FId4zvGReO_akWPsV0kA65MgxguciGrwduobLpieKGGvKLQI3FGspm5KEp1WkhgQVH-DIA%2C%2C.HGDofkV1VVCqIBgyXRHJLVbmbSU%2C
Request Chain 139
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
Request Chain 140
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&sct=1 HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
Request Chain 144
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 147
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F78B2C4611905054E02D27C63
Request Chain 148
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D%2524%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F78B2C4611900E8A70297AE1A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F78B2C4611905054E02D27C63
Request Chain 149
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
Request Chain 150
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
Request Chain 151
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=8b9d8c25-98ff-4f47-4443-17b921d04456
Request Chain 152
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=aa390072-4c5c-480d-587a-edb59abb70cb
Request Chain 170
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1527%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1097879902757%3Ahid%3A591048360%3Az%3A0%3Ai%3A20211223173136%3Aet%3A1640280696%3Ac%3A1%3Arn%3A597960917%3Arqn%3A1%3Au%3A1640280696382176813%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280694419%3Ads%3A0%2C165%2C772%2C1%2C0%2C0%2C%2C518%2C3%2C%2C%2C%2C1581%3Adsn%3A0%2C166%2C771%2C1%2C0%2C0%2C%2C521%2C3%2C%2C%2C%2C1581%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1527%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1097879902757%3Ahid%3A591048360%3Az%3A0%3Ai%3A20211223173136%3Aet%3A1640280696%3Ac%3A1%3Arn%3A597960917%3Arqn%3A1%3Au%3A1640280696382176813%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280694419%3Ads%3A0%2C165%2C772%2C1%2C0%2C0%2C%2C518%2C3%2C%2C%2C%2C1581%3Adsn%3A0%2C166%2C771%2C1%2C0%2C0%2C%2C521%2C3%2C%2C%2C%2C1581%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 221
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=1471d21b-0a5a-4ecc-9f12-7b1b807763c8 HTTP 302
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=640f6b8d7ec5469880fb3cfe80dee7e9
Request Chain 229
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==&bounce=1
Request Chain 230
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/qOyhT2fVcsgWDPZv0FPv
Request Chain 231
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
Request Chain 234
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngC1UOQ104QAg==&tuid=-4428269824 HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AodNQiYZ1FGyBnT0FvqDYtg
Request Chain 235
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
Request Chain 366
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
Request Chain 367
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngC1UOQ104QAg== HTTP 302
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
Request Chain 411
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 412
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 418
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENjq7I1F1ZrcJWlEirH0v3Y&google_cver=1&google_push=AYg5qPIaX1AHzWmU2UK1grXQhfkbU4kMRvL7sFr4dWTGRc-GmoZ41XHsztKAQfM8GFtr8ckXmH-1xL-8rt5_p4CDa6cYs53ZhDxEdVYcsXTU_S4kGj-WOaKkxAINJqro85_p2uDUtuJAVq7gwmdz9NcXtw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENjq7I1F1ZrcJWlEirH0v3Y&google_cver=1&google_push=AYg5qPIaX1AHzWmU2UK1grXQhfkbU4kMRvL7sFr4dWTGRc-GmoZ41XHsztKAQfM8GFtr8ckXmH-1xL-8rt5_p4CDa6cYs53ZhDxEdVYcsXTU_S4kGj-WOaKkxAINJqro85_p2uDUtuJAVq7gwmdz9NcXtw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIaX1AHzWmU2UK1grXQhfkbU4kMRvL7sFr4dWTGRc-GmoZ41XHsztKAQfM8GFtr8ckXmH-1xL-8rt5_p4CDa6cYs53ZhDxEdVYcsXTU_S4kGj-WOaKkxAINJqro85_p2uDUtuJAVq7gwmdz9NcXtw
Request Chain 419
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN3IiLfvl39dDe6jdI5PUi4&google_cver=1&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrmdUOdZuFgD-2JHL3BmqkOPJ9mAZ4AS33VUdLp8vZ5MiTzYwywfxeVA-Xnl-i8bFCk0pIxzoUKkIkVl2ho HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVFAtWS1IRTI0&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrmdUOdZuFgD-2JHL3BmqkOPJ9mAZ4AS33VUdLp8vZ5MiTzYwywfxeVA-Xnl-i8bFCk0pIxzoUKkIkVl2ho
Request Chain 420
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ
Request Chain 422
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFqAbhwczPwQtc6yPHRAp1g&google_cver=1&google_push=AYg5qPIn4Wq__NEQX95JeClmPJ3ELRlx0pFd4NtRaaKGGPYcyfKS5S90vnbhAjNZ7BJpUIdaCduoF0VOv12oMF44dMfuXVGFq6oxEZ05p5TsxCnLHW2U7Vj_3URUuV5280gUnugZotW4BlSD1RCAIvrYRRac HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIn4Wq__NEQX95JeClmPJ3ELRlx0pFd4NtRaaKGGPYcyfKS5S90vnbhAjNZ7BJpUIdaCduoF0VOv12oMF44dMfuXVGFq6oxEZ05p5TsxCnLHW2U7Vj_3U&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 428
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP24Y__lUSlm9R6DjMD1GZG3ot04eEY_VyL04OWQb6ruyxC4kYfbinTIHmDxLLigpThxh_o70rJfWyxmNGAJ0qiFqJxB2DBy2tDUidqsvGmhvBAHpo&google_gid=CAESEOlr2OvStGx0m3cNwTK8I5M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCWGpOczItNQ&google_push=AYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP24Y__lUSlm9R6DjMD1GZG3ot04eEY_VyL04OWQb6ruyxC4kYfbinTIHmDxLLigpThxh_o70rJfWyxmNGAJ0qiFqJxB2DBy2tDUidqsvGmhvBAHpo
Request Chain 431
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDV59Rh0ihJmc_347SuDnyw&google_cver=1&google_push=AYg5qPJ5Sb4xRpE48wDR0JAcAUE7W7EVsECdaXjt65_AV0cfSCpHl6Mn6wrq8kol0nEYXG6TVLw98_u-T08nBPBRYyCH033zycdRso_hVInjHbgMwY1mJAg8wu_eqX3QsjtFmzqWHW_p-iIdOXmhSD0LaQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDV59Rh0ihJmc_347SuDnyw&google_cver=1&google_push=AYg5qPJ5Sb4xRpE48wDR0JAcAUE7W7EVsECdaXjt65_AV0cfSCpHl6Mn6wrq8kol0nEYXG6TVLw98_u-T08nBPBRYyCH033zycdRso_hVInjHbgMwY1mJAg8wu_eqX3QsjtFmzqWHW_p-iIdOXmhSD0LaQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e55LPbq7RbWoX1F4GTo_pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5Sb4xRpE48wDR0JAcAUE7W7EVsECdaXjt65_AV0cfSCpHl6Mn6wrq8kol0nEYXG6TVLw98_u-T08nBPBRYyCH033zycdRso_hVInjHbgMwY1mJAg8wu_eqX3QsjtFmzqWHW_p-iIdOXmhSD0LaQ
Request Chain 432
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGRhUGozOt9nc1_yiWtjCAE&google_cver=1&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x77FG0UyejfTMVCj5kwMhXN1iTrhiETK7u6PVkUGAY2A9azVbUa44t3xYOh39U_cozoffgbXru_fHUJPU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVUUtMTItNzY4Mw==&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x77FG0UyejfTMVCj5kwMhXN1iTrhiETK7u6PVkUGAY2A9azVbUa44t3xYOh39U_cozoffgbXru_fHUJPU
Request Chain 433
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1
Request Chain 435
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=90755200177226100951393011817018&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90755200177226100951393011817018&actionid=731824&produktid=businessgiro&dt_url=
Request Chain 437
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503
Request Chain 439
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=90755200177226100951393011817018 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 443
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMjDQ_oy0VR5gwRIAJBsJZM&google_cver=1&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79jZmZoci75kiNyOadlLJTZfAwiRuZb1vyTbZ_wQyDFElkfivfeDr_-pNtv3p-PrXTq3wO1lKr0FnX9oZQuCBmzKicmlTfeHRs9M HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79jZmZoci75kiNyOadlLJTZfAwiRuZb1vyTbZ_wQyDFElkfivfeDr_-pNtv3p-PrXTq3wO1lKr0FnX9oZQuCBmzKicmlTfeHRs9M&google_hm=Y6ZDuIRBikS_vcApqeofCg
Request Chain 444
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8J1KNO32uRub7CDDgQLdcWkm9GD_fVGgMdjKf012YdXzJbxOSJXGnlcB75ZskKQ7zsXq7QzCwBYKzb0t2-ta90&google_gid=CAESEE54JFxTlN4kVB428hfuWeU&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8J1KNO32uRub7CDDgQLdcWkm9GD_fVGgMdjKf012YdXzJbxOSJXGnlcB75ZskKQ7zsXq7QzCwBYKzb0t2-ta90&google_gid=CAESEE54JFxTlN4kVB428hfuWeU&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDAxNDg3NTIxMDI1Mw%3D%3D&google_push=AYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8J1KNO32uRub7CDDgQLdcWkm9GD_fVGgMdjKf012YdXzJbxOSJXGnlcB75ZskKQ7zsXq7QzCwBYKzb0t2-ta90
Request Chain 446
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN7vppz8HmZ6fNBleuDg5pQ&google_cver=1&google_push=AYg5qPILRvfJlZ164vhT_829RUkT67S6B9I2YQQF1HOgpSxwgKDDU7Um2KLjUCssg-0D0sKlbpHa4RInJJlV4gT0XC5sYIlUtImUQ-n1Cn9lTKEme3lBZy3-6MKjB9cJkxT7VKB3t4KX9Lwuh7fBXRB295w HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEN7vppz8HmZ6fNBleuDg5pQ&google_cver=1&google_push=AYg5qPILRvfJlZ164vhT_829RUkT67S6B9I2YQQF1HOgpSxwgKDDU7Um2KLjUCssg-0D0sKlbpHa4RInJJlV4gT0XC5sYIlUtImUQ-n1Cn9lTKEme3lBZy3-6MKjB9cJkxT7VKB3t4KX9Lwuh7fBXRB295w&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILRvfJlZ164vhT_829RUkT67S6B9I2YQQF1HOgpSxwgKDDU7Um2KLjUCssg-0D0sKlbpHa4RInJJlV4gT0XC5sYIlUtImUQ-n1Cn9lTKEme3lBZy3-6MKjB9cJkxT7VKB3t4KX9Lwuh7fBXRB295w
Request Chain 447
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJfesBjXh7JtfgQggc2VQsk&google_cver=1&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4SHDtbsrhI69xs-rkYHQ28XK_dqDoIia5ozffpItneEFQ3PPGEJoRLJOhnRdz64yQ_l_WJxcrwSNScy08w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVU4tMVMtM1Y4VA==&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4SHDtbsrhI69xs-rkYHQ28XK_dqDoIia5ozffpItneEFQ3PPGEJoRLJOhnRdz64yQ_l_WJxcrwSNScy08w
Request Chain 448
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8
Request Chain 449
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDT4F6abhtfH0J1C1QoPJ7U&google_cver=1&google_push=AYg5qPI5wnY6xoDzOeuWgCxNm6UWteFdCovbN5_X1pITJ95OIznCMZ7-gYolekTwBmpWQlQ3IvvSadqHTI2UQHnBQDrR1VAdOtK2sIUMa7qYVrkweBsOtPK5HDUqfNvSXyHM3PRNBiKEER4ObD6aObifJe5t HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI5wnY6xoDzOeuWgCxNm6UWteFdCovbN5_X1pITJ95OIznCMZ7-gYolekTwBmpWQlQ3IvvSadqHTI2UQHnBQDrR1VAdOtK2sIUMa7qYVrkweBsOtPK5HD&google_hm= HTTP 302
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Request Chain 451
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 461
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHG0mjblI4VU1EIGA89itXg&google_cver=1&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9YsEio3eCKuOkmvptOfXyZf50kpUZ_7dSI0FUaD_9c-ehMCaeBKEjDNX0MmkMID3-dtaQHcSCsfXToDPyxiOdGuFYwsM5vKCcUyE HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9YsEio3eCKuOkmvptOfXyZf50kpUZ_7dSI0FUaD_9c-ehMCaeBKEjDNX0MmkMID3-dtaQHcSCsfXToDPyxiOdGuFYwsM5vKCcUyE&google_hm=Y6ZDuIRBikS_vcApqeofCg
Request Chain 462
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLibdbxvQdCiokaYxMqwfuZBe2SPosFTlc2iESjAbjIJAWlbdnkzoKBVeKtcEWEUYg6z_97xTEw1CyXCzTNsHHm7eXa66gAR7Ta1hK-rXgUJcY4qTNks&google_gid=CAESEM-9mGSTaFXMTmqtSiyMVAo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCQUE0WGg5bw&google_push=AYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLibdbxvQdCiokaYxMqwfuZBe2SPosFTlc2iESjAbjIJAWlbdnkzoKBVeKtcEWEUYg6z_97xTEw1CyXCzTNsHHm7eXa66gAR7Ta1hK-rXgUJcY4qTNks
Request Chain 463
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0pBAJblJ0wbpho-Xcyw5iqBqKpa_qgnce8wdsgzsJeYXJnEz57wthpyQw_xvxX13_8_8kdZVJgroWVm89ApaA&google_gid=CAESEBI8n4MGz2DvTET2_PEHMZQ&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0pBAJblJ0wbpho-Xcyw5iqBqKpa_qgnce8wdsgzsJeYXJnEz57wthpyQw_xvxX13_8_8kdZVJgroWVm89ApaA&google_gid=CAESEBI8n4MGz2DvTET2_PEHMZQ&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDA5NDEzMTgyMTIwNg%3D%3D&google_push=AYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0pBAJblJ0wbpho-Xcyw5iqBqKpa_qgnce8wdsgzsJeYXJnEz57wthpyQw_xvxX13_8_8kdZVJgroWVm89ApaA
Request Chain 465
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELX2Rz8AHozNvX-zVKWYpMw&google_cver=1&google_push=AYg5qPJB8hSAIa2oXOrNTTn4zvBELUkeawhwdpkydXWu9IR1znFPBMLYbyDb4XrPLsCFS431Jot-Av6LZxSZAu4IkmL9GrVJBPyroIj9xv1bHGT2lThckccOmS1AaOlrk4EcOVeqD9-IKdDCtA9yHt0bNrc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB8hSAIa2oXOrNTTn4zvBELUkeawhwdpkydXWu9IR1znFPBMLYbyDb4XrPLsCFS431Jot-Av6LZxSZAu4IkmL9GrVJBPyroIj9xv1bHGT2lThckccOmS1AaOlrk4EcOVeqD9-IKdDCtA9yHt0bNrc
Request Chain 466
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEcIffsBqF-88iDNvROst9w&google_cver=1&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vlv0JlbEXeRQUv4zIwI6TeITvtf9DbrOe1tIp-TKd7QOZCwlys6Ki7fPP5qiMwl0zQF8St6YfNW8nYtIA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZWVItMTgtMTQwWA==&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vlv0JlbEXeRQUv4zIwI6TeITvtf9DbrOe1tIp-TKd7QOZCwlys6Ki7fPP5qiMwl0zQF8St6YfNW8nYtIA
Request Chain 467
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDQFbr0a18CdYHmanKxVO64&google_cver=1&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64
Request Chain 475
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEjv4Kp7uNbCWA6m-lV-kFM&google_cver=1&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQrCFWsMht-dTacCmbyEjeqtL1Tu90ffhw36lHPzgAK-0-7XdnJk6Os67D5eTnRhnTJj4uqOHA0H7UhcYnIa-wqhU7xZFX906rQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQrCFWsMht-dTacCmbyEjeqtL1Tu90ffhw36lHPzgAK-0-7XdnJk6Os67D5eTnRhnTJj4uqOHA0H7UhcYnIa-wqhU7xZFX906rQ&google_hm=Y6ZDuIRBikS_vcApqeofCg
Request Chain 476
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECfJzcUMUS2ifMefg-QBO_g&google_cver=1&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2CqQrXNS1WmFUkG_aotArP0QyylEd-5pSE7cS2eHqQCFuIzxUr6oXHY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2CqQrXNS1WmFUkG_aotArP0QyylEd-5pSE7cS2eHqQCFuIzxUr6oXHY&google_hm=Q0FFU0VDZkp6Y1VNVVMyaWZNZWZnLVFCT19n
Request Chain 478
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEB6cdd8FvSfaovyxky0L1Pk&google_cver=1&google_push=AYg5qPLPa0Mu5aHDAuKM4HrzRYaZnSFdFAoxDPKLLpz8JhpT6veyFwMV2PqQ7VfmNL88Wbd87wYBd7VyEd2p-bwh77UTvjYxCjC_BsdlrtERm90uom4Zbr8bCtx06m0gaOFhvZdLAecKDwE2Qg9JxPADog HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPa0Mu5aHDAuKM4HrzRYaZnSFdFAoxDPKLLpz8JhpT6veyFwMV2PqQ7VfmNL88Wbd87wYBd7VyEd2p-bwh77UTvjYxCjC_BsdlrtERm90uom4Zbr8bCtx06m0gaOFhvZdLAecKDwE2Qg9JxPADog
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMz81riPNkwccp7B9gYcpEo&google_cver=1&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3DrDDjqgpyakwG6ywiy9jyIe4jrg2P8FOQ6Ev8NzrVxj9ywkL8PiL1InFB_HjWy3_mZ91Di4xvERrrwKrM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJaMFYtMTItQ1RZRw==&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3DrDDjqgpyakwG6ywiy9jyIe4jrg2P8FOQ6Ev8NzrVxj9ywkL8PiL1InFB_HjWy3_mZ91Di4xvERrrwKrM
Request Chain 480
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4&google_cver=1&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4
Request Chain 481
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMOYmFc-Sz4sAjN0mrXqu7g&google_cver=1&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASAzFDtY-qTuM7SKlXv3pO3base81Nll_2rcYI23y1Nz6I3dD2qqMVf0hhJgS9k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASAzFDtY-qTuM7SKlXv3pO3base81Nll_2rcYI23y1Nz6I3dD2qqMVf0hhJgS9k&google_hm=EKQto-g8QQWI0FhZ0Yt4rQ
Request Chain 520
  • https://www.telefonica-partner.de/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117699&s_id=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Request Chain 523
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266647X113752V1225131106MSoneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266647X113752V1225131106MSoneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Request Chain 529
  • https://www.telefonica-partner.de/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117699&s_id=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&spid=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699 HTTP 302
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Request Chain 532
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Request Chain 540
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CK6PgeO5-vQCFY3Kuwgdf4QCmA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280698_2f55c111-6416-11ec-a9fe-2263e4039ea6
Request Chain 555
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Request Chain 557
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnAVg2UX0v9 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbnAVg2UX0v9 HTTP 302
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/b339fbb3-0af1-416f-977e-9f720d141153?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/b339fbb3-0af1-416f-977e-9f720d141153?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/b339fbb3-0af1-416f-977e-9f720d141153?zcc=1&dspret=0&cb=1640280698950 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003
Request Chain 558
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=TnX1MQTCZlRAhIKK3UKE&pi=mgid&tc=1
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJuQVZnMlVYMHY5&muidn=lbnAVg2UX0v9 HTTP 302
  • https://cm.mgid.com/google?muidn=lbnAVg2UX0v9&google_ula={guid},5&google_gid=CAESEDsV8rp3YtgL5pNQcOEvFx4&google_cver=1
Request Chain 560
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=d3093044-ea9f-4fa5-83f3-d54088a7cc00
Request Chain 561
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7928755818476390351&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=b339fbb3-0af1-416f-977e-9f720d141153&gdpr=&gdpr_consent=&us_privacy=
Request Chain 563
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=fbbc6de0-065b-4d9f-ac1b-96d342c134ca&ttl=1642872698
Request Chain 564
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid HTTP 302
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=287839&c=2fc83076-304b-49fd-ab6d-2b05a7278350
Request Chain 565
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnAVg2UX0v9 HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=110634389261605868&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 578
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=617666&c=8e86856fdf87d32b

577 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
newsyou.info/ 		109 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 / PHP/7.3.3
Resource Hash
02f65192f241aaeebce5b89626d1c20d90739ece6e1871bbfbfa5a891a513e3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Thu, 23 Dec 2021 17:26:21 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
28965
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Link
<https://newsyou.info/wp-json/>; rel="https://api.w.org/", <https://newsyou.info/wp-json/wp/v2/posts/583516>; rel="alternate"; type="application/json", <https://newsyou.info/?p=583516>; rel=shortlink
Vary
Accept-Encoding
Content-Encoding
gzip
mainstyle10.css
newsyou.info/ 		36 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/mainstyle10.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37351
Expires
Thu, 30 Dec 2021 17:26:21 GMT
magnific-popup.css
newsyou.info/wp-content/themes/newsyou/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/css/magnific-popup.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:07 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6951
Expires
Thu, 30 Dec 2021 17:26:21 GMT
jquery-1.11.1.min.js
newsyou.info/wp-content/themes/newsyou/js/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/jquery-1.11.1.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95786
Expires
Thu, 30 Dec 2021 17:26:21 GMT
scripts.js
newsyou.info/wp-content/themes/newsyou/js/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/scripts.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23604
Expires
Thu, 30 Dec 2021 17:26:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
34be68137ad4c75b3f32e4d6040059dada44a964d396adb8adb1ed378c7e3b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51837
x-xss-protection
0
server
cafe
etag
7271240019576371975
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:36 GMT
script.js
vcmjf535tx.ru/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/script.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
x-adsbid-request
j_r8g9wpzr48
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
server
nginx/1.18.0
otv1l7192ivl0pmy03q8h867quv768kypg019a.php
ocmurc.com/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 11:24:02 GMT
server
nginx/1.14.2
etag
"61714dd2-4abc"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
19132
smi.js
jsn.24smi.net/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 13 Oct 2021 09:02:21 GMT
server
cloudflare
age
109
etag
W/"6166a09d-15d1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530da80d6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:29:46 GMT
gqzgemrxgm5ha3ddf43tkoi
calculator.codes/code/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://calculator.codes/code/gqzgemrxgm5ha3ddf43tkoi
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9bbcb676d301f496bfd2d2e173d8a7b5751e5ce2959d4e6a6510d6c4faabea5b
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:35 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
style.min.css
newsyou.info/wp-includes/css/dist/block-library/ 		79 KB
79 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:37 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80574
Expires
Thu, 30 Dec 2021 17:26:21 GMT
wp-automatic.css
newsyou.info/wp-content/plugins/wp-automatic/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/css/wp-automatic.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:31 GMT
Server
nginx/1.2.1
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2713
Expires
Thu, 30 Dec 2021 17:26:21 GMT
jquery.min.js
newsyou.info/wp-includes/js/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:29 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89521
Expires
Thu, 30 Dec 2021 17:26:21 GMT
jquery-migrate.min.js
newsyou.info/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Fri, 19 Nov 2021 05:48:28 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11224
Expires
Thu, 30 Dec 2021 17:26:21 GMT
main-front.js
newsyou.info/wp-content/plugins/wp-automatic/js/ 		1017 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/plugins/wp-automatic/js/main-front.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 24 Nov 2021 08:11:36 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1017
Expires
Thu, 30 Dec 2021 17:26:21 GMT
logo.png
newsyou.info/wp-content/themes/newsyou/img/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:08 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24862
Expires
Thu, 30 Dec 2021 17:26:21 GMT
2694868.jpg
newsyou.info/wp-content/uploads/2021/12/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694868.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 19:36:37 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115802
Expires
Thu, 30 Dec 2021 17:26:21 GMT
view.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/view.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15253
Expires
Thu, 30 Dec 2021 17:26:21 GMT
JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/JP1qtZVugHn4XCGbHKCu5CvsFEoAMWfovjsOTqvJ.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Tue, 21 Dec 2021 19:02:52 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50434
Expires
Thu, 30 Dec 2021 17:26:21 GMT
8c5b19b-16poroshenko-1024x610-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/8c5b19b-16poroshenko-1024x610-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Tue, 21 Dec 2021 19:00:58 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53266
Expires
Thu, 30 Dec 2021 17:26:21 GMT
menum.png
newsyou.info/wp-content/themes/newsyou/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/menum.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3725
Expires
Thu, 30 Dec 2021 17:26:22 GMT
sbtn.png
newsyou.info/wp-content/themes/newsyou/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/themes/newsyou/img/sbtn.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:09 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15582
Expires
Thu, 30 Dec 2021 17:26:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5994697028380609
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71de106760511fff2fb22aa4ddb430b7874a0b09603e83dbedcfc6d39988aea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51802
x-xss-protection
0
server
cafe
etag
10408445877269375271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:36 GMT
loader.js
news.2xclick.ru/ 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.2xclick.ru/loader.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Nov 2021 08:40:17 GMT
Server
nginx/1.10.3
ETag
"61a5e371-4e4d"
P3P
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=86400
Connection
keep-alive
Content-Type
application/javascript
Content-Length
20045
Expires
Fri, 24 Dec 2021 17:31:36 GMT
https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435738_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 08:25:28 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198298
Expires
Thu, 30 Dec 2021 17:26:21 GMT
shutterstock_568076731-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/shutterstock_568076731-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 07:02:56 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26485
Expires
Thu, 30 Dec 2021 17:26:21 GMT
https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435758_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Wed, 22 Dec 2021 08:23:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108153
Expires
Thu, 30 Dec 2021 17:26:22 GMT
Muesli_Coffee_Fruit_46766-750x400-2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/Muesli_Coffee_Fruit_46766-750x400-2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 06:59:08 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84867
Expires
Thu, 30 Dec 2021 17:26:21 GMT
https___ukr.media_static_ba_aimg_4_3_5_435842_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435842_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
152cc158dcaf09453a0a54b74fa60e3c8b9580a44ebc42a1e7c9241487666cf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Wed, 22 Dec 2021 08:21:11 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101080
Expires
Thu, 30 Dec 2021 17:26:22 GMT
shutterstock_281780285-750x400-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/shutterstock_281780285-750x400-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
00178a586698a7fa20ba1a9abafe8f49e60f12be51cf5a1f9c5abf96ca9535b7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Wed, 22 Dec 2021 06:56:18 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48025
Expires
Thu, 30 Dec 2021 17:26:22 GMT
newsyou.info.1122348.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3464
last-modified
Thu, 25 Nov 2021 11:26:29 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
T72570RD0NPJGY08
x-amz-id-2
a28riq9jUGJJUVnKtT/pPOakUJ/WNw4ov5gAPz8DHVaSeh451uIM0yF56/HmeLWFnFnvFX0c6mE=
cf-bgj
minify
server
cloudflare
etag
W/"4a5ade7ca18e6cd9b124c7e488981183"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530dcded5c26-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
newsyou.info.1146775.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3464
last-modified
Thu, 25 Nov 2021 11:17:38 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VEGVT66BEMX4F1J1
x-amz-id-2
AI3/DIVSFpgmpWwOYqkeqn33GG85H2ENhud+ExCWyL8YWoRV8GzXXP9xMOUlvUgAywszU3keT14=
cf-bgj
minify
server
cloudflare
etag
W/"954fed81ee1ba109d87b56eb30d13bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530dcdf15c26-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
1640252769_4184.svg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		327 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640252769_4184.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 09:46:09 GMT
Server
nginx/1.2.1
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80...
newsyou.info/wp-content/uploads/2021/12/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%91%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD-%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB-%D0%B1%D1%83%D0%B4%D0%B5%D1%82-%D0%BB%D0%B8-%D0%BE%D0%BD-%D0%B1%D0%B0%D0%BB%D0%BB%D0%BE%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D0%BF%D1%8F%D1%82%D1%8C.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 23 Dec 2021 05:37:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64815
Expires
Thu, 30 Dec 2021 17:26:21 GMT
2694720-1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/2694720-1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 19:38:29 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
113443
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%...
newsyou.info/wp-content/uploads/2021/12/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%92%D0%BB%D0%B0%D1%81%D1%82%D0%B8-%D0%94%D0%B5%D0%BB%D0%B8-%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D0%B8%D0%BB%D0%B8-%D0%BF%D1%80%D0%B0%D0%B7%D0%B4%D0%BD%D0%BE%D0%B2%D0%B0%D1%82%D1%8C-%D0%A0%D0%BE%D0%B6%D0%B4%D0%B5%D1%81%D1%82%D0%B2%D0%BE-%D0%B8-%D0%9D%D0%BE%D0%B2%D1%8B%D0%B9-%D0%B3%D0%BE%D0%B4.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Thu, 23 Dec 2021 02:36:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
86952
Expires
Thu, 30 Dec 2021 17:26:22 GMT
%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1...
newsyou.info/wp-content/uploads/2021/12/ 		196 KB
197 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%94%D0%B5%D1%84%D0%B8%D1%86%D0%B8%D1%82-Nutella-%D0%9A-%D1%87%D0%B5%D0%BC%D1%83-%D0%B5%D1%89%D0%B5-%D0%BF%D1%80%D0%B8%D0%B2%D0%B5%D0%B4%D0%B5%D1%82-%D0%BE%D0%B1%D0%B2%D0%B0%D0%BB-%D0%BB%D0%B8%D1%80%D1%8B.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Wed, 22 Dec 2021 23:35:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
200937
Expires
Thu, 30 Dec 2021 17:26:22 GMT
1640255354_6952.jpg
newsyou.info/wp-content/uploads/imga6695d8/23-12-21/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/imga6695d8/23-12-21/1640255354_6952.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Thu, 23 Dec 2021 10:29:14 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
296043
Expires
Thu, 30 Dec 2021 17:26:22 GMT
%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0...
newsyou.info/wp-content/uploads/2021/12/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%93%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%9F%D0%B0%D0%B2%D0%BB%D0%B0-%D0%93%D0%BB%D0%BE%D0%B1%D1%8B-%D0%BD%D0%B0-17-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021-%D0%B2%D1%81%D0%B5-%D0%B7%D0%BD%D0%B0%D0%BA%D0%B8-%D0%B7%D0%BE%D0%B4%D0%B8%D0%B0%D0%BA%D0%B0.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 16 Dec 2021 14:33:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48264
Expires
Thu, 30 Dec 2021 17:26:21 GMT
197_olya_polyakova2.jpg
newsyou.info/wp-content/uploads/2021/12/ 		189 KB
189 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/197_olya_polyakova2.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 20:54:15 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
193201
Expires
Thu, 30 Dec 2021 17:26:21 GMT
40c4bb177b051d9f40ffa69414b2d5e9.jpeg
newsyou.info/wp-content/uploads/2021/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/40c4bb177b051d9f40ffa69414b2d5e9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 20:49:10 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72552
Expires
Thu, 30 Dec 2021 17:26:21 GMT
%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B...
newsyou.info/wp-content/uploads/2021/12/ 		183 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9-%D0%B3%D0%BE%D1%80%D0%BE%D1%81%D0%BA%D0%BE%D0%BF-%D0%BD%D0%B0-%D0%BD%D0%B5%D0%B4%D0%B5%D0%BB%D1%8E-%D1%81-13-%D0%BF%D0%BE-19-%D0%B4%D0%B5%D0%BA%D0%B0%D0%B1%D1%80%D1%8F-2021.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Sat, 11 Dec 2021 02:00:05 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
187735
Expires
Thu, 30 Dec 2021 17:26:21 GMT
newsyou.info.1024868.js
jsc.mgid.com/n/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
cf-cache-status
HIT
age
3043
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
VJDH08A10XP55WF1
x-amz-id-2
dHzn/3sEgEOM/mEzVYQYC4D8BZGGCpMWn3Vb0dvbCMYhBGNvhecteUF4ctWNa/kXiw9d/LIYuDY=
cf-bgj
minify
server
cloudflare
etag
W/"49a1b7d557a988c4e4f78eb5f865547e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530dcdf65c26-FRA
expires
Thu, 23 Dec 2021 20:31:35 GMT
jquery.fancybox.min.css
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.css
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
232955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2695
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-31fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCmR4HH03%2BRahcLuhYDKKTNfnwuuLlDW%2BIwE8Hsul6s%2BdH%2FlYuQ7xHxpVeAVwW10bUvjcSa%2FjQ1NHVgzgPvhSp3SNkrwBGab87RFBdrl8GuFQq1cTvvqrM6LoTV2Fn5kWT8D8f6Gzz1vTKLvRhGHX0%2Br"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23530d8d3f5b2c-FRA
expires
Tue, 13 Dec 2022 17:31:35 GMT
jquery.fancybox.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		157 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4774769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
32145
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-2739b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhJB%2FvGXKCrmP40hMFOixS1nZcMGrLAFGv9ev4XGIvmg5rLzp8kW4AHso%2FywzQj7v56OnMIajsbV1lEo%2FzOB5DuabAqFU1ad7X5kDyTGvEjOzushYm3EMd6bm%2Ftu7S38gxHcubjRoP4lBZJ%2BiFKkmMGh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c23530d8d405b2c-FRA
expires
Tue, 13 Dec 2022 17:31:35 GMT
rotator.js
newsyou.info/wp-content/themes/newsyou/js/ 		207 B
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsyou.info/wp-content/themes/newsyou/js/rotator.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:57:10 GMT
Server
nginx/1.2.1
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207
Expires
Thu, 30 Dec 2021 17:26:21 GMT
av.js
ppvesdfiojol.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/av.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
last-modified
Thu, 11 Nov 2021 09:25:26 GMT
server
nginx
etag
W/"618ce186-b8fc"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
max-age=60
content-type
application/javascript
x-variti-ccr
412999264:1
expires
Thu, 23 Dec 2021 17:32:35 GMT
media
a4p.adpartner.pro/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
truncated
/ Frame 9DA3 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
sdk.js
connect.facebook.net/ru_RU/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c5f5cc2fc2a6af809ed007848c0a557f7f17addaeae2b27ce4f88a6530141257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
urRcGmocMcDPMl4DX5FbPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 23 Dec 2021 17:49:52 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
X/ekf9fOKGhHy7KiNTz3+VWS2G2Grvcvt1toLzCqrvdEMtbbsZMTml+sXkR2Ehn26WiOdzMf28bSCWJJPwcyGg==
x-fb-trip-id
686109401
x-fb-content-md5
bfbd2392c11c022f5cf7f999491d6016
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 23 Dec 2021 17:31:35 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"18995d0f40cbb7970f39789977405485"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
b286ae57.js
pxksnymto.ru/pixels/ 		139 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/b286ae57.js
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
menu.png
newsyou.info/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/menu.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2563
Expires
Thu, 30 Dec 2021 17:26:21 GMT
vunit
a4p.adpartner.pro/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit?id=7459&0.4010465217560628
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
01eedf9ad2fa092f748cb184504064ca0eba07bcc5575fc44ed4db8569d90e00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
index.php
telegram.im/widget-button/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 23 Dec 2021 17:31:34 GMT
Server
nginx
Strict-Transport-Security
max-age=0
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.8777505128593452
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
fb4846f5487c54dafb9e1cbcfe53c46b1d1f5dcab4bc344c6d7d9dee43ebfe03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
https___ukr.media_static_ba_aimg_4_3_5_435888_1.jpg
newsyou.info/wp-content/uploads/2021/12/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/wp-content/uploads/2021/12/https___ukr.media_static_ba_aimg_4_3_5_435888_1.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
60761959bfa05664c5be83eff421095dd973b4be4b9c48a01324d4e0462af2ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:21 GMT
Last-Modified
Wed, 22 Dec 2021 08:19:06 GMT
Server
nginx/1.2.1
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85489
Expires
Thu, 30 Dec 2021 17:26:21 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3544682099610794
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
93000525c0fea6959cb8c3b43d7283b1723569e47a7022fa011499d164c7510b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.849813507649867
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
d7cb6b13cf0b4b97e4becd8af31127e5dc2c9a7d102e7cbac37692371e87fa37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13245.js
jsn.24smi.net/d/6/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
489
etag
W/"6152c8b3-c46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530db8376957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:23:26 GMT
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=7880&r=0.6588643992292482
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
86b709f6ea9aef813433566286a6d23b38956e01e2a73c1b9d822c951ab369ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
13267.js
jsn.24smi.net/4/0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
522
etag
W/"6152c8b3-b81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530db83b6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:22:53 GMT
13248.js
jsn.24smi.net/e/7/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 07:48:03 GMT
server
cloudflare
age
395
etag
W/"6152c8b3-900"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c23530db83f6957-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:25:00 GMT
jsunit
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6814673986858364
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
925ad6a33586b6032bb0ff1853d0eb0e656819f037dba0f89ff0de81fd17377a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
/
m.mixadvert.com/show/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=6822&r=0.23938742074744002
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
2a7fdae0b80ae21d9affa1106cd1016597efedc5f7b7f769933886b7395f590d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532
149 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
149
Expires
Tue, 22 Dec 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttps%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR;0.9242734311296532
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 22 Dec 2020 21:00:00 GMT
3_3_1.png
i.i.ua/r/
Redirect Chain
  • https://r.i.ua/s?u224079&p264&n0.08856925716328456&c1&d24&w1600&h1200&rnewsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
  • https://i.i.ua/r/3_3_1.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.i.ua/r/3_3_1.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Server
91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
sh02.mi6.kiev.ua
Software
nginx /
Resource Hash
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Last-Modified
Mon, 19 Mar 2007 13:53:49 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1233
Expires
Fri, 23 Dec 2022 17:31:35 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Location
https://i.i.ua/r/3_3_1.png
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1830
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-10765"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67429
expires
Thu, 23 Dec 2021 18:31:36 GMT
cfg
data.24smi.net/ 		392 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13248&ver=27&pio=true&pps=true&callback=__smiCb1640280695984
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
9d5998e5a6fffb4e580a7658811134df70019191f5bf7637fdb4f28ec04c0c22
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13267&ver=27&pio=true&pps=true&callback=__smiCb1640280695985
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
f1ac433b47758c3556f9af8da32f75332b8ab0b1b12ec8ee89279fa9ac3d3da7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
/
ppvesdfiojol.com/ 		83 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
30c8e94dcf064f8923a53124378f80ce3944cbcf38c2644109745f5fa87d5876

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999264:2
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
utarget.ru/ranging/00cb2399e4/js/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/ranging/00cb2399e4/js/?rand=5894&cookie=0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
2583cf8eb97f939efc9061496ceef4087cef7e486b196ef00807dabc1dea6833

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx
P3P
CP="NON DSP COR CURa TIA"
Vary
Accept-Language, Cookie
Content-Language
ru
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8
cfg
data.24smi.net/ 		391 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=14482&ver=27&pio=true&pps=true&callback=__smiCb1640280695986
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
b04576f019aed6e765ed16042d3e64936f63cd5e6d3626ebf420ff4495ac4e44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
server
nginx
content-length
391
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
6ed056a9.js
pxksnymto.ru/pixels/ 		138 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxksnymto.ru/pixels/6ed056a9.js
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
last-modified
Mon, 20 Dec 2021 09:18:45 GMT
server
nginx/1.18.0
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cfg
data.24smi.net/ 		392 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/cfg?object=13245&ver=27&pio=true&pps=true&callback=__smiCb1640280695987
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
683261ccc2dc1324cba36445048baf8d8efb176c5281838cc87c5c16eb6e234a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store
server
nginx
content-length
392
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ 		239 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3391
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530e2ec75c26-FRA
expires
Thu, 23 Dec 2021 20:31:36 GMT
newsyou.info.1024868.es6.js
jsc.mgid.com/n/e/ 		241 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3687
last-modified
Thu, 02 Dec 2021 15:01:19 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
EKNC2B056DVH381Q
x-amz-id-2
YoWbhVXUKecBzFeX+qTy0G0/QGN72sA2N5Hh7rsY2eelGDMKodHQNpiElPqbCwXtXt6ehycXwoE=
cf-bgj
minify
server
cloudflare
etag
W/"04e832b814fb49973f6ea86d571d84a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530e2ec95c26-FRA
expires
Thu, 23 Dec 2021 20:31:36 GMT
newsyou.info.1146775.es6.js
jsc.mgid.com/n/e/ 		240 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3391
last-modified
Thu, 02 Dec 2021 15:50:10 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
6YY7XMJG5B0FXM6E
x-amz-id-2
FS7rXj34WLuvtkUZ21it+mYswuZvNkX+p9qe+y1DDq2omXJ1ALpy+5nkbP0s/ofO2SWnfXImJ7U=
cf-bgj
minify
server
cloudflare
etag
W/"bc159291689d374b57f73dde254fa617"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c23530e2ecb5c26-FRA
expires
Thu, 23 Dec 2021 20:31:36 GMT
sdk.js
connect.facebook.net/ru_RU/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=0e1a3766a101a4bdc7b3bba821b9ce0f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01d738b974f2a2c1ff954758467bc25edd7ff64c6f95cf6cb4ffed6e5296dc29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
yV4dAoaHRu1S2VY8K+4QGA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 23 Dec 2022 16:54:42 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82056
x-fb-rlafr
0
x-fb-debug
/lSDAfQff0G1EyAg74EUEU0mz2zz6mq8VSzwsvlp8i2vDsQ7NWfiAiL6DjS/V17k4PMau103+WX8HEy0oQDlLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
41c08eabf5812687e371e9426d2ae73c
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"48b95367970977d121ef3274b7d34a68"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
z
s.zmctrack.net/ Frame 9918 		52 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23804
expires
Thu, 01 Jan 1970 00:00:01 GMT
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.397
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
last-modified
Thu, 16 Dec 2021 14:29:41 GMT
server
nginx
content-encoding
br
etag
W/"61bb4d55-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame 5E03 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=63&unit_id=5555
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
8542ad7a156049afa2ff7426ae30fd28900c16e497edcf6ba59752d28b67857b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
ls
a4p.adpartner.pro/jsunit/ Frame B3D0 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696046519761&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=2489&ref=&0.8777505128593452
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
e28d00d99f2095e510221082276b6b83e88f4a46782b84bb7e301196adc44ca4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
d60c1733aa08b9c-1635069053.jpg
ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202110/7b1bc6dcdc3764e8/d60c1733aa08b9c-1635069053.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Sun, 24 Oct 2021 09:50:53 GMT
server
nginx
etag
"61752c7d-294c"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
10572
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999264:3
65f0be96ec82bfb-1640125395.jpg
ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0b43bcd0f0435025/65f0be96ec82bfb-1640125395.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 21 Dec 2021 22:23:15 GMT
server
nginx
etag
"61c253d3-462e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17966
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999264:4
0e278e7063abb76-1640126863.jpg
ppvesdfiojol.com/upload/202112/a16f7ae21631798b/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/a16f7ae21631798b/0e278e7063abb76-1640126863.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 21 Dec 2021 22:47:43 GMT
server
nginx
etag
"61c2598f-462a"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
17962
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999264:5
b5f36d7de5b31f8-1639937121.jpg
ppvesdfiojol.com/upload/202112/6db5449f752873ab/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/6db5449f752873ab/b5f36d7de5b31f8-1639937121.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Sun, 19 Dec 2021 18:05:21 GMT
server
nginx
etag
"61bf7461-5162"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
20834
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999264:6
98ab4c48038f0a7-1640127212.jpg
ppvesdfiojol.com/upload/202112/0e6e377b1b020881/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ppvesdfiojol.com/upload/202112/0e6e377b1b020881/98ab4c48038f0a7-1640127212.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 21 Dec 2021 22:53:32 GMT
server
nginx
etag
"61c25aec-376e"
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://ppvesdfiojol.com
access-control-expose-headers
Content-Length,Content-Range
content-length
14190
accept-ranges
bytes
content-type
image/jpeg
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-variti-ccr
412999264:7
ls
a4p.adpartner.pro/jsunit/ Frame FD23 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696045727656&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7460&ref=&0.3544682099610794
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
d765055b65e896dec7dc9ed63ae3e4cd789f98bae3963fe6503b6e6d58be1b5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
vunit.min.js
a4p.adpartner.pro/apstc/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/vunit.min.js?v=1.1.397
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=7459&0.4010465217560628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
last-modified
Thu, 16 Dec 2021 14:29:41 GMT
server
nginx
content-encoding
br
etag
W/"61bb4d55-c158"
content-type
application/javascript
ls
a4p.adpartner.pro/vunit/ Frame DF79 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=29284772869286190&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit?id=7459&0.4010465217560628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
7da902cfb1e6ce6cd76b1bfa86ff3b3c57c6687a1dd302aa6aaf195cf8b981be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 21F5 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 18:36:45 GMT
expires
Wed, 05 Jan 2022 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
82491
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Fluid%20responsive%20ads%20must%20be%20at%20least%20250px%20wide%3A%20availableWidth%3D0%0Aat%20Rk%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A155%3A507)%0Aat%20fl%20(adsbygoogle.js%3A163%3A337)%0Aat%20el%20(adsbygoogle.js%3A162%3A170)%0Aat%20Fn%20(adsbygoogle.js%3A220%3A38)%0Aat%20Pn%20(adsbygoogle.js%3A222%3A108)%0Aat%20On%20(adsbygoogle.js%3A221%3A832)%0Aat%20Xn%20(adsbygoogle.js%3A237%3A1)%0Aat%20adsbygoogle.js%3A230%3A47%0Aat%20Ad.aa.ma%20(adsbygoogle.js%3A63%3A809)%0Aat%20jf%20(adsbygoogle.js%3A76%3A1185)&shv=r20211207&mjsv=m202112060101&eid=44750774%2C44753658%2C31063825&client=ca-pub-5994697028380609&slotname=4778088697&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget-button.css.php
telegram.im/widget-button/ 		2 KB
823 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/widget-button.css.php
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=0
fonts.css
telegram.im/widget-button/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/fonts.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:05:17 GMT
Server
nginx
ETag
W/"58b29a4d-f47"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:35 GMT
style.css
telegram.im/widget-button/ico/ 		1 KB
795 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/style.css
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 09:02:08 GMT
Server
nginx
ETag
W/"58b29990-42b"
Strict-Transport-Security
max-age=0
Content-Type
text/css
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:35 GMT
WidgetTelegramButton.min.js
telegram.im/widget-button/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/WidgetTelegramButton.min.js
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/index.php?id=@OqKIcr3KMnMyMDky
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 26 Feb 2017 21:40:46 GMT
Server
nginx
ETag
W/"58b34b5e-c56c"
Strict-Transport-Security
max-age=0
Content-Type
application/x-javascript
Cache-Control
max-age=604800
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 30 Dec 2021 17:31:35 GMT
ls
a4p.adpartner.pro/jsunit/ Frame 5CAF 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=300&screen_width=1600&reload_count=0&banner_num=1640280696098222156&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7858&ref=&0.6814673986858364
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
5b5dc1a57876e8fa20398561ac1a1683f14c14f2525d94b420d6ba41f7315d37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
analytics.js
www.google-analytics.com/ Frame 5E03 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1830
date
Thu, 23 Dec 2021 17:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Dec 2021 19:01:06 GMT
media
a4p.adpartner.pro/ Frame 5E03 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5555&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
8981cabff4fda433a470ade513ba3bf91b98c71337bcb688e2d41b652a1fde96

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5555&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=3076eac0a1125734&d=newsyou.info
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
jsunit
a4p.adpartner.pro/ Frame B3D0 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280696046519761&id=2489&is_in_viewport=0&ref=&reload_count=0&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&session_pageview=1&shown=&site_visited=1&unit_id=2489
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696046519761&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
4960d1197a326ebcd1c3f9851a3e65773a4e2307a2234f6cbf7d31ea9207975d

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=2489&unit_id=2489&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696046519761&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
1282.js
jsn.24smi.net/e/7/13248/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/e/7/13248/1282.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:25:48 GMT
server
cloudflare
age
119
etag
W/"61c4b11c-11b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235310393768eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:29:37 GMT
1280.js
jsn.24smi.net/d/6/13245/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/d/6/13245/1280.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:20:48 GMT
server
cloudflare
age
396
etag
W/"61c4aff0-13f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235310393268eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:25:00 GMT
783.js
jsn.24smi.net/b/0/14482/ 		54 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/b/0/14482/783.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:20:25 GMT
server
cloudflare
age
400
etag
W/"61c4afd9-d62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235310393568eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:24:56 GMT
1281.js
jsn.24smi.net/4/0/13267/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/4/0/13267/1281.js
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Dec 2021 17:20:48 GMT
server
cloudflare
age
491
etag
W/"61c4aff0-118a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
strict-transport-security
max-age=0
cf-ray
6c235310393068eb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 23 Dec 2021 18:23:25 GMT
pclicks.js
prodmp.ru/ 		0
223 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks.js
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
access-control-allow-credentials
true
server
nginx
content-type
text/javascript
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=234211940&t=pageview&_s=1&dl=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&ul=en-us&de=UTF-8&dt=%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=132158047&gjid=286604854&cid=307658117.1640280696&tid=UA-80712032-1&_gid=763616890.1640280696&_r=1&_slc=1&z=1539412539
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsyou.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326726
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
otqfuqkvK4LcIQZJov-7Sdu4f7z5DuXpw8EBu1I0dbhCXm1oFpvylA==
/
utarget.ru/is_clickunder/ 		16 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utarget.ru/is_clickunder/
Requested by
Host: utarget.ru
URL: https://utarget.ru/ranging/00cb2399e4/js/?rand=5894&cookie=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.18 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
utarget.pro
Software
nginx /
Resource Hash
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Vary
Cookie, Accept-Language
Content-Language
ru
jsunit
a4p.adpartner.pro/ Frame FD23 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280696045727656&id=7460&is_in_viewport=0&ref=&reload_count=0&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&session_pageview=1&shown=&site_visited=1&unit_id=7460
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696045727656&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
d949686f3370e098926a76db97a797b8c9705a6739118d3090473dee86ab0ef3

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7460&unit_id=7460&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=610&screen_width=1600&reload_count=0&banner_num=1640280696045727656&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
vunit
a4p.adpartner.pro/ Frame DF79 		2 KB
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/vunit?id=7459&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=29284772869286190&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
0f48df046030dbf9a35dd57b4d1ca0a4d5d7b34656b12d1376ba4a37a15a2335

Request headers

Referer
https://a4p.adpartner.pro/vunit/ls?vunit=7459&bannerNum=29284772869286190&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
text/html; charset=utf-8
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=f8551d44-af5c-419c-a883-145ff548bccb&referrer=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&page_load_uuid=90ccfcce-8072-4ddb-ba1a-42774b7b16e4&page_depth=1&q6t9vdwku7=5eca6fba-9cbb-4f45-9572-32cf84077d45&block_uuid=5eca6fba-9cbb-4f45-9572-32cf84077d45&refresh_depth=1&safari_multiple_request=817
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd7b4556d5bd34469c523f7f1e60498ea73cc451900d96980ea585be357ccac5

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=f8551d44-af5c-419c-a883-145ff548bccb&referrer=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&page_load_uuid=90ccfcce-8072-4ddb-ba1a-42774b7b16e4&page_depth=1&q6t9vdwku7=3547ed36-7c1a-4c24-ba38-9664321b8855&block_uuid=3547ed36-7c1a-4c24-ba38-9664321b8855&refresh_depth=1&safari_multiple_request=682
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5b6f15d8bb5d9ca1fd24083687af8e69ec015ed2b185e6add7a18d14b4e488ad

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=f8551d44-af5c-419c-a883-145ff548bccb&referrer=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&page_load_uuid=90ccfcce-8072-4ddb-ba1a-42774b7b16e4&page_depth=1&q6t9vdwku7=1005d6d5-8587-4044-84b7-f49ce1b590da&block_uuid=1005d6d5-8587-4044-84b7-f49ce1b590da&refresh_depth=1&safari_multiple_request=327
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b7402a8f7ed4cfb889d2a18565b719a2abacf3a3e866242ac58dca3b9cb65808

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=f8551d44-af5c-419c-a883-145ff548bccb&referrer=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&page_load_uuid=90ccfcce-8072-4ddb-ba1a-42774b7b16e4&page_depth=1&q6t9vdwku7=c0a8ed84-a54b-489b-89d5-0615217d2847&block_uuid=c0a8ed84-a54b-489b-89d5-0615217d2847&refresh_depth=1&safari_multiple_request=740
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
39f80ca9e2657a13a8bbc594841621bd75cb9db1b4b323435183ff5f4d4b3995

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
render
ocmurc.com/v1/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ocmurc.com/v1/render?surfer_uuid=f8551d44-af5c-419c-a883-145ff548bccb&referrer=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&page_load_uuid=90ccfcce-8072-4ddb-ba1a-42774b7b16e4&page_depth=1&q6t9vdwku7=3c625efe-9cd7-4984-b8ff-0ac328698b2c&block_uuid=3c625efe-9cd7-4984-b8ff-0ac328698b2c&refresh_depth=1&safari_multiple_request=828
Requested by
Host: ocmurc.com
URL: https://ocmurc.com/otv1l7192ivl0pmy03q8h867quv768kypg019a.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1745d0810327aa0f02e2605db1324dea2e9f0cfa602a6388731d37ca93b597b4

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate
expires
-1
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9496.Wt2GCxYvi0LMK3vMa_NxNPu7r8ry19TAYrppEQq8TkXFqGRJTWbY2n1-96YcQvUY.ElmtxC00XItYyuMRtkLHZoO3-rw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9496.xUMg2T_QuwobfxP2FId4zvGReO_akWPsV0kA65MgxguciGrwduobLpieKGGvKLQI3FGspm5KEp1WkhgQVH-DIA%2C%2C.HGDofkV1VVCqIBgyXRHJLVbmbSU%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9496.xUMg2T_QuwobfxP2FId4zvGReO_akWPsV0kA65MgxguciGrwduobLpieKGGvKLQI3FGspm5KEp1WkhgQVH-DIA%2C%2C.HGDofkV1VVCqIBgyXRHJLVbmbSU%2C
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9496.xUMg2T_QuwobfxP2FId4zvGReO_akWPsV0kA65MgxguciGrwduobLpieKGGvKLQI3FGspm5KEp1WkhgQVH-DIA%2C%2C.HGDofkV1VVCqIBgyXRHJLVbmbSU%2C
date
Thu, 23 Dec 2021 17:31:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13977&f=2&ref=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
77e2c2dab1887094a00c3a8adab90f3e9eb971b0f4bd13e84ec64dad6596c52f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
jsunit
a4p.adpartner.pro/ Frame 5CAF 		27 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1640280696098222156&id=7858&is_in_viewport=0&ref=&reload_count=0&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&session_pageview=1&shown=&site_visited=1&unit_id=7883
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=300&screen_width=1600&reload_count=0&banner_num=1640280696098222156&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
6332eb2954c176560c97fd7d5c37283e164b549a0fcdedb7bb8faa91861f09a5

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7858&unit_id=7883&shown=&session_pageview=1&session_id=441fcb44-fe27-4565-a9c8-27dbdfd66af2&site_visited=1&apuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&width=300&screen_width=1600&reload_count=0&banner_num=1640280696098222156&is_in_viewport=0&ref=&location=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 23 Dec 2021 18:31:36 GMT
telegramimfont.ttf
telegram.im/widget-button/ico/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telegram.im/widget-button/ico/fonts/telegramimfont.ttf?7b24fo
Requested by
Host: telegram.im
URL: https://telegram.im/widget-button/ico/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.211.42.243 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host243-42-211-80.serverdedicati.aruba.it
Software
nginx /
Resource Hash
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e

Request headers

Referer
https://telegram.im/widget-button/ico/style.css
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:35 GMT
Last-Modified
Sun, 26 Feb 2017 09:02:02 GMT
Server
nginx
ETag
"58b2998a-59c"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1436
cookie.js
partner.googleadservices.com/gampad/ 		216 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=newsyou.info&callback=_gfp_s_&client=ca-pub-5994697028380609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
0ca14c8ad6edb3491f5668aab51b1b6e98da550d79ea028f4438530db273ec71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AE5E 		57 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&adk=1812271804&adf=1573534164&lmt=1640280696&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696185&bpp=2&bdt=704&idt=298&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2738633273524&frm=20&pv=2&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=317
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f059a896f19075cf9d64d8fa50267ecdd05ee9a2542e4b14045d9304b559a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
14958
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private
npm-monitoring
openfpcdn.io/fingerprintjs/v3.3.1/ 		0
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3.3.1/npm-monitoring
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 08:59:30 GMT
via
1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 08 Dec 2021 08:59:30 GMT
server
CloudFront
age
1326726
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
Hit from cloudfront
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=590808, s-maxage=30310003
x-amz-cf-pop
FRA50-C1
content-length
0
x-amz-cf-id
nJosR_thZVPJ5oTCzVTnQOlhHdL8RW-3XrKQM72rJazO9kGhZRkfuw==
ads
googleads.g.doubleclick.net/pagead/ Frame 17B2 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
249b119942b681f6d95fcc5c35f7de2c99900c09550b25305bb3c394130dabd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:36 GMT
server
cafe
content-length
9478
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:36 GMT
cache-control
private
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:14:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
css2
fonts.googleapis.com/ 		5 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:22:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
z
s.zmctrack.net/ Frame D34E 		102 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
c8810cc297021d92ff07fbe4c6f11734b5a16a969c1f8f5a748c2f6e0ac27b33

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
ads
googleads.g.doubleclick.net/pagead/ Frame B533 		79 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85aabae75d5f15afaf76346e3a0801215c6653dbb2c7c25c61920c8e63bffba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
22413
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
d0361c3202ab9a6b.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0361c3202ab9a6b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:55:06 GMT
server
nginx/1.14.2
etag
"61c3202a-71c5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
29125
d0361c31fee1b24a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b6dbb574f3004e3f8c4c78da05c062c9/d0361c31fee1b24a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:54:06 GMT
server
nginx/1.14.2
etag
"61c31fee-a2b1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
41649
css
fonts.googleapis.com/ 		12 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:10:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
googleads.g.doubleclick.net/pagead/ Frame EBA9 		70 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d237dfa717c464d0b2ef3a320881cc92303e925b06feaa9d8a16c7c46379f3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
20320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:59:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:36 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=10&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D10&cdsp=363190&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=10
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=10
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=10
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353139c9fd6e9-FRA
content-type
image/gif
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=363190&adu=https://a4p.adpartner.pro/ssp/match?dsp_id=9&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D9&cdsp=363190&user_id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0&sct=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=9
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=9
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=9
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c235313ccfad6e9-FRA
content-type
image/gif
f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
s.uuidksinc.net/match/272/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/272/f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
recreativ.ru/mtch/31/ 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

hn
b14
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
pix
dsp-trk.eskimi.com/ 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
via
1.1 google
alt-svc
clear
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
193.232.150.148 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp15.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
x-backend-id
f15-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f15-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:30 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
125
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F78B2C4611905054E02D27C63
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F78B2C4611905054E02D27C63
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F78B2C4611905054E02D27C63
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D%...
  • https://acint.net/rmatch?dp=14&euid=0100007F78B2C4611900E8A70297AE1A&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F78B2C4611905054E02D27C63
43 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F78B2C4611905054E02D27C63
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F78B2C4611905054E02D27C63
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=566daa8b-92fe-5365-8e78-6b22efbcd95b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=8b9d8c25-98ff-4f47-4443-17b921d04456
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=8b9d8c25-98ff-4f47-4443-17b921d04456
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=8b9d8c25-98ff-4f47-4443-17b921d04456
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=aa390072-4c5c-480d-587a-edb59abb70cb
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=aa390072-4c5c-480d-587a-edb59abb70cb
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=aa390072-4c5c-480d-587a-edb59abb70cb
date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
if
a4p.adpartner.pro/tracker/ Frame 7325 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5555%252C%2522region_id%2522%253A86%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%2522%257D
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=5876&id_name=FbrRc&teaser_name=keSsfsF&block_name=leYbKK&ban_teaser=&r=0.10226411070654295&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.849813507649867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
0826d1f79d9d4fd9070ae2669931dc22730ef26dad2c0ee4576cee2a4eb8b6bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:55 GMT
x-content-type-options
nosniff
age
163421
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:55 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 20:14:30 GMT
x-content-type-options
nosniff
age
76626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 20:14:30 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:14:45 GMT
x-content-type-options
nosniff
age
195411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:14:45 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FEA0 		84 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b2253cfc50b551deee4c786f70806aec3acaff3551ff2c5d9e7f1960571c367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
24938
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
d0b6115360bf1f86.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/dc7ecd7351ae49748f1e78fa144f3195/d0b6115360bf1f86.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:54:03 GMT
server
nginx/1.14.2
etag
"6115360b-4030"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
16432
d0b61b090eba3593.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/75d0dbb9fb5845d9830cc073c4e37616/d0b61b090eba3593.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:03:07 GMT
server
nginx/1.14.2
etag
"61b090eb-4f0d"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20237
d0b61c32063a6c1b.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/49838e133cdc4830a871625b8b396a7c/d0b61c32063a6c1b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 12:56:03 GMT
server
nginx/1.14.2
etag
"61c32063-8720"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
34592
d0b61b8fbc068836.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/2082f0f6f7ba45f58b15f4ca0f7664d3/d0b61b8fbc068836.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 14 Dec 2021 20:17:04 GMT
server
nginx/1.14.2
etag
"61b8fbc0-5ece"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24270
d0b61c44d55a756a.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c36d16a932074f478b94dfa1b7357b64/d0b61c44d55a756a.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:20:05 GMT
server
nginx/1.14.2
etag
"61c44d55-5029"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20521
d0b611535d09ed40.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ad636d96e673415e90d489e332995bf1/d0b611535d09ed40.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:53:04 GMT
server
nginx/1.14.2
etag
"611535d0-4a58"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19032
d0b61b090e7753d9.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/d30aecdcb0ef4d4f962ae020b2a50c4b/d0b61b090e7753d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:03:03 GMT
server
nginx/1.14.2
etag
"61b090e7-5f94"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
24468
d0b6182b6785e11d.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/2fa32ae2c78a49de93dbab7a8a3f5f89/d0b6182b6785e11d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 03 Nov 2021 16:19:04 GMT
server
nginx/1.14.2
etag
"6182b678-5021"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
20513
d0b6194a92d3a0ff.jpeg
ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/6512bd/ceb3ec894cca4652b4d301451afb1856/d0b6194a92d3a0ff.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 17 Nov 2021 07:03:09 GMT
server
nginx/1.14.2
etag
"6194a92d-3c83"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15491
d0b61b059e056f97.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/320c0552d1cb4ff0a14f70fdacd5b628/d0b61b059e056f97.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 07:08:16 GMT
server
nginx/1.14.2
etag
"61b059e0-3a00"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
14848
if
a4p.adpartner.pro/tracker/ Frame 5288 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A1564374%2C%22cost%22%3A0.001258428%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22c9f0d441-cb82-46e4-96ae-9a0cad6cd453%22%7D%2C%7B%22ad_id%22%3A1576063%2C%22cost%22%3A0.000510833%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22480166c6-b392-4adb-a5ac-0f683496818a%22%7D%2C%7B%22ad_id%22%3A1700972%2C%22cost%22%3A0.000434302%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22561f251f-1eed-4d49-93f6-cabfdeb849ec%22%7D%2C%7B%22ad_id%22%3A1714798%2C%22cost%22%3A0.000399628%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%2230548b30-aa34-4d2d-bb00-7a980e36a658%22%7D%5D%2C%22unit_id%22%3A2489%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
1
mc.yandex.com/watch/44453875/
Redirect Chain
  • https://mc.yandex.com/watch/44453875?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykc...
  • https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ay...
350 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1527%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1097879902757%3Ahid%3A591048360%3Az%3A0%3Ai%3A20211223173136%3Aet%3A1640280696%3Ac%3A1%3Arn%3A597960917%3Arqn%3A1%3Au%3A1640280696382176813%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280694419%3Ads%3A0%2C165%2C772%2C1%2C0%2C0%2C%2C518%2C3%2C%2C%2C%2C1581%3Adsn%3A0%2C166%2C771%2C1%2C0%2C0%2C%2C521%2C3%2C%2C%2C%2C1581%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
9bf22fc586522c232312af090b15051bea9c555cd8f5b562b2e33f4f21c5def3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 23-Dec-2021 17:31:36 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23-Dec-2021 17:31:36 GMT
location
/watch/44453875/1?wmode=7&page-url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A1527%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A1097879902757%3Ahid%3A591048360%3Az%3A0%3Ai%3A20211223173136%3Aet%3A1640280696%3Ac%3A1%3Arn%3A597960917%3Arqn%3A1%3Au%3A1640280696382176813%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1640280694419%3Ads%3A0%2C165%2C772%2C1%2C0%2C0%2C%2C518%2C3%2C%2C%2C%2C1581%3Adsn%3A0%2C166%2C771%2C1%2C0%2C0%2C%2C521%2C3%2C%2C%2C%2C1581%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1640280697%3At%3A%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://newsyou.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-Dec-2021 17:31:36 GMT
close.gif
newsyou.info/img/ 		83 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsyou.info/img/close.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/mainstyle10.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.248.101.21 , Russian Federation, ASN44812 (IPSERVER-RU-NET Fiord, RU),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/mainstyle10.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:26:22 GMT
Last-Modified
Thu, 30 Sep 2021 04:51:32 GMT
Server
nginx/1.2.1
Content-Type
image/gif
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83
Expires
Thu, 30 Dec 2021 17:26:22 GMT
informer
data.24smi.net/ 		694 B
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280696&ptz=0&pl=en-US&object=13248&template_id=1282&num=1&ref=&output=json&chash=A6VIhfjWW3&extids=&callback=__smiCb1640280695988
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
43f5baed8d80092fa79bd7816ff6cbad5400f88284279fb6e1b4a726f2ce7a37
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
content-length
694
d0b61b896f8257bc.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/03388beaebee41d99dd9101ed5f4931e/d0b61b896f8257bc.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 14 Dec 2021 13:07:04 GMT
server
nginx/1.14.2
etag
"61b896f8-3adc"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
15068
d0b611d0a3a2edd5.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/ef34f7f1d29449029f4cded922edb743/d0b611d0a3a2edd5.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 18 Aug 2021 13:25:14 GMT
server
nginx/1.14.2
etag
"611d0a3a-43c1"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17345
d0b61c45027f3f0c.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/26097f1d9161463f99d3d3ec66eada45/d0b61c45027f3f0c.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:32:07 GMT
server
nginx/1.14.2
etag
"61c45027-8af7"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
35575
d0b61add90bc4bec.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/b4bbd717686441f8bd0711295baf6767/d0b61add90bc4bec.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Mon, 06 Dec 2021 09:34:03 GMT
server
nginx/1.14.2
etag
"61add90b-5656"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22102
d0b61af169fdc6a8.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/c8fa0c5c8e4f49b3b238d7b9b5989cce/d0b61af169fdc6a8.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Tue, 07 Dec 2021 08:09:03 GMT
server
nginx/1.14.2
etag
"61af169f-5679"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
22137
d0b61b085e3ce442.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/884fa888eac744b596737050d32fc061/d0b61b085e3ce442.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 10:16:03 GMT
server
nginx/1.14.2
etag
"61b085e3-62a8"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
25256
d0b61b096109f84d.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a3f02c1fb1604939859cf07ddca7a555/d0b61b096109f84d.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 08 Dec 2021 11:25:04 GMT
server
nginx/1.14.2
etag
"61b09610-4431"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
17457
d0b611d0a35a6fac.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/4f250b41093144cdb2190c2a78e9a259/d0b611d0a35a6fac.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 18 Aug 2021 13:25:09 GMT
server
nginx/1.14.2
etag
"611d0a35-2f35"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
12085
d0b6115364870ce2.jpeg
ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/fad6f4/49e51e77a95f44439191d8ff8e999515/d0b6115364870ce2.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 12 Aug 2021 14:55:04 GMT
server
nginx/1.14.2
etag
"61153648-4b6a"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19306
d0b61c4519aa513c.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/a175fc7379634446b2371aef5f13243a/d0b61c4519aa513c.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1be560913b89a17400dd33cc2f45681a8da000c18284a4e22c695f706fb17016

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Thu, 23 Dec 2021 10:38:18 GMT
server
nginx/1.14.2
etag
"61c4519a-4dd4"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19924
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0F19 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb3e69b97fcd7317d12d702fe7d25c6bbc2f0dbc9eb2a9a23ffc31ba9b4d1ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
12326
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
css
fonts.googleapis.com/ 		3 KB
639 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4bb9e0506f58f5253017c1d860a7371ab1488d2c23e3002f4c230ce19fa7cf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:36 GMT
internal
dmpprof.com/matching/ 		141 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&title=%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
75aa3921cb12c8ff1c0b5b813294bbbafe8db812227ade6e840940f6e916d0d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
141
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 488C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246885_74e93c3d2a.jpg
zn3.2xclick.ru/img/400x400/885/ Frame 488C 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/885/1246885_74e93c3d2a.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 16:43:07 GMT
Server
nginx
ETag
"61c4a71b-7032"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
28722
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/400x400/658/ Frame 488C 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-aafb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
43771
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame 488C 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&tizer_id=13977&r=0.6650206429491543
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
content-type
image/gif; charset=windows-1251
ads
googleads.g.doubleclick.net/pagead/ Frame 0297 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa02e1df9da0b157753a0ac3c6c8317b395be7419694aedab2fa22204b3c191b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
12035
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
logo_left.gif
file.adpartner.pro/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/logo_left.gif
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.42 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
42.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 24 Jan 2019 09:25:42 GMT
server
nginx
etag
"5c498496-a79"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
2681
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=212162&f=2&ref=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&gw=610&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
b343350b5587c2b0d7ac9ec63f80841b16c12f6ec073fbc5ab913741ee800cf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
if
a4p.adpartner.pro/tracker/ Frame 3DD1 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2297875%2C%22cost%22%3A0.000731996%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222510a153-2e11-4429-9092-d9efd196a4ab%22%7D%2C%7B%22ad_id%22%3A2004555%2C%22cost%22%3A0.000173399%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22ea238a30-854e-43aa-9add-5c9137c9ab3a%22%7D%5D%2C%22unit_id%22%3A7883%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
d0b61c2e5968235f.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/6a162bfd1b0e480689a279dd892aa187/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/6a162bfd1b0e480689a279dd892aa187/d0b61c2e5968235f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
c9af752bbb8158660879cf030c3a9ce8bdbf74c7c6bcf82ba7c7cd931474e05b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
last-modified
Wed, 22 Dec 2021 08:45:10 GMT
server
nginx/1.14.2
etag
"61c2e596-4c53"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
19539
newsyou.info.1122348.es6.js
jsc.mgid.com/n/e/ Frame D34E 		239 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-encoding
br
cf-cache-status
HIT
age
3391
last-modified
Thu, 02 Dec 2021 15:43:24 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
RC20466EQDSMKB74
x-amz-id-2
wjLf5GDA4qP53hmCzSKeiCACTuV3faSjipVI7ZK729oaeXQf2DBL7mbyK8HhIkpzM1cZE/a+lHo=
cf-bgj
minify
server
cloudflare
etag
W/"3549c59b252a1dff4f0ed90218a6b365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
6c2353140d52d6e9-FRA
expires
Thu, 23 Dec 2021 20:31:36 GMT
bx6ANxqUneKx06UkIXISn3V4Cg.woff2
fonts.gstatic.com/s/tenorsans/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v12/bx6ANxqUneKx06UkIXISn3V4Cg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e203e224e5db4d6614a7dab7c0e6f5b41be1b480d0c0729000b30186c9e97a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:17:17 GMT
x-content-type-options
nosniff
age
195260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18500
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:24:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:17:17 GMT
bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
fonts.gstatic.com/s/tenorsans/v12/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tenorsans/v12/bx6ANxqUneKx06UkIXISn3F4Cl2I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22364d9de6d3a227b12361aace79a5dd19368d1a7502acd0ce2d26b967817649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:45:07 GMT
x-content-type-options
nosniff
age
128790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11616
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:56:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:45:07 GMT
wXKrE3kQtZQ4pF3D51jcAA.woff2
fonts.gstatic.com/s/arsenal/v5/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v5/wXKrE3kQtZQ4pF3D51jcAA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec23fa82b800082a70a0f1c0ba6d020cfc6e6f0c2c88bad68ae9be93394d5d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:23:08 GMT
x-content-type-options
nosniff
age
108509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17608
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:28:05 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:23:08 GMT
wXKrE3kQtZQ4pF3D51zcANwr.woff2
fonts.gstatic.com/s/arsenal/v5/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arsenal/v5/wXKrE3kQtZQ4pF3D51zcANwr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poiret+One|Tenor+Sans|Arsenal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff2fba31cf312d105355e295fef5f3579ea90d5662299a06036f419d32872eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 17 Dec 2021 06:47:19 GMT
x-content-type-options
nosniff
age
557058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10680
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:28:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Dec 2022 06:47:19 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9EED 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04de6d3800623a10b27786f05fd52d28ed521db09395d5585a255c93ffd764f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
12741
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
d0361c2d40494543.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/7599203a3c614adba928007e7e1eba92/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/7599203a3c614adba928007e7e1eba92/d0361c2d40494543.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
caac9197798524998a0183b70185ec49c3cc7d6daf12ef050ce628716273c23d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Wed, 22 Dec 2021 07:30:12 GMT
server
nginx/1.14.2
etag
"61c2d404-5427"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
21543
d0361c2e33a335d9.jpeg
ocmurc.com/.cdn/05a5cf/c20ad4/de4d70da506540d289906928d2d6660b/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ocmurc.com/.cdn/05a5cf/c20ad4/de4d70da506540d289906928d2d6660b/d0361c2e33a335d9.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
142df9e0618edd64600d047f04a0af0a1ee3a6885586498b9f6075311072d180

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Wed, 22 Dec 2021 08:35:06 GMT
server
nginx/1.14.2
etag
"61c2e33a-5c2c"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
23596
if
a4p.adpartner.pro/tracker/ Frame 33FC 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A2038647%2C%22cost%22%3A0.000157179%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%220ccad42d-a90c-43e9-93f0-77e1518cc6e4%22%7D%2C%7B%22ad_id%22%3A2297870%2C%22cost%22%3A0.000109135%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%222f9452ef-029a-4d27-b708-1b24198b8c67%22%7D%2C%7B%22ad_id%22%3A2287865%2C%22cost%22%3A0.0000614353%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%22466b31a6-363f-4c44-933d-a1686633802e%22%7D%5D%2C%22unit_id%22%3A7460%2C%22region_id%22%3A86%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%7D
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.77.59.234 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
vps-2181085f.vps.ovh.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
38170-438579-KGr.jpg
i.mixadvert.com/8174/38170/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438579-KGr.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:30:40 GMT
Server
nginx/1.12.1
ETag
"61a60b60-4b0f"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19215
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438575-5yf.jpg
i.mixadvert.com/8174/38170/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438575-5yf.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:27:51 GMT
Server
nginx/1.12.1
ETag
"61a60ab7-62ef"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25327
Expires
Thu, 31 Dec 2037 23:55:55 GMT
38170-438578-259.jpg
i.mixadvert.com/8174/38170/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.mixadvert.com/8174/38170/38170-438578-259.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.108.234 , France, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.storage.badvps.com
Software
nginx/1.12.1 /
Resource Hash
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Tue, 30 Nov 2021 11:29:43 GMT
Server
nginx/1.12.1
ETag
"61a60b27-5d4c"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23884
Expires
Thu, 31 Dec 2037 23:55:55 GMT
block_head.png
mixadvert.com/images/logo/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mixadvert.com/images/logo/block_head.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.153.171 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
d5.mix.site.badvps.com
Software
nginx/1.12.1 /
Resource Hash
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Fri, 17 Jul 2020 13:11:36 GMT
Server
nginx/1.12.1
ETag
"5f11a388-53bf"
Strict-Transport-Security
max-age=15768000
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21439
/
m.mixadvert.com/show/load/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=6822&id_name=qKpeK&teaser_name=mKSKiyR&block_name=zottzk&ban_teaser=438579,438575,438578&r=0.11500732293683247&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=6822&r=0.23938742074744002
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
0e40f3c11b4f7c11da658a2617a75dee43a32e250c1bf3a0cd93af1791f186bb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame EF5F 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa3b7658eb5e8da1a310d0655a996a3fa10aa92d14b37e62b2d678d3f5501e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 23 Dec 2021 17:31:37 GMT
server
cafe
content-length
12723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:37 GMT
cache-control
private
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54385
x-xss-protection
0
server
cafe
etag
4993246191385855005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 23 Dec 2021 17:31:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-5994697028380609&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-5994697028380609&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20211201_105007&sat=1640079616310&afm=0&as_count=9&d_count=0&ng_count=0&am_count=0&atf_count=5&mdns=0.428&alldns=0.428&allp=94&pgh=6769&su=newsyou.info&pvc=2390655881465621&r=0.1&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.php
ppvesdfiojol.com/ 		2 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ppvesdfiojol.com/view.php
Requested by
Host: ppvesdfiojol.com
URL: https://ppvesdfiojol.com/av.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
x-variti-ccr
412999264:8
expires
Thu, 19 Nov 1981 08:52:00 GMT
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280696&ptz=0&pl=en-US&object=13245&template_id=1280&num=3&ref=&output=json&chash=A6VIhfjWW3&extids=&callback=__smiCb1640280695989
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
aab9c6dbb018701405b1fbf23f43f644ea6fa1dae7000b4813532528297eed4a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
/
m.mixadvert.com/show/ Frame D34E 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/?id=5876&r=0.849813507649867
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
c3dd2f1505f3ffe42e220f07a858fc6bd2413d41c69adaf869ffbe85c0578bb2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
/
vcmjf535tx.ru/json/ 		49 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vcmjf535tx.ru/json/?user_id=1471d21b-0a5a-4ecc-9f12-7b1b807763c8&site_id=7221&blocks=6944%2C610%2012512%2C300%208032%2C300
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.169 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9af4452d17142a228ea92d8e4e2f582bb56dd738c029999be11298edacc9e7a5

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-adsbid-request
d254227890034acb1ff640b96fc776c1
vary
Accept-Encoding
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
demography
prodmp.ru/pclicks/ 		3 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prodmp.ru/pclicks/demography?domain=newsyou.info
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.106.93.124 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://newsyou.info
date
Thu, 23 Dec 2021 17:31:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
3
content-type
application/json
1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=7E53F656-3653-491C-995F-4CD355497FC2&id=1471d21b-0a5a-4ecc-9f12-7b1b807763c8
  • https://m.trafmag.com/images/1px-matching-go2net.gif?id=640f6b8d7ec5469880fb3cfe80dee7e9
35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.trafmag.com/images/1px-matching-go2net.gif?id=640f6b8d7ec5469880fb3cfe80dee7e9
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Server
193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
adforce.team
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"

Redirect headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://m.trafmag.com/images/1px-matching-go2net.gif?id=640f6b8d7ec5469880fb3cfe80dee7e9
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 17B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 17B2 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 17B2 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 01B5 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1169373_a92fd42263.jpg
zn3.2xclick.ru/img/300x300/373/ Frame 01B5 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/373/1169373_a92fd42263.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 29 Jul 2021 04:52:58 GMT
Server
nginx
ETag
"6102342a-5944"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
22852
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1153108_a465e98b7b.jpg
zn3.2xclick.ru/img/300x300/108/ Frame 01B5 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/108/1153108_a465e98b7b.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 30 Jun 2021 12:48:05 GMT
Server
nginx
ETag
"60dc6805-4f9d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20381
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246658_0b9d7dee25.jpg
zn3.2xclick.ru/img/300x300/658/ Frame 01B5 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/300x300/658/1246658_0b9d7dee25.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 12:06:42 GMT
Server
nginx
ETag
"61c46652-6a0b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
27147
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==
  • https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==&bounce=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==&bounce=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:36 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==&bounce=1
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Thu, 23 Dec 2021 17:31:36 GMT
qOyhT2fVcsgWDPZv0FPv
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/
Redirect Chain
  • https://s.uuidksinc.net/match/971/?remote_uid=uZQlT2HEsngC1UOQ104QAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/qOyhT2fVcsgWDPZv0FPv
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/qOyhT2fVcsgWDPZv0FPv
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam-cpmv/qOyhT2fVcsgWDPZv0FPv
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
0100007F78B2C4611905054E02D27C63
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngC1UOQ104QAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
112
x-xss-protection
1; mode=block
expires
-1
AodNQiYZ1FGyBnT0FvqDYtg
fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngC1UOQ104QAg==
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6898004&bn=6898004&uid=uZQlT2HEsngC1UOQ104QAg==&tuid=-4428269824
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AodNQiYZ1FGyBnT0FvqDYtg
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AodNQiYZ1FGyBnT0FvqDYtg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Adriver/AodNQiYZ1FGyBnT0FvqDYtg
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
qOyhT2fVcsgWDPZv0FPv
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngC1UOQ104QAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&tizer_id=212162&r=0.12570907460842262
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
adview
googleads.g.doubleclick.net/pagead/ Frame 17B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDUDFeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgTyAU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG9dCl6hQ2_Llfci86s3ffqAyNGKeALZOlVednhCiXYbFeje3kcF4gAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=fMU4tD7gIU8&uach_m=[UACH]&cid=CAQSGwCNIrLMmKWqoU3jvsoAj31HF1jgqYeUk5hDMhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 23 Dec 2021 17:31:37 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 17B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RMQEmAKdg2ICAgAAALzSAiuWZaj2EHeyxGEq2YEBCWmrSRl28QAS&wp=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
Kestrel
server-processing-duration-in-ticks
143508
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D88B 		137 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=280&slotname=9613474772&adk=3321513415&adf=3973713408&pi=t.ma~as.9613474772&w=580&lmt=1640280696&psa=0&format=580x280&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-top.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696187&bpp=1&bdt=706&idt=336&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=190&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=GQa1MUQVit&p=https%3A//newsyou.info&dtd=346
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
501f96e96a44f615cbfccd552666bb53fe89744d6b603d4edc5ed37b9c14ff6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=RXf7eNua4j8TotWVqLzMGwJWnFRL8MpcSA3sGqhtbdLiBniAwORhiys8DQV29IEdqIqd6rmROtZbk-h9phcmsXuzsoYBubgIhQNq95AF34QYLARQropKYKdUM7S6MIdSKplnDrrgSf4W_2kAE2TmAoEG0PK3-rmT1u-HU5thXyyJXC4EuM_CURqIJfaU6z6mKUadY3nf_5TPrLuy4bufcajNI-TXOwxupuCJJ__75gqWvsxIZbW9C4w9Nridx-nLTqVI2w"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
61877456
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=13978&f=2&ref=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
674329bbf96e86caeebb8a3016f9d55089c6d1041d3d500d8e3820f92c936d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
informer
data.24smi.net/ 		1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280696&ptz=0&pl=en-US&object=13267&template_id=1281&num=2&ref=&output=json&chash=A6VIhfjWW3&extids=&callback=__smiCb1640280695990
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
05b45e6141df88569b4606ad0d0d5f8f39e09780c05e6beb2127cb7b8a3a7404
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-5994697028380609&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=newsyou.info
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/ Frame E553 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 22 Dec 2021 18:38:26 GMT
expires
Wed, 05 Jan 2022 18:38:26 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
82391
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jquery_1_7_2.js
m.mixadvert.com/show/application/js/ Frame D34E 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/application/js/jquery_1_7_2.js
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=5876&r=0.849813507649867
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 /
Resource Hash
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Mon, 17 Oct 2016 18:47:41 GMT
server
nginx/1.12.0
etag
"58051ccd-17278"
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
94840
expires
Thu, 31 Dec 2037 23:55:55 GMT
enr
dmpprof.com/ 		2 B
352 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/enr?href=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&title=%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://newsyou.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With
content-length
2
informer
data.24smi.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.24smi.net/informer?psw=1600&psh=1200&pow=1600&poh=1200&pdpr=1&pdt=1640280696&ptz=0&pl=en-US&object=14482&template_id=783&num=3&ref=&output=json&chash=A6VIhfjWW3&extids=&callback=__smiCb1640280695991
Requested by
Host: jsn.24smi.net
URL: https://jsn.24smi.net/smi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.48.86.87 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ns4.24smi.org
Software
nginx /
Resource Hash
afe745e46cf68d489a17d47f0ec00188dca7f8aa011aaa38558a30d4b15d4127
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx
strict-transport-security
max-age=0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
css
fonts.googleapis.com/ Frame B533 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 15:39:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B533 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E553 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSMjHeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9AFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4eezhiPr6TQq0m2RK68BwFtgVLTWx3tpWBfMV1GE6gfIvVj44GyTSgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=LodNyHGyW4c&uach_m=[UACH]&cid=CAQSGwCNIrLMXW4lEIa9CUFL51tJV4mvfb6U79honhgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.nl.eu.criteo.com/google/auction/ Frame E553 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEcz6RO0HfJ2DYgICAAAAGo6eV-wFOgIQeLLEYYRyjFpWMCYXyk7BABI&wp=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
server-processing-duration-in-ticks
223494
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 689C 		153 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
be4b685c8eb876a04a4bd3d428e9ee07af9ecae6446db4ee5a4d3ebfd1417ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=lZyo2dua4j8TotWVQqy-NQy9orJekn1BUcURQP8cXmW-6akcYNp1KJNUQU1iUwhIZxwlhU709CNQd1jlyYHV_1i_QYWIMUoDwsqfqXHmGwdsZjTG7yTRgtyJtFyUn9LRWrhtWGEMRTzGpVt1MPRn3ULoJHVreLK1-ukG7i9apa34Ear6l8tgGBwZeAt93zXA-_a9Xui-IWWVmtBnYr37NCxqyYl9G6P0ORI6HXgRoyFyaAI9FrIMWT2odc2wAmkL837QBg"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
100264344
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E553 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E553 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E553 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
mapping
dprof.site/matching/ 		17 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=1471d21b-0a5a-4ecc-9f12-7b1b807763c8
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
/
m.mixadvert.com/show/load/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.mixadvert.com/show/load/?id=7880&id_name=symhl&teaser_name=mDrHlFR&block_name=kKtdHr&ban_teaser=438579,438575,438578,438575,438578,438579&r=0.18962782380825272&host=newsyou.info&ref=
Requested by
Host: m.mixadvert.com
URL: https://m.mixadvert.com/show/?id=7880&r=0.6588643992292482
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.189.55 , France, ASN16276 (OVH, FR),
Reverse DNS
m.mixadvert.com
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
4326e73edd0976498d9a48d9aa6dec1aa2a9e65c0791d644c9a441e2e120a6c5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
server
nginx/1.12.0
x-powered-by
PHP/5.4.16
strict-transport-security
max-age=15768000, max-age=15768000
content-type
text/html; charset=utf-8
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame B533 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B533 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B533 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame B533 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
css
fonts.googleapis.com/ Frame EBA9 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:31:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EBA9 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame EBA9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:48 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D88B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D88B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D88B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Dec 2022 17:31:37 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D88B 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 18 Dec 2022 17:31:37 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame D88B 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=q6EOWQHbIRnoGeKlU3uCLY8ITtOeWf4dEqhCXPdnmvnfVSUsvdShUoU4UC7iEoRPskU7qLzQecryT9sus5WNMDiOXMC-TTTwzDQRmmfzxmUoI5vfpUu3MyAYN7-gorCXKQrzuHxmNAPGI-YU2UuG4n5YxJpwP-dbB_KJwVkoeSFVwlg5NXFc9h02D71TuBd7pujPcC3wrXjP62ENkwDkrkT7bB3YX9YeIKAnuM2zRm_elgdwp7sFhkJOyYYZLRu1SArWo7t_4GJ8xHecq2YymbZQ8p7P487AtWjQzhlGfCY3iL1xftbh4LlmzOKVH2EuU1R_luJ1-F8YjzFNjcIyynYfFCQSpj0JboOSwp6KNTMGzrJ5TZW_L9TSwx7SYPg7uaIrJaZE4JlXUPOlHdk8ahJ70egUXcLDNOgVN5cTc16U7So8yYHFywJwDBPW9aBK0FBmrw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6235
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EBA9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBA9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame EBA9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:06:27 GMT
x-content-type-options
nosniff
age
109510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9776
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:06:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:33:18 GMT
x-content-type-options
nosniff
age
129499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:33:18 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D88B 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1801585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPzFYZOHgv4z7Yly63uBuN4wiz6hDi6SjiKh7q%2FxxY01D0h%2B8nOrrac%2FSDT42U22KVDc5ouNnO7c%2FhMKAepDR0EZ6D%2BA271mW2dufOeXTOmTBYCmTUnhoacya5GStJCgcB1f%2FzUJPWpSqIRf%2F2U2eJqr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c2353166bbec29a-FRA
x-cache-tag
abcd1234
expires
Tue, 13 Dec 2022 17:31:37 GMT
animejs.js
static.criteo.net/animejs/ Frame D88B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
95b9b370494c2558bec06fe1897c5c1f.jpeg
img.servestatic.net/300_300/9/5/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.servestatic.net/300_300/9/5/95b9b370494c2558bec06fe1897c5c1f.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93398887feeae6379c164b5421590428a861e7454218df7d47fb5166a31dbf35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
88587
cf-polished
degrade=85, origSize=31308, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17830
last-modified
Fri, 06 Aug 2021 07:31:47 GMT
server
cloudflare
etag
"610ce563-7a4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JLtqpuSr4lpWZzR%2F1ZoqD7Lvdp%2F3XiGMIoS2%2F%2B1RnnKGLTrbueuOQ711dALOmV0ZjXfsjM6ocCajAFCluubmHhPZWpmqSz4tPAnh7KEhzhGtwjjQOi2O%2BvJkXbh93HWCAz3WHoNv0RudtP1WmG52No%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
expires
Fri, 24 Dec 2021 16:55:10 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
6c235316bb725bdd-FRA
cf-bgj
imgq:85,h2pri
truncated
/ Frame 17B2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
506832cd024e2c68070ec94bb5d99c7b0ccea49979b2803aeda7c6839d0ef8cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame 5C4F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246215_a759d52860.jpg
zn3.2xclick.ru/img/400x400/215/ Frame 5C4F 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/215/1246215_a759d52860.jpg
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 22 Dec 2021 19:54:14 GMT
Server
nginx
ETag
"61c38266-6301"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
25345
Expires
Thu, 31 Dec 2037 23:55:55 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
124
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&tizer_id=13978&r=0.2676018024261204
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
tzr.fcgi
fcgi5.gnezdo.ru/cgi-bin/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fcgi5.gnezdo.ru/cgi-bin/tzr.fcgi?id=10139&f=2&ref=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&gw=300&gh=0&gsnr=0&gaid=0&gtvm=&ids=
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
ccf5d949307d337ed53f7035a324ef7547a40fa1c2012f34473a9574e3143018

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
access-control-allow-methods
GET, POST, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://newsyou.info
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With
img
pix.eu.criteo.net/img/ Frame D88B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=7UdBWGvSb6EyXA76xB-t9sZc
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 09:19:48 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
634309
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29210138
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11345
expires
Sat, 19 Nov 2022 11:15:26 GMT
img
pix.eu.criteo.net/img/ Frame D88B 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=400&s=U50QBZteurZUBwwnN0OH3RYn&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:09 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80848
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70472
expires
Thu, 22 Dec 2022 19:04:08 GMT
img
pix.eu.criteo.net/img/ Frame D88B 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1623325-_x600-nocrop.jpg&v=3&w=400&s=LhQatqzvMJI_D3tK5QvU4nSw&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
934569be62b1a99127a84d97d4af0b5a5f96eebf42d6fcc82ed600f6a2b2e630
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:05:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80781
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535936
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
75290
expires
Thu, 22 Dec 2022 19:04:13 GMT
img
pix.eu.criteo.net/img/ Frame D88B 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1526544-_x600-nocrop.jpg&v=3&w=400&s=3EfeCKNqWATBAfbKHppwOygr&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
f83ac55e664bf32f310e796669e32fc8663391ab4dce6555826273d211bb3246
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:53 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80803
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535972
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
59290
expires
Thu, 22 Dec 2022 19:04:26 GMT
img
pix.eu.criteo.net/img/ Frame D88B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=400&s=BSa_CYNiehYpKpTcNn2jt3hT&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:07:02 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80674
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535940
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:06:04 GMT
all
csm.eu.criteo.net/ Frame D88B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=RXf7eNua4j8TotWVqLzMGwJWnFRL8MpcSA3sGqhtbdLiBniAwORhiys8DQV29IEdqIqd6rmROtZbk-h9phcmsXuzsoYBubgIhQNq95AF34QYLARQropKYKdUM7S6MIdSKplnDrrgSf4W_2kAE2TmAoEG0PK3-rmT1u-HU5thXyyJXC4EuM_CURqIJfaU6z6mKUadY3nf_5TPrLuy4bufcajNI-TXOwxupuCJJ__75gqWvsxIZbW9C4w9Nridx-nLTqVI2w&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:36 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D88B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D88B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
css
fonts.googleapis.com/ Frame FEA0 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:39:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FEA0 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:27:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
server
cafe
etag
14559802278604478720
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:27:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame FEA0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7876
x-xss-protection
0
server
cafe
etag
5333878705136318229
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FEA0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FEA0 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FEA0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
l
www.google.com/ads/measurement/ Frame FEA0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaThJDYogJsw2Lzw6MauLBPn2Ry3sBN5qK91bw9I7Ghuc_aLRijbFVI76pCnYAkjr2eJTLcgkdLHd0sgDgxZM56x7ZgRPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame 0F19 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1JMFptUmpZMll0WlRFd01pMHdOR1E1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MjkyNDA1NjIwMzEyODA0MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY2VYaEV4QklVOUx2aEFMeExXdXd6VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTI5MjQwNTYyMDMxMjgwNDE2L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MDI4MDY5Ny8xNjQwMjkzMjk3LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/e1saNXbmS7SHvM5O6oT3mPTLp2c&nodeid=1906&group=cdg&auctionid=3929240562031280416&shardkey=3929240562031280416&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
444a7c9634c632f0c82c785f247608abc7a46b73d1524fe9cafcff1651995a55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1640280697
Last-Modified
Thu, 23 Dec 2021 17:31:37 GMT
Server
MMBD/3.210.4
x-mm-latency
12 (1)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x76, cdg-bidder-x145
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Thu, 23 Dec 2021 17:31:36 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0F19 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F19 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0F19 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
css
fonts.googleapis.com/ Frame D88B 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:02:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
img
pix.eu.criteo.net/img/ Frame B533 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&ups=1&v=3&w=800&s=fmjPP_tOetckvQpIdPwjRmzW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:09 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80847
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
183364
expires
Thu, 22 Dec 2022 19:04:09 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B533 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
img
pix.eu.criteo.net/img/ Frame EBA9 		202 KB
203 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1427944-_x600-nocrop.jpg&ups=1&v=3&w=800&s=Tt2lqg3NOzTQlUe872M-phC7
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ed978d4a83c4129c5bacfae8da58a2534ca69cae2d95d7939a5d328628f5089f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
0
vary
Origin
x-cache
miss cached
content-type
image/webp
cache-control
public, max-age=31455312
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
207180
expires
Thu, 22 Dec 2022 19:06:50 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame EBA9 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZH3YeLLEYd7PM7XAngXqo4uoBsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMByAMCqgT4AU_QpswgCc6MUWHlrz0pUvIJMmQMYaVustAVklXqgDimeRxdgh8ZQMBwJGYNBcFtI5Z_2FqiYNMKhHZVJPOwicFKmN8AoeAxB54-wGK0hEtgFKaSFk5gOlV2sc4eBxm8eDyTVztiTJati7IB9jhhEafshkl8clz_FSUcxddTYFm4omvlnVJo5qsjruT1UoFzinVWFgWVWQ7Ihu-k23YniKgX-IempG413ZybyJ7AXzefzMhwf6lUN7wW0W4WCNdhn7j3hmpUw7ybbKbHPYrrHuT7PJ3xEJRG4Q7CmNuTVcfGMgIDgFsuAWqfcPDlY0G2KIGB_4SofokFgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=cXs-qizsjAw&uach_m=[UACH]&cid=CAQSGwCNIrLMuaMe7uqKMX5tWsLnzB56BGXqizV3tRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.fr.eu.criteo.com/m/delivery/ Frame B533 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=Jd8KW1CR97rQ6zWi_MU_hO6-8y5ofIcnZisxLwdNM5AKS4h6yuUBgQnF3rBN9zKdv4XvKb2OYmGc73HLtCxf1XbIQfi9iFEImvCzi1WLv604h14XQGBWo54THpYhs5neezLgiOQZZaj5pHRszFJzXFNBBp9O98zyMLYKGLKNL5OFacpdkNx2SwwPwwNod0hp3OKUyJQstWsJbAwgl1VLg--lSsuqFdl1rCJj0NwI1lQ_FN6tGKZe8sTxlt6-2Rv-E6jXWz9pzomhb6qYje7b0nRmwMg4XbLTFTcbQ8D1SOwPf-LOaIOYroIx3D2SX7sO1NDTLGPdOBM2aSvgWAjHiYXOJ4wXOiIpBH4xy5WH1ezXufGd6NbgTy78vWmUE2BGWqmyeao39k4YXEvAZbzzzMGdpymKRGcoSiQQumNq_xx0jsDlSUcnLbs_-u7lh1ZuFgkipKnT58jfIoNG18ZX_81GXYva7FAxjb8XHPqPPYZuhDvtq-wZXNiQ5TqBDN1mzw-SXQ&z=YcSyeAAM594Kp6A1AALR6gP90wCRBvymvpu9OA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:36 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3239561
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame B533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAAVVnE9SM7uORB4ssRhsCrp4TwQTvSrP1YAEg&wp=YcSyeAAM594Kp6A1AALR6gP90wCRBvymvpu9OA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
server-processing-duration-in-ticks
273596
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame B533 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C44tneLLEYd7PM7XAngXqo4uoBsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMBqgT4AU_QpswgCc6MUWHlrz0pUvIJMmQMYaVustAVklXqgDimeRxdgh8ZQMBwJGYNBcFtI5Z_2FqiYNMKhHZVJPOwicFKmN8AoeAxB54-wGK0hEtgFKaSFk5gOlV2sc4eBxm8eDyTVztiTJati7IB9jhhEafshkl8clz_FSUcxddTYFm4omvlnVJo5qsjruT1UoFzinVWFgWVWQ7Ihu-k23YniKgX-IempG413ZybyJ7AXzefzMhwf6lUN7wW0W4WCNdhn7j3hmpUw7ybbKbHPYrrHuT7PJ3xEJRG4Q7CmNuTVcfGMgIDgFsuAWqfcPDlY0G2KIGB_4SofokFgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=VF5z3XuresQ&uach_m=[UACH]&cid=CAQSGwCNIrLMuaMe7uqKMX5tWsLnzB56BGXqizV3tRgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1968 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B533 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89b2c7dbf2b7056cfbdbd537c73a18e4a7d47c044363716af4e5278f7afe70cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 689C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 689C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 689C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 18 Dec 2022 17:31:37 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 689C 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sun, 18 Dec 2022 17:31:37 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 689C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=_6Q_dTqIuRg9IBP6gwNPNSoSd0WZ3R1pSe7L1DUW_xTR-IwfeeNYEo_zy8S-NnEx1MDolUKQDf1KVLEjsREpfylx9Rk2xDZq99MMtbvSHey8QxHGvc9GdpJQ1ZT-2FjTIGXUHN_BdmxWBQkOYWKQyLj3WyJRm2DeTG1Ldx0Ni9Q-sI_DRtIJgmhv5cBPYTymOey99fYIFFwxkJN8h3cYqOueOBjHiUla5FXbO3K7uRRnD5Es-OUDHdXtORkowAmrYSrtqje22HDqPvyUFUWyZbRJocEOHvA2EaXuTech_LBCP5KdXG0UHLIo2vMbdzKBbC8jZvdtfmIYP3WPCFDEAwRozDQ7H-leSjJnIOqGT108QFLrTJ0VHq2JPE4KqCCq4fYIPydCTEhA7MfW1v92osC_acWYhXvuQNCytfm4SUCRtKUG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2553455
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EBA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ceze8eLLEYcPZM8eeiwP7hIioCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMByAMCqgT4AU_QZL5-cz-pfBXd5_Oe3GFelyVYUfsRPorbymI20YpBy-jYDgVt0DnPI5uB47zeXocyh9zKJRm3kBhECyixm5DyxT1e2xDn0txH62zFQUMcbPImfhmyD9bIudbjcu5GOLnqfu6i4vRxiZjwfEI-OXR4lTO_Cu9gI4KLW2cA6h1dMhyl-jiWcUJtkQnPCqvfBDK3Lf1Vzhdj7mIArs5ediZBrYKoxj559dOgFLwU1myW1dnKnn0iyMO4FYlaQ35PjpyAnpeep5_Cxp7-ObNnHwexbuffRJIyJOV-CPiD9r10Dq7IufF9qhfinKfR0o2NlHA1ijEGj8ZAgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=ecGf7WYeoLM&uach_m=[UACH]&cid=CAQSGwCNIrLMjUsCDHXD9HymseXW3-2LeBIYkYK7NRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.fr.eu.criteo.com/m/delivery/ Frame EBA9 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lgn.php?cppv=3&cpp=XHNJblCR97rQ6zWi_MU_hO6-8y4ID6_CzZ-ZxZRP1ekWblU4S-ed1JYDrMKidB7c6PS6B0qdVyPFEqF3cJ9PnC71iRZjlpn5Aa2675ksAGiP15IMCk-X21I2RPTdYqIGZLEF1LjBbfDWDFbATPeMnYwn48eidQb8zd-JJh4kar6Ew46fNPTUXvwuA_LcJD6Sj-k0lbwbK304CD6nT-RyQCsUaORU6coc_TGPMugc5q31VnlcGnOETWeJnK-IENm8MXlGJ65mGq1UjKs99EIHzRwfp2D8h22DINbftWYTBwoOFKkOoZFYH7_V97RCbFozxG-BX5g4dViGGgJnGZyOuC9CsgYgxKXubZ_jnEtyRbhXa2i9LqH5kgMLjEv12kQxKqiUQgwScM2uuAjh51XW-x7WbHcGCwDMtGRNC1JKw65wVO2rakk7OkNFuO2Jf61ynLc7JkE6hz1xRjSkv9b7MfiLNHvrUTwUCAOnvfBcgvyrdIRs_TmZnFRqOtRzfIlForax1A&z=YcSyeAAM7MMKYs9HAAICewrLCK2oBoxrPrS1vQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2836315
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame EBA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAB7oL4v5Jt7zBB4ssRhBvufAshXrht62JMAEg&wp=YcSyeAAM7MMKYs9HAAICewrLCK2oBoxrPrS1vQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:36 GMT
server
Kestrel
server-processing-duration-in-ticks
338196
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame EBA9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cljl1eLLEYcPZM8eeiwP7hIioCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT4AU_QZL5-cz-pfBXd5_Oe3GFelyVYUfsRPorbymI20YpBy-jYDgVt0DnPI5uB47zeXocyh9zKJRm3kBhECyixm5DyxT1e2xDn0txH62zFQUMcbPImfhmyD9bIudbjcu5GOLnqfu6i4vRxiZjwfEI-OXR4lTO_Cu9gI4KLW2cA6h1dMhyl-jiWcUJtkQnPCqvfBDK3Lf1Vzhdj7mIArs5ediZBrYKoxj559dOgFLwU1myW1dnKnn0iyMO4FYlaQ35PjpyAnpeep5_Cxp7-ObNnHwexbuffRJIyJOV-CPiD9r10Dq7IufF9qhfinKfR0o2NlHA1ijEGj8ZAgAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=HQycWVZ5sZk&uach_m=[UACH]&cid=CAQSGwCNIrLMjUsCDHXD9HymseXW3-2LeBIYkYK7NRgB&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0811 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EBA9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ac5353d0a99aa4c2a45f60300967bf39d8bd6b4380d04d04de45d324633a02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 0F19 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6oyeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPMBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVQtgsoDjXp1wW_LmUlyZjbnuKCvuwLcYzk0FanYQJtgUzJqSCsK7gAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=BQaeWSVRNMk&uach_m=[UACH]&cid=CAQSPACNIrLMcJHDFxaAbXH4IHnK7T9H1W9tvlgODuF4s4tY5PwqhpB1MMpCin7VVHf_KCgk5dmEpjTmj66liRgB&tpd=AGWhJmtxusutp0I6lUxuhNDpYNxHD1TBadyUuG8oYRaRkUo_tjuB60VPHYeI2-JOLBasMXNRieMgNfTVR63Y45KB-5KMCVqMFZGo_pIEGZvUp1Qi7ykQk37U7tFl5gSLo06hDkLGD-EupnektI9Z3tJBVqWgweMnv0n7HBE23ho-9vY0GNTjfSaTKMZaCNKQFaPViTOHW0IGRmKVEQ0Iiz7r-7Bj7vbfuSkcPvr_mQLk95uOa72g9HQ-BULKtZvMGcKj19mHCwOXoVZ7lukDR0EpIDa9rTNOF21i2yhoCFZVDP2sfQo0HZMOebRJfiEgmUq2OeSPZnS6SZJ7EijHP2QxH2jS4xjexBuMVWdZvCOx1EsAgWL-HLJmIYDWjby8xZ0NQiTKrXvdIqqXtY-s25Zzjzc_kISCAdWvqsDU6d4ndYbkXs_A4EopX9Zi44CRiahZ-sO9BtrjI2qcNQ6_AQqQDAuWU2n84eZctfCGo6SfEMukaKS0uqRgglQt5oZJgb_NKP_jsjDDe7ZtY6didtszfqHTwX9FHS_-yKZOrcswFPvZlw_VcC2C-qUNGUznAOth1fMzYWVkr8EyHMV1XIZnrBl2hE8C1-_WtRIMVXgYxnKn2TeJIwRiQ8gAvPfSoua8NzgneaPVaEYemHGQTFkqiX6HFOTpzFmZT6kvJ3BRQc2jDVHqzqyQSBvHMRaLYOYCpgwMF5RGNTiQCJxKLmKoBjWK9Br5K3Z_s27bOeDPoO_4fiZCcLbpxa52znbmB_JNgS0-fBHsbmI_NBaS1BjmsHNzt1LIaHVp81SsVG3UrN7-AytTBHtfSQqOmXutFN3cHJwGJ7DPdFpHeXNdSxT0p_EvGTY3Jytsn0ZJj-T4s-CmdRDQUt65vtvfOgLk6cPsXyVgEZDKvXIta_h6oq4oyK0sxjZ2zF3K6YQD_o6vApexmOEL9tCIENWzjs9Ab39rZwWtV3RfFnadzkrxxOrAuvwq0JaI-x9YupzX5WcxJJSrH696HQqZ45n5nPIX6viES7bLDOYd1GlFr7OgfQKB4lZd2uhCJXoVkqFfhFmZt44tHqg-GXsDKMrn6aBCitQqutg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
css2
fonts.googleapis.com/ 		6 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap
Requested by
Host: vcmjf535tx.ru
URL: https://vcmjf535tx.ru/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:00:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
truncated
/ 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
d0361c3202ab9a6b.jpeg
guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://guepslka.com/.cdn/05a5cf/c20ad4/a428af4ab9f649cdb549927670707eec/d0361c3202ab9a6b.jpeg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
217.67.179.205 Balashikha, Russian Federation, ASN29226 (MASTERTEL-AS Moscow, Russia, RU),
Reverse DNS
217-67-179-205.in-addr.mastertelecom.ru
Software
nginx/1.18.0 /
Resource Hash
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Wed, 22 Dec 2021 12:55:06 GMT
server
nginx/1.18.0
etag
"61c3202a-71c5"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
29125
rect_61bb82bd23cd2t1639678653r1674.jpg
i.cdnkimg.com/auto/492x328/image/tesr/9830/830/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cdnkimg.com/auto/492x328/image/tesr/9830/830/rect_61bb82bd23cd2t1639678653r1674.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
bcef721dafe0ef3058c2c30dfcb35fdef78b3087d0931a73e6e7f39653fcf784

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
x-cache-status
MISS
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 06 Jan 2022 17:31:37 GMT
cache-control
max-age=1209600
content-length
51465
x-proxy-cache
HIT
truncated
/ 		526 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
rect_6195104618915t1637158982r8235.jpg
i.cdnkimg.com/auto/492x328/image/tesr/1004/4/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cdnkimg.com/auto/492x328/image/tesr/1004/4/rect_6195104618915t1637158982r8235.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
1ef04a1c93a13a14f95aca49fc23b395cf2d098d94f282b413c601b48ac08da1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
x-cache-status
MISS
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 06 Jan 2022 17:31:37 GMT
cache-control
max-age=1209600
content-length
37475
x-proxy-cache
HIT
rect_61bca970bb1e8t1639754096r8511.jpg
i.cdnkimg.com/auto/492x328/image/tesr/2076/76/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cdnkimg.com/auto/492x328/image/tesr/2076/76/rect_61bca970bb1e8t1639754096r8511.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
0edd22cd3a69f4fd314a19249eeff84e8877cf0f045dff7bd5fb4c8672acf2bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
x-cache-status
MISS
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 06 Jan 2022 17:31:37 GMT
cache-control
max-age=1209600
content-length
51027
x-proxy-cache
HIT
61bc5770b5715t1639733104r3458.png
i.cdnkimg.com/auto/300/image/tesr/6615/615/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.cdnkimg.com/auto/300/image/tesr/6615/615/61bc5770b5715t1639733104r3458.png
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.37 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
995b1f176d6239b8702e840125a5ef8e71db113fbb76a62badcadd799bfa761e

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
x-cache-status
MISS
content-type
image/png
access-control-allow-origin
*
expires
Thu, 06 Jan 2022 17:31:37 GMT
cache-control
max-age=1209600
content-length
72600
x-proxy-cache
HIT
truncated
/ 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		349 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 01:54:06 GMT
x-content-type-options
nosniff
age
142651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 01:54:06 GMT
css
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 17:15:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0297 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0297 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0297 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
l
www.google.com/ads/measurement/ Frame 0297 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG4jQ2WXCXfWSehwplJFAy-6dsEqkkd_-qj3g4sXuoJD7kfwWnj0EIgAk3bCDHRCxxbQd_VNGIGwNfUL4oyN5uZeng5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 11:23:17 GMT
x-content-type-options
nosniff
age
194900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11860
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 11:23:17 GMT
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 05:39:34 GMT
x-content-type-options
nosniff
age
129123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11836
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 05:39:34 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame D88B 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
163448
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:29 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame D88B 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:56:06 GMT
x-content-type-options
nosniff
age
135331
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 03:56:06 GMT
truncated
/ Frame E553 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1161d45a13f6665b1d1fb6333fb2abe46ae498dbc7978be79629126ecdc8ccb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 689C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1801585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYcvBKGYt1W0CdxvwDy5NNPD7ETNIQ8VDYRIVTNw42EX9zmfQFekAkpGRVixE0sYqHZ1yuXyDkDxlSRBVk%2FUw7weCz8TqYo6gO3MUXoWv2oJmvTNYeo5KWwV3ZwwmMCK8PIayd6F9pebJcU%2B3NxLqb1j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6c235318df65c29a-FRA
x-cache-tag
abcd1234
expires
Tue, 13 Dec 2022 17:31:37 GMT
animejs.js
static.criteo.net/animejs/ Frame 689C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
internal
dmpprof.com/matching/ 		140 B
662 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dmpprof.com/matching/internal?event=view&aid=0&ssp_id=10&href=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&title=%D0%AF%D0%BA%20%D0%BF%D0%BE%D1%82%D1%80%D1%96%D0%B1%D0%BD%D0%BE%20%D1%85%D0%B0%D1%80%D1%87%D1%83%D0%B2%D0%B0%D1%82%D0%B8%D1%81%D1%8F%2C%20%D1%89%D0%BE%D0%B1%20%D0%BF%D1%96%D0%B4%D1%82%D1%80%D0%B8%D0%BC%D1%83%D0%B2%D0%B0%D1%82%D0%B8%20%D0%B3%D0%BE%D1%81%D1%82%D1%80%D0%B8%D0%B9%20%D0%B7%D1%96%D1%80%20-%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%AE&dmp_print_id=75f67d020a6c2c4561d1ca4670345b0a
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
c3e63ba9021b787501e42cc5d47690dd5f529ae19fe7905aaa879644ef15bfaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
140
01qrvgnrrbds
hal9000.redintelligence.net/zone/ Frame 0F19 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=3929240562031280416&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3929240562031280416%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_cid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
75371a5df05386d219525a5b55175a24aa87cdc62e8fe41fd6e7f2079f3574f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3330
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 0F19 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3929240562031280416&node_id=1906&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1JMFptUmpZMll0WlRFd01pMHdOR1E1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MjkyNDA1NjIwMzEyODA0MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY2VYaEV4QklVOUx2aEFMeExXdXd6VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTI5MjQwNTYyMDMxMjgwNDE2L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MDI4MDY5Ny8xNjQwMjkzMjk3LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/e1saNXbmS7SHvM5O6oT3mPTLp2c&nodeid=1906&group=cdg&auctionid=3929240562031280416&shardkey=3929240562031280416&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
MMBD/3.210.4
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x75, cdg-bidder-x145
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 23 Dec 2021 17:31:36 GMT
img
pixel.mathtag.com/event/ Frame 0F19 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3929240562031280416&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1JMFptUmpZMll0WlRFd01pMHdOR1E1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MjkyNDA1NjIwMzEyODA0MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY2VYaEV4QklVOUx2aEFMeExXdXd6VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTI5MjQwNTYyMDMxMjgwNDE2L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MDI4MDY5Ny8xNjQwMjkzMjk3LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/e1saNXbmS7SHvM5O6oT3mPTLp2c&nodeid=1906&group=cdg&auctionid=3929240562031280416&shardkey=3929240562031280416&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4133 baa842e master cdg-pixel-x11 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
MT3 4133 baa842e master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 23 Dec 2021 17:31:36 GMT
img
tags.mathtag.com/event/ Frame 0F19 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3929240562031280416&st=4562306&time=1640280697&nodeid=1906
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTW1JMFptUmpZMll0WlRFd01pMHdOR1E1TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MjkyNDA1NjIwMzEyODA0MTYvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItY2VYaEV4QklVOUx2aEFMeExXdXd6VS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTI5MjQwNTYyMDMxMjgwNDE2L2Ftcy8wLzY2Ny83Ny85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0MDI4MDY5Ny8xNjQwMjkzMjk3LzQvcHViLTU5OTQ2OTcwMjgzODA2MDkv/e1saNXbmS7SHvM5O6oT3mPTLp2c&nodeid=1906&group=cdg&auctionid=3929240562031280416&shardkey=3929240562031280416&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.59&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.210.4 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Server
MMBD/3.210.4
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x84, cdg-bidder-x145
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Thu, 23 Dec 2021 17:31:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0297 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cm9dkebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT4AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMnq-4NbLtOiOKgScJdOxGh9eGNLFf4vro-tSsObFtKXyld5xJH-kgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTk0Njk3MDI4MzgwNjA5GAA&sigh=pjJ0nHNobNE&uach_m=[UACH]&cid=CAQSPACNIrLMUJ7APGnwn5MOTb-n-NgreAYBTOxRmerfw77re5EJBX3PVIuCc32pAoc1Xpqe-vwPgUPWebNS6hgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 0297 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jn5v43ac04p5hwvt0y630a73fww9xs8zenrfekkv1jy42b36beac53hkatwttmda5tv6npgdbmetagtzc6j39t6swm9pbnmj4xmrzwwxrqa6g4tp62v89mtg3qybp9a6j3t1fsq2rt8evky869x3f4ph02vcj7e2pw2jvxha4zbanpsn52bv6js0gnyjhnw29vgcxj6s9b0f2nb6dy32r5y4mdrhe7epwnxk4f313smx454tqwyn3hr04eksv0aahn8xk9gr137h6r7q7htqk7m9hcpqvse18grve2t7xcb249xaab2gnj9xncnfc2xxy98b6wenqsghv28nfwrck1fey0s8swk5cxfmnttxdv7rat6ajvzhx6z9d62y9d9j5ef47cv5d96vhyyt97wvgrqc5q74&b=YcSyeQAAWAoKp48KAACTVEyiV7dG1HFkPdRiJQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame F6AD 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f6804fdd2b2633326f1170d0103ca8e09203e377584a5aeb8e1cc888a51e7cd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c2353192f605c08-FRA
content-encoding
br
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ACD7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gnezdo_logo.png
news.gnezdo.ru/img/settings/ Frame CCE7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.gnezdo.ru/img/settings/gnezdo_logo.png
Requested by
Host: news.2xclick.ru
URL: https://news.2xclick.ru/loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
93.95.100.117 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx/1.10.3 /
Resource Hash
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:37 GMT
Last-Modified
Thu, 26 Aug 2021 12:08:57 GMT
Server
nginx/1.10.3
ETag
"61278459-b0f"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1243774_b5874d6dae.jpg
zn3.2xclick.ru/img/400x400/774/ Frame CCE7 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/774/1243774_b5874d6dae.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
f691f8ca77961efc68a2a3a39eb5fee440a429949574cdd5a23cef733b46ff0d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Fri, 17 Dec 2021 15:50:39 GMT
Server
nginx
ETag
"61bcb1cf-51e9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
20969
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1246879_2abcc89321.jpg
zn3.2xclick.ru/img/400x400/879/ Frame CCE7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zn3.2xclick.ru/img/400x400/879/1246879_2abcc89321.jpg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.148.37.26 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 16:27:43 GMT
Server
nginx
ETag
"61c4a37f-429f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
17055
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.gif
x01.aidata.io/ 		0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x01.aidata.io/0.gif?pid=6915083&id=uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.108.119.43 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d51370.reg.regrucolo.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
last-modified
Thu, 23 Dec 2021 17:31:36 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Thu, 23 Dec 2021 17:31:36 GMT
qOyhT2fVcsgWDPZv0FPv
fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/
Redirect Chain
  • https://s.uuidksinc.net/match/388/?remote_uid=uZQlT2HEsngC1UOQ104QAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/kadam/qOyhT2fVcsgWDPZv0FPv
date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx/1.19.0
content-length
0
0100007F78B2C4611905054E02D27C63
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=144&r=https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/${USER_ID}&euid=uZQlT2HEsngC1UOQ104QAg==
  • https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
43 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
93.95.102.105 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=utf-8

Redirect headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0100007F78B2C4611905054E02D27C63
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
dm.hybrid.ai/ 		0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=172&uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:31 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
101
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=gnezdo&id=uZQlT2HEsngC1UOQ104QAg==
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Dec 2021 17:31:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
/
fcgi5.gnezdo.ru/e/ 		43 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fcgi5.gnezdo.ru/e/?dr=&du=https%3A//newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&tizer_id=10139&r=0.5566869405678765
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.148.37.79 , Russian Federation, ASN48347 (MTW-AS, RU),
Reverse DNS
unspecified.mtw.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
nginx
content-type
image/gif; charset=windows-1251
img
pix.eu.criteo.net/img/ Frame FEA0 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&ups=1&v=3&w=800&s=fmjPP_tOetckvQpIdPwjRmzW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:09 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80847
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
183364
expires
Thu, 22 Dec 2022 19:04:09 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ Frame FEA0 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=ru
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 18 Dec 2021 12:42:17 GMT
x-content-type-options
nosniff
age
449360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 18 Dec 2022 12:42:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FEA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoacTeLLEYe--NZG9ngWT5rmAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMByAMCqgT4AU_Q5zK95Bif7GQfEm9ijf8g1QOWQPNFcZMjWtdkrcc652E5WsjLgKxLhs9pmeVgzC2x_pNwse0F-GIaHmoa81Hpvbayfr3wmJXY2Zek-jVscarKMio1OIqsikrZyMbYlNM3G7F8CtbnzqOZa1KfOZlf93rkED3IRM_KQ4MVrSMO0F-B3ZqtFn9glknImhz8YVOaBk0dcjH-msX04puWya1TWfF1PSil9gweIYSEIkEDz4c0WHdcmTvFXWzp_mC-NxmC18eqKOpUbo0yt1G5pp0XJRrwPRTsagTnLToXSjo8DbAFspQsZpRlI8eERaMsygPhOIc3YbL2gAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=FY6IjwYLksY&uach_m=[UACH]&cid=CAQSKQCNIrLMVU62GO5RfCNV5Vr66d0PKRpbHmjdNz7Y5XrUT9KzzK3th8ArGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame FEA0 		43 B
372 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=akdAnlCR97rQ6zWi_MU_hO6-8y5opXYit5oasY14NqmXP3Vg5Q7Tc4pAPjpqvto5ldTSX96E1lIAkdbmvZJgbaXybeD2PSz8FMcfoznbfOs7p_4ZNnD3HCMnRRkV-iBtEBl01T0eLZqLwwCUyJW4vyrCasU2mA66oEVRrCax38GPW7WMiRl7b99hdZIkG0qi2yCDOt2QIJghgnLKb1G8DdD1Nid1cTn_1NUkglVey6HFLUs2hJz9WgPaxOnah9zptdKigkzUyFLA5EIiBCWQqNieYLYaKkGHcBt-ay1FvU3MsdsQjZxoRJzV3gx3DdAtkDr8KByupy43jTOEqJ-RVSoWs7buYJ58sNeOlkaOeyEyOfQyfHJZLsZC7B_fvO2q6RxOxbDPV-Z8v3cQVkhISVmzD8ahtSgq34CcuvUFdfvGraKnFrGLaWYVtTsQCiq2DhI9uaMIvPrgwWxy_TN8RdC0ZogOUKHXHHgMmfrCRn9crSIUImGX7eQ1fHe-mHXESCGoJQ&z=YcSyeAANX28Kp56RAA5zE4MaWR7De85YH77Ucg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5736
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame FEA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UMDUEYrGMAAAnYNiAgIAAAAVVnE9SM7uORB4ssRhWDTuNHVoPG-vhcMAEg&wp=YcSyeAANX28Kp56RAA5zE4MaWR7De85YH77Ucg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
server
Kestrel
server-processing-duration-in-ticks
265652
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame FEA0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2m82eLLEYe--NZG9ngWT5rmAAsme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpArjTclTQ97I-qAMBqgT4AU_Q5zK95Bif7GQfEm9ijf8g1QOWQPNFcZMjWtdkrcc652E5WsjLgKxLhs9pmeVgzC2x_pNwse0F-GIaHmoa81Hpvbayfr3wmJXY2Zek-jVscarKMio1OIqsikrZyMbYlNM3G7F8CtbnzqOZa1KfOZlf93rkED3IRM_KQ4MVrSMO0F-B3ZqtFn9glknImhz8YVOaBk0dcjH-msX04puWya1TWfF1PSil9gweIYSEIkEDz4c0WHdcmTvFXWzp_mC-NxmC18eqKOpUbo0yt1G5pp0XJRrwPRTsagTnLToXSjo8DbAFspQsZpRlI8eERaMsygPhOIc3YbL2gAb4m8aWv_KU3NcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=IHLXzTtHPik&uach_m=[UACH]&cid=CAQSKQCNIrLMVU62GO5RfCNV5Vr66d0PKRpbHmjdNz7Y5XrUT9KzzK3th8ArGAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0518 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 23 Dec 2021 17:04:45 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 75A4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FEA0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e414b711977cbe1edbc0df054c347260bfe8c2d8007ef44fbaf01b8fef0d529a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame 689C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=196&s=Y8QTAylViRXd_YhTvIqILQK5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 08:55:44 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
635752
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29211581
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
11345
expires
Sat, 19 Nov 2022 11:15:26 GMT
img
pix.eu.criteo.net/img/ Frame 689C 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=800&s=LzlBB40wIezU9oSbleSOY3Pn&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80848
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
141508
expires
Thu, 22 Dec 2022 19:04:08 GMT
img
pix.eu.criteo.net/img/ Frame 689C 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1825361-_x600-nocrop.jpg&v=3&w=800&s=TQmRAb9uaZT4St1IviD0hQ1e&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
368f12a10a00c1967ab63087a3bc15beb8115628542bc5491a1574edbbaf02f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:05:48 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80748
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535905
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
136698
expires
Thu, 22 Dec 2022 19:04:15 GMT
img
pix.eu.criteo.net/img/ Frame 689C 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F2085544-_x600-nocrop.jpg&v=3&w=800&s=UjvMmdlUnj4lQsZJwpllj3fU&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
15f3c556ad662edbd583450f4ee20aac3183c2a09ba9a04aba83287ec2c3d81d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:21 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80836
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535994
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
53316
expires
Thu, 22 Dec 2022 19:04:16 GMT
img
pix.eu.criteo.net/img/ Frame 689C 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1526544-_x600-nocrop.jpg&v=3&w=800&s=6nV8CRet_GkfU8a4KUUTuBQ5&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d620c7a36bf1452a89dc5053f93ccb3e292a3fb5bfb20a3fdcae73e9dc7045b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:05:03 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80794
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535962
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
136102
expires
Thu, 22 Dec 2022 19:04:26 GMT
all
csm.eu.criteo.net/ Frame 689C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lZyo2dua4j8TotWVQqy-NQy9orJekn1BUcURQP8cXmW-6akcYNp1KJNUQU1iUwhIZxwlhU709CNQd1jlyYHV_1i_QYWIMUoDwsqfqXHmGwdsZjTG7yTRgtyJtFyUn9LRWrhtWGEMRTzGpVt1MPRn3ULoJHVreLK1-ukG7i9apa34Ear6l8tgGBwZeAt93zXA-_a9Xui-IWWVmtBnYr37NCxqyYl9G6P0ORI6HXgRoyFyaAI9FrIMWT2odc2wAmkL837QBg&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 689C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 689C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 18 Dec 2022 17:31:37 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1C18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C57fpebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-AFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG_7PpfD4v_YldTJ3OfMEy-T5jyZieH-qsEbGVksWluD8U-RDpYmN4AGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTk5NDY5NzAyODM4MDYwORgA&sigh=QItRAumpl3c&uach_m=[UACH]&cid=CAQSPACNIrLMmYv1s89EijWO2XzvH03k3h4xoBuvGORdmoSX2K4QuV15jBSuVbevlDoIRjXUjJN8sMbcxlP5BxgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 1C18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k1tst6gyawthsfb9jtmt0rz4wa1x2js7brenn84f0s9n3jx31gyqq52pb5ptzxfqbswpw81my3990a101wdpdswahtczzavm2b1jjy6h8epqdepfm6fm8mnbmbfnyy00rmxmwd7qhrknxym3wfc9nvxyfmwbmh02z282mcrq2ay8vddjeb8agnfyymggxr81r89natvw9q6k9kpk19jdgca64nmnzeez7rxedpvdh8ya4zepmvx5mjya3bzct6mdyk95a7hh1e2ar4r1dg86gepfpppkh9t1fc5j5wz35ga920vvhjd4v0jbfd15m5haxa6tfnj3qnekx29an4a4710r679ay476p2vjb8pryvd95ea7nd3f0hj44v9fr4xh5e9fdb3kp3xwtjgrv61kk44hbrn2&b=YcSyeQABPwkKp5erAAa98Fv9Ku3BDTNQQKnJzQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame CD16 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dd8d5b0e9c06e541748f4c93dbc079b292faf1cccde20f41d4efb55abb9fb2d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c235319ed2d5c98-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1C18 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C41F 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14725
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C18 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1C18 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
l
www.google.com/ads/measurement/ Frame 1C18 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAULZKXsdIVoktldVrGVrlqSY4lcLp3yS7q7HL2yKjXdWCMqMqTWIqCfcgSLrHRWMJGNNOY4vSBN4U-FTurJWetspUtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
request.php
hal900018.redintelligence.net/ Frame 0F19 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a8ca580785&subid=&uid=1d1de0525d331650&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3929240562031280416%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_cid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D7901239171%26adk%3D895116589%26adf%3D3515999157%26pi%3Dt.ma~as.7901239171%26w%3D300%26lmt%3D1640280696%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-1.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280696191%26bpp%3D1%26bdt%3D710%26idt%3D627%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dd411357b4686f5eb-221fbe950ecd0034%253AT%253D1640280696%253ART%253D1640280696%253AS%253DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%26nras%3D1%26correlator%3D2738633273524%26frm%3D20%26pv%3D1%26ga_vid%3D307658117.1640280696%26ga_sid%3D1640280696%26ga_hid%3D234211940%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D805%26ady%3D535%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750774%252C44753658%252C31063825%252C31060049%252C31062931%26oid%3D2%26pvsid%3D2390655881465621%26pem%3D764%26tmod%3D970%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D6%26uci%3Da!6%26fsb%3D1%26xpc%3DCWAP2ylBpn%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D634&ancestorOrigins=null&random=9024136950465&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=3929240562031280416&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3929240562031280416%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_cid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
0888f8614dd827641fe96234587c678d2b3371743435fb3bef6ad6a30d9f3b43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:37 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
90755200177226100951393011817018
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1266
Expires
Thu, 23 Dec 2021 17:31:37 +0100
css
fonts.googleapis.com/ Frame 689C 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:08:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:37 GMT
truncated
/ Frame 0297 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8d203255691f4983941ea2017c33393fbf5eb9805af71869c1404f84ad80c5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame F6AD 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531a8e965c98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame F6AD 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72213
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbdqrNUZXfNxeFXGkx6o8W9TPEFZ1gYAuzxsCvhdT%2BqNmxt3c9EIn90vqlMkx733B26EMGwnylyBd5xt2VJusAE4l3VO316HFxrd2wVGITNFm7a85gR0f02huvtBWGFLNCfO0Io%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23531aab745c08-FRA
cf-bgj
minify
adview
googleads.g.doubleclick.net/pagead/ Frame 8F30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTIxeebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-AFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnk3FgLPCrZ0Jc-UazfflmqId1S6daH-_LR3_GFDrVSswX-zowu4U4AG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU5OTQ2OTcwMjgzODA2MDkYAA&sigh=fxpNj4EseYo&uach_m=[UACH]&cid=CAQSPACNIrLM1gs85mA-8mJVX1CrtXorJCUd7g8K0jogm-DRSM4F2JxOgwxpZiTkBk-17k47I1HTwc07HbNFShgB
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Dec 2021 17:31:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 8F30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1jrvgeaqvngqcrs5j3ta7deg56d9y6nyhxvnq0j7takzvc783rvkfwvhe5jrdb8z0p94pttwqw760f6pnyprxfzk5x6a7gyh3f9hkvff6g1ak6xsmrjavgb9vq5kvr70gncyx7z5drh0s2y0kdax0n4rtdvaep8e5vpayghm5f5s803dfd5t26tqdzmhk4chtzc77967ngk46p320zm33aj1vjngrpnv5h9ndb09fgqbp5pjf47y3z1zy8xmjjcwvymywjkmz9fk91xfysd45gbs1ss3j8dm79qm7yp361k0vh65n7dzsegrkpf4z2gejysh98pmj8y21n28a3wa67jkvwnancpxmh9ydxyqr34h4pyy47rpebxj9m8hn4kr78wttsjx2baz1k972k7xt5r98mxsy&b=YcSyeQACD1QKYhTMAAWe6GjO6jndWNxcE1pz2A
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame C66F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11829caf5041f8e4a207528dfe2af126d600de8de41413551cd915bf9c8855e2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531aaee35c98-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8F30 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:30:37 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 00A1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14726
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F30 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Dec 2021 17:31:38 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 8F30 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:29:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6464
x-xss-protection
0
server
cafe
etag
15715955993838318253
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Jan 2022 17:29:46 GMT
l
www.google.com/ads/measurement/ Frame 8F30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs9y4Z885RrtOKROih3MOC4SWYVGXxc5LsWmRAGFTRQbiyqatwxCmHrg_9Nutb0zvJSEUJQ0S1dLMxva2ebFT3Ye6BMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame CD16 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531adf355c98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame CD16 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72213
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKrfOVwG165%2FO8L9uhENMuYPMC1Vw7rVYFBwdvYUJr3mFbYJNFmVSl%2FjP0vh2jJm07umFUflt9Wr%2BJPFl%2Fu9iAQ5RaaNiPlRxmLP6h8m6AVkuks2k58OEJn93c0XcrnMG%2Fmj3X8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23531adf3e5c98-FRA
cf-bgj
minify
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1968
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=3296007091&adf=322643539&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696188&bpp=2&bdt=708&idt=447&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=1123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=UGTDHYnWgl&p=https%3A//newsyou.info&dtd=450
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0811
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=420&slotname=2767358249&adk=3740161662&adf=76889861&pi=t.ma~as.2767358249&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x420&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-bottom.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=709&idt=508&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3129&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=YmX9JDH2bN&p=https%3A//newsyou.info&dtd=511
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1C18 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
acea01cdea4e090821a151180072e8cbcdb209ec947aeee99cde455d8f75d1c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 689C 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:07:29 GMT
x-content-type-options
nosniff
age
163449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:07:29 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 689C 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 03:56:06 GMT
x-content-type-options
nosniff
age
135332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 03:56:06 GMT
dpixel
cms.quantserve.com/ Frame ACD7 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPv2zMCb-wnOq9vSUZEz0bw&google_cver=1&google_push=AYg5qPIyGVaaOZUBTTiRZ2xC84-uCT-eF5c65dToUM7AgzMhb134Q3yuq1uKXBAa-K_7b0nghC2yie3um0GQiyZMIwUYndxZ8LAmABOHfHyB15VNkzxsn7nJVwkLXXd634-1KCfjMhU1xOUDFYapxHNly3U
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
dds
rtb.openx.net/sync/ Frame ACD7 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEIiOdCkikAaNtQAVTuqSe_w&google_cver=1&google_push=AYg5qPIyDJQx8xxG2H_kmxCrNEqOe6lmraK-gDBk5OkXg2rwPD63wNs_--gWhB0eMsIiYz8mIpjf8pzA8o39E_g808KEv0PW7j0Qre9-jP4PRE3495rvFK7sn-eVguIytB9pPI_uibT-GefpbupID1ZotjE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
frfsrdq2bj93jlkaan7ghe0sd29q5fdi
pixel
cm.g.doubleclick.net/ Frame ACD7
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIaX1AHzWmU2UK1grXQhfkbU4kMRvL7sFr4dWTGRc-GmoZ41XHsztKAQfM8GFtr8ckXmH-1xL-8rt5_p4CDa6cYs53ZhDxEdVYcsXTU_S4kGj-WOaKkxAINJqro85_p2uDUtuJAVq7gwmdz9NcXtw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIaX1AHzWmU2UK1grXQhfkbU4kMRvL7sFr4dWTGRc-GmoZ41XHsztKAQfM8GFtr8ckXmH-1xL-8rt5_p4CDa6cYs53ZhDxEdVYcsXTU_S4kGj-WOaKkxAINJqro85_p2uDUtuJAVq7gwmdz9NcXtw
date
Thu, 23 Dec 2021 17:31:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame ACD7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN3IiLfvl39dDe6jdI5PUi4&google_cver=1&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrm...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVFAtWS1IRTI0&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrmdUOdZuFgD-2JHL3BmqkOPJ9mAZ4AS3...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVFAtWS1IRTI0&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrmdUOdZuFgD-2JHL3BmqkOPJ9mAZ4AS33VUdLp8vZ5MiTzYwywfxeVA-Xnl-i8bFCk0pIxzoUKkIkVl2ho
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVFAtWS1IRTI0&google_push=AYg5qPK5yFDmZ0CTCE_JTDEEmYDNIokm3PF73Jga8E4KXd-d2HrOItQfsPCgomhTdxf6KYRbXrmdUOdZuFgD-2JHL3BmqkOPJ9mAZ4AS33VUdLp8vZ5MiTzYwywfxeVA-Xnl-i8bFCk0pIxzoUKkIkVl2ho
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame ACD7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSD...
0
0
trk
ag.innovid.com/ Frame ACD7 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESENy7OtXKYiYbtizVa4GkF6o&google_cver=1&google_push=AYg5qPKeQGi3UgOUS8FKrngGKdYEGy9vssYD7FYhjCqEaeJbkhNx780qRrdONeBZ1wNxb_dOHCm-FfK0wsIrnaoi3tEyj3holsT3RIk0dCu8uVfV-oXxeclR8Eoq7didLPZCraYOOC6kBUiEU25sFS6zME4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
dot.gif
googlecm.hit.gemius.pl/ Frame ACD7
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFqAbhwczPwQtc6yPHRAp1g&google_cver=1&google_push=AYg5qPIn4Wq__NEQX95JeClm...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIn4Wq__NEQX95JeClmPJ3ELRlx0pFd4NtRaaKGGPYcyfKS5S90vnbhAjNZ7BJpUIdaCduoF0VOv12oMF44dMfuXVGFq6oxEZ05p5TsxCnLHW2U7Vj_3U&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame ACD7 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2h9DX4kbohEChnq9UsImJ2Mn1gx4Rw2d6Xts700QXo58_3oLHVWpfXSC72yTGOpcmBdd8_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=3705784778&adk=723310274&adf=1408470707&pi=t.ma~as.3705784778&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-2.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=711&idt=701&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=1158&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=7&uci=a!7&fsb=1&xpc=RKYe60FlYw&p=https%3A//newsyou.info&dtd=730
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F6AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8781103
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqH4MsuwI56XNBkSvOWBB4Z%2B%2BnKIfx8hZ0s%2BQG%2F4BwFUJ3kXHK4vuc0UDItR5kOHE%2FNWAKq4ZLiJN6astEdPNT%2Favi62x0QWiHSa%2FXSCvMQz9dmBFWQQWuwjSDATineciBZOq4Od1RbSo70c43qpHcAS"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531b4d26692b-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:33:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
css
fonts.googleapis.com/ 		3 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:13:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
dpixel
cms.quantserve.com/ Frame 75A4 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECE-OanbnIpUgMxkFnAE1Ss&google_cver=1&google_push=AYg5qPIkANUsAXMjy0ccDIsGA-Z9Mwko0Cg_dncIHEy6KvvP_RBJt930XyMQ5vFgRjOWDljztilSFYs4EMI-UH2NMhAfzU-Y6AB0gZME6baXQZa8H4Ba-N5la1ZmjWWDtErCYFhkU_CQCA9sdTnibuC82bs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75A4
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCWGpOczItNQ&google_push=AYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP24Y__lUSlm9R6DjMD1GZG3ot04eEY_VyL04OWQb6ruyxC4kYfbinTIH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCWGpOczItNQ&google_push=AYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP24Y__lUSlm9R6DjMD1GZG3ot04eEY_VyL04OWQb6ruyxC4kYfbinTIHmDxLLigpThxh_o70rJfWyxmNGAJ0qiFqJxB2DBy2tDUidqsvGmhvBAHpo
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCWGpOczItNQ&google_push=AYg5qPI9FuYbd01PM5wkOqMkCEcsQGMc3hnlmWO_vCP24Y__lUSlm9R6DjMD1GZG3ot04eEY_VyL04OWQb6ruyxC4kYfbinTIHmDxLLigpThxh_o70rJfWyxmNGAJ0qiFqJxB2DBy2tDUidqsvGmhvBAHpo
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Connection
keep-alive
Content-Length
446
Content-Type
text/html; charset=iso-8859-1
sync
odr.mookie1.com/t/v2/ Frame 75A4 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHTqOrcEBTQGATGT85c2qLI&google_push=AYg5qPIcZBMMlt9pPgAilaPqlErJdtMKApG8z4y28Nt0Lpco-JNqTN_Yw17WjX_0DuwSfjeevxTGoaau8LkrjrJoGUvhP0-3P69HesSghMuduoc0Lh0kC86ic53r_OAuMPcGZMoL-DjWSk6agvgbhc9JeK4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 75A4 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEDF05QHdlASkrHt34iket-g&google_cver=1&google_push=AYg5qPI3BM4zzkkBEYdKQRQGD3e3AJfBnsneaxNvnKMvzoCZpD0LIySEuTInTYJ3XxB88N2O9Qo3iOFTwoNNaKAk9uWqzY6K9De2OfCZcs5LxaZEUcKEIBwANJfNceoDjVY8C43eVBm9wBDI4T_FEIOeHPM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ok3huj9qrobutmcobjlj7ftintue891h
pixel
cm.g.doubleclick.net/ Frame 75A4
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e55LPbq7RbWoX1F4GTo_pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e55LPbq7RbWoX1F4GTo_pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5Sb4xRpE48wDR0JAcAUE7W7EVsECdaXjt65_AV0cfSCpHl6Mn6wrq8kol0nEYXG6TVLw98_u-T08nBPBRYyCH033zycdRso_hVInjHbgMwY1mJAg8wu_eqX3QsjtFmzqWHW_p-iIdOXmhSD0LaQ
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e55LPbq7RbWoX1F4GTo_pw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ5Sb4xRpE48wDR0JAcAUE7W7EVsECdaXjt65_AV0cfSCpHl6Mn6wrq8kol0nEYXG6TVLw98_u-T08nBPBRYyCH033zycdRso_hVInjHbgMwY1mJAg8wu_eqX3QsjtFmzqWHW_p-iIdOXmhSD0LaQ
date
Thu, 23 Dec 2021 17:31:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 75A4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGRhUGozOt9nc1_yiWtjCAE&google_cver=1&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVUUtMTItNzY4Mw==&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x77FG0UyejfTMVCj5kwMhXN1iTr...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVUUtMTItNzY4Mw==&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x77FG0UyejfTMVCj5kwMhXN1iTrhiETK7u6PVkUGAY2A9azVbUa44t3xYOh39U_cozoffgbXru_fHUJPU
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVUUtMTItNzY4Mw==&google_push=AYg5qPJIhoDp6kYrAqFzNUvOuwdLC2IusLyKbpT6j4VhRTWiqjkAOX0jYMkpBC9mD91KwJkMc4x77FG0UyejfTMVCj5kwMhXN1iTrhiETK7u6PVkUGAY2A9azVbUa44t3xYOh39U_cozoffgbXru_fHUJPU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 75A4
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8Oli...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 75A4 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkVEtwgOLUGHLVBCDicH40oDpd9FrrbOjczlW3FTEwD_RX5McjoxolaR9kCOLQxbmXuCIP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view.aspx
pb.media01.eu/ Frame 081E
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=90755200177226100951393011817018&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90755200177226100951393011817018&actionid=731824&produktid=businessgiro&dt_url=
0
628 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90755200177226100951393011817018&actionid=731824&produktid=businessgiro&dt_url=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a8ca580785&subid=&uid=1d1de0525d331650&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3929240562031280416%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_cid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D7901239171%26adk%3D895116589%26adf%3D3515999157%26pi%3Dt.ma~as.7901239171%26w%3D300%26lmt%3D1640280696%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-1.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280696191%26bpp%3D1%26bdt%3D710%26idt%3D627%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dd411357b4686f5eb-221fbe950ecd0034%253AT%253D1640280696%253ART%253D1640280696%253AS%253DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%26nras%3D1%26correlator%3D2738633273524%26frm%3D20%26pv%3D1%26ga_vid%3D307658117.1640280696%26ga_sid%3D1640280696%26ga_hid%3D234211940%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D805%26ady%3D535%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750774%252C44753658%252C31063825%252C31060049%252C31062931%26oid%3D2%26pvsid%3D2390655881465621%26pem%3D764%26tmod%3D970%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D6%26uci%3Da!6%26fsb%3D1%26xpc%3DCWAP2ylBpn%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D634&ancestorOrigins=null&random=9024136950465&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 23 Dec 2021 06:31:36 GMT
server
Microsoft-IIS/10.0
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Thu, 23 Dec 2021 17:31:36 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90755200177226100951393011817018&actionid=731824&produktid=businessgiro&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
B9D59BA8:E538_91EFC182:01BB_61C4B27A_C776D8:4417
X-IPLB-Instance
40027
Cache-control
private
link.html
track.webgains.com/ Frame 0F19 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=90755200177226100951393011817018&js=1&nw=1
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
728f9e0f31df9c092fda709c1d4e403f7207235085ef2e1bc9cfe650cdded303

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1239
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503
8019191.fls.doubleclick.net/ Frame 0C9B
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503?
391 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503?
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f6.1e100.net
Software
cafe /
Resource Hash
1674c8deb93d47e19efdc5571ab9fe78e35ef63f0acfbed9b35d5086a9562100
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 23 Dec 2021 17:31:38 GMT
expires
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
324
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 23 Dec 2021 17:31:38 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900018.redintelligence.net/ Frame 7115 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a8ca580785&subid=&uid=1d1de0525d331650&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3929240562031280416%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_cid%3Dda8061c4-b279-4901-9aab-abaeda0048bc%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCIqLgeLLEYYbBOMPuiQPWx6nACs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDnIAQmoAwGqBPYBT9BHuYEnYa3KGdiF8yGQKThnBorFv6xyzKVCbmvUdveDMOMXw8gLhtqnCHVvPr5QYStN0ddMHMTkjxr1mekVGHIEvPkBoHdRYlF88FtxBiOy5HwQfQQPzLsUH80A3qs7QsmoVHvE4admvNl7Hx8zPbDzVhNtX-88Qm9BnaVkISdBU1wzdTZ2EtrE4S44yixlEo7y3stHFCWKrX1kybPgniIHOJYT_y0TmB5w0xoDZw3asf90ORrw9LF-4cdxKpZBCNU3pgntZ-jVPW8xVUlikxJP4jl31lau-YTZIknzPCFSypkAL_DFKtnqh8Y41DQLtsU28KWigAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_29qUXS9nTqR4CtBpZ3or1O_7U-lA%2526client%253Dca-pub-5994697028380609%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5994697028380609%26output%3Dhtml%26h%3D250%26slotname%3D7901239171%26adk%3D895116589%26adf%3D3515999157%26pi%3Dt.ma~as.7901239171%26w%3D300%26lmt%3D1640280696%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fnewsyou.info%252FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%26flash%3D0%26alternate_ad_url%3Dhttps%253A%252F%252Fnewsyou.info%252Fwp-content%252Fthemes%252Fnewsyou%252Fads%252Fzaglushka-sidebar-1.php%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.%26dt%3D1640280696191%26bpp%3D1%26bdt%3D710%26idt%3D627%26shv%3Dr20211207%26mjsv%3Dm202112060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dd411357b4686f5eb-221fbe950ecd0034%253AT%253D1640280696%253ART%253D1640280696%253AS%253DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw%26prev_fmts%3D0x0%252C580x280%252C610x379%252C610x420%252C610x379%26nras%3D1%26correlator%3D2738633273524%26frm%3D20%26pv%3D1%26ga_vid%3D307658117.1640280696%26ga_sid%3D1640280696%26ga_hid%3D234211940%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26dmc%3D8%26adx%3D805%26ady%3D535%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44750774%252C44753658%252C31063825%252C31060049%252C31062931%26oid%3D2%26pvsid%3D2390655881465621%26pem%3D764%26tmod%3D970%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D6%26uci%3Da!6%26fsb%3D1%26xpc%3DCWAP2ylBpn%26p%3Dhttps%253A%2F%2Fnewsyou.info%26dtd%3D634&ancestorOrigins=null&random=9024136950465&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
f0d0f1850320a483d6f8460bad59e89dbbae24f4197087d31321e72730da0be2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Thu, 23 Dec 2021 17:31:38 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2085
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 0F19
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=90755200177226100951393011817018
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:36:28 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
B9D59BA8:E536_91EFC182:01BB_61C4B27A_C7530D:297E8
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
cshow.php
www.awin1.com/ Frame 0F19 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=90755200177226100951393011817018&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
frame.html
ad4m.at/ Frame 7D5D 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 23 Dec 2021 18:31:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2640802
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CfX9Ia5dQRrFhESmNB6r7cIVdwDMt%2Bz%2FlpHkIfA%2FFJEef%2FsJqJxL21u8O8gXqAkR1ufqvH5ORHdjIh9JP6G78U%2B8zn8hGthaWUc5Cat%2F7FjgSehQUvaUQD8e4OunZpW7f9ZL9I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531b58745c98-FRA
content-encoding
br
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CD16 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8781103
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PrH%2BeRQJ%2B0aK5788ccQ7I9in65bIE4wzC5%2Fj27ApjAi%2FDlHtnZ0z3hIkKUHaS1b3l8vsq5%2BC2t83vO1dbC3EWP5iOGijzQk059rA8pw%2BJ1sojTyIv%2FJrNEg38gkyywXXOKKE4EL7vehfq9TD36Fqmha"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531b5d5a692b-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
pixel
cm.g.doubleclick.net/ Frame C41F
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMjDQ_oy0VR5gwRIAJBsJZM&google_cver=1&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79j...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79jZmZoci75kiNyOadlLJTZfAwiRuZb1vyTbZ_wQyDFElkfivfeDr_-pNtv3p-...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79jZmZoci75kiNyOadlLJTZfAwiRuZb1vyTbZ_wQyDFElkfivfeDr_-pNtv3p-PrXTq3wO1lKr0FnX9oZQuCBmzKicmlTfeHRs9M&google_hm=Y6ZDuIRBikS_vcApqeofCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKMdsaH0ygutY49muAeZQa731Ax6rWtallz8KjwhpnrHhjrp5I79jZmZoci75kiNyOadlLJTZfAwiRuZb1vyTbZ_wQyDFElkfivfeDr_-pNtv3p-PrXTq3wO1lKr0FnX9oZQuCBmzKicmlTfeHRs9M&google_hm=Y6ZDuIRBikS_vcApqeofCg
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C41F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKf8ALv...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKf8ALv...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDAxNDg3NTIxMDI1Mw%3D%3D&google_push=AYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDAxNDg3NTIxMDI1Mw%3D%3D&google_push=AYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8J1KNO32uRub7CDDgQLdcWkm9GD_fVGgMdjKf012YdXzJbxOSJXGnlcB75ZskKQ7zsXq7QzCwBYKzb0t2-ta90
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDAxNDg3NTIxMDI1Mw%3D%3D&google_push=AYg5qPKf8ALveXTSmRtrXxM8qtUHMziHDyMM2NiTgyvW8KANCydeHh03jS6cdRrt0LQOh8J1KNO32uRub7CDDgQLdcWkm9GD_fVGgMdjKf012YdXzJbxOSJXGnlcB75ZskKQ7zsXq7QzCwBYKzb0t2-ta90
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Dec 2021 17:31:38 GMT
dds
rtb.openx.net/sync/ Frame C41F 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMs5b6K0pmLqD_iO1qy0y8s&google_cver=1&google_push=AYg5qPLGD75iNbN4T3QxacgHgIz6o8dZpZB4M7vqtXbk9QM8JmcidhEHLk0iZSAWYxoLfgTWH6jU2LwKdPYIeaNDNaDOd1Z9-jREGLdpD-GnBWZnl11GWARJYdFr1Iuttei1PvUYL_idzyN9BjUsinDvIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ak81f96akdrceop2va2cbg81c3rovg0h
pixel
cm.g.doubleclick.net/ Frame C41F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILRvfJlZ164vhT_829RUkT67S6B9I2YQQF1HOgpSxwgKDDU7Um2KLjUCssg-0D0sKlbpHa4RInJJlV4gT0XC5sYIlUtImUQ-n1Cn9lTKEme3lBZy3-6MKjB9cJkxT7VKB3t4KX9Lwuh7fBXRB295w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILRvfJlZ164vhT_829RUkT67S6B9I2YQQF1HOgpSxwgKDDU7Um2KLjUCssg-0D0sKlbpHa4RInJJlV4gT0XC5sYIlUtImUQ-n1Cn9lTKEme3lBZy3-6MKjB9cJkxT7VKB3t4KX9Lwuh7fBXRB295w
date
Thu, 23 Dec 2021 17:31:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame C41F
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJfesBjXh7JtfgQggc2VQsk&google_cver=1&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4S...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVU4tMVMtM1Y4VA==&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4SHDtbsrhI69xs-rkYHQ28XK_dqD...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVU4tMVMtM1Y4VA==&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4SHDtbsrhI69xs-rkYHQ28XK_dqDoIia5ozffpItneEFQ3PPGEJoRLJOhnRdz64yQ_l_WJxcrwSNScy08w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZVU4tMVMtM1Y4VA==&google_push=AYg5qPKLsJDWcTbOgtw31Vzlu4CoVtyArBBqHb8scDCgsph3wb10-1yJtcq12ixJ4xU7N1sb-4SHDtbsrhI69xs-rkYHQ28XK_dqDoIia5ozffpItneEFQ3PPGEJoRLJOhnRdz64yQ_l_WJxcrwSNScy08w
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame C41F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTf...
0
0
dot.gif
googlecm.hit.gemius.pl/ Frame C41F
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDT4F6abhtfH0J1C1QoPJ7U&google_cver=1&google_push=AYg5qPI5wnY6xoDzOeuWgCxN...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPI5wnY6xoDzOeuWgCxNm6UWteFdCovbN5_X1pITJ95OIznCMZ7-gYolekTwBmpWQlQ3IvvSadqHTI2UQHnBQDrR1VAdOtK2sIUMa7qYVrkweBsOtPK5HD&googl...
  • https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
43 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Server
79.137.69.91 , France, ASN16276 (OVH, FR),
Reverse DNS
gcm11.host.hit.gemius.pl
Software
GHC /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
image/gif
content-length
43
expires
Wed, 22 Dec 2021 17:31:38 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C41F 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOXngnXRvBflJqirCiGbwUA45lGswGDkPaqaahGwEGne7iFEWC1DrzrrZiQNhb1c9tpkjLDQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=300&slotname=5790205172&adk=3238281676&adf=1772231001&pi=t.ma~as.5790205172&w=300&lmt=1640280696&psa=0&format=300x300&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-3.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696192&bpp=1&bdt=712&idt=783&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=2470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=8&uci=a!8&btvi=3&fsb=1&xpc=a87mLLyXZx&p=https%3A//newsyou.info&dtd=786
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0518
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=379&slotname=5991095728&adk=715531311&adf=2278891264&pi=t.ma~as.5991095728&w=610&lmt=1640280696&rafmt=11&psa=0&format=610x379&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-center.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696190&bpp=1&bdt=710&idt=569&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C580x280%2C610x379%2C610x420&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=175&ady=3811&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=tkY0NbQnP6&p=https%3A//newsyou.info&dtd=584
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 23 Dec 2021 17:31:38 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame C66F 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531b78c55c98-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame C66F 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72213
x-guploader-uploadid
ADPycdsOKTGHIoWahD0TZTQoYWUEfcQg0132oq9AD9469QffPzMPQd5lf_jiilD5Vec202kqqI-Hxsh29ygvyTXNSQg63d9QPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 02 Nov 2021 14:54:41 GMT
server
cloudflare
etag
W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZJQHOVKI%2FDTUsWVSAdLfsWGiOD51HbbbAs%2F3UFgDbWLOHozfTmww1Y%2FLKa5rbKiazXIRykUV%2FW0LUY6wp0k%2BVIQ2mY5Cy8jJnJD8MYK0%2BXu7KHTz%2BwYPGcpcxVrr76JkFfpjek%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1635864881199576
content-type
application/javascript; charset=utf-8
expires
Wed, 22 Dec 2021 21:28:05 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
6c23531b78c95c98-FRA
cf-bgj
minify
frame.html
ad4m.at/ Frame C153 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 23 Dec 2021 18:31:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2640802
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELAQOQJa7F6gbNZ%2FMMHwZq7KFO8xAK33LQCEwFweYvFWsoo0LqMxGQQo7i5zgx3uG%2BY9qFSDWta4AeXFSi7AXu%2FxS5%2BX2Ug72lBmkxI2%2FU5CXn1qx0x63HTtL1X5bbYb5EJUBUM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531b88ea5c98-FRA
content-encoding
br
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=extra&rnd=4845833
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 8F30 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b0de6e3a6587d6c3ac6785b637766ca026aa60e8d805320c223ea7b152bf4de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
mapping
dprof.site/matching/ 		17 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dprof.site/matching/mapping?uid=1471d21b-0a5a-4ecc-9f12-7b1b807763c8
Requested by
Host: pxksnymto.ru
URL: https://pxksnymto.ru/pixels/b286ae57.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.192.12.173 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, HEAD, PATCH, GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newsyou.info
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,Authorization,X-Requested-With, DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
17
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CC66 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 23 Dec 2021 13:26:12 GMT
expires
Fri, 24 Dec 2021 13:26:12 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
14726
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0F19 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
607a8968e01d948c65077c563dc2c41f1cdd1222f25bab9506f004d66cbbf621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C66F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8781103
x-guploader-uploadid
ADPycdu4kVh88oPygz4q2L0gysGWlMlIFE5YReoxzb2pqvToqgh3BYrLqoA2iyx1syc2mGJLpBFm-K4K9hJXRMmcJywY3ItGvg
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L22k5%2Ft3908g416e%2F%2BwxNxm3L448LjptvpIR7ruACJ%2BcUBZ%2BcovmLOXzX5x8%2BzVr9wL0Z59QgRBDTIovtAj0T0EEoLJ4Khwhrm38JApV%2FNK9LvzJz2MqbfSrtMgzhfTNuhIpqlCJqChPo2rOx33mzdD2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
6c23531c5ed24315-FRA
expires
Tue, 13 Sep 2022 02:19:55 GMT
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHG0mjblI4VU1EIGA89itXg&google_cver=1&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9Ys...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9YsEio3eCKuOkmvptOfXyZf50kpUZ_7dSI0FUaD_9c-ehMCaeBKEjDNX0MmkMI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9YsEio3eCKuOkmvptOfXyZf50kpUZ_7dSI0FUaD_9c-ehMCaeBKEjDNX0MmkMID3-dtaQHcSCsfXToDPyxiOdGuFYwsM5vKCcUyE&google_hm=Y6ZDuIRBikS_vcApqeofCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKLJJtPActS1OpnGQgJQxWcpToYRF9dxxjVdNnfWgX5KkGxMeI9YsEio3eCKuOkmvptOfXyZf50kpUZ_7dSI0FUaD_9c-ehMCaeBKEjDNX0MmkMID3-dtaQHcSCsfXToDPyxiOdGuFYwsM5vKCcUyE&google_hm=Y6ZDuIRBikS_vcApqeofCg
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLib...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCQUE0WGg5bw&google_push=AYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLibdbxvQdCiokaYxMqwfuZBe2SPosFTlc2iESjAbjIJAWlbdnkzoKBVeKt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCQUE0WGg5bw&google_push=AYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLibdbxvQdCiokaYxMqwfuZBe2SPosFTlc2iESjAbjIJAWlbdnkzoKBVeKtcEWEUYg6z_97xTEw1CyXCzTNsHHm7eXa66gAR7Ta1hK-rXgUJcY4qTNks
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWNTeWVnQUFCQUE0WGg5bw&google_push=AYg5qPKcXMsYndE0bwgDqZTTtpuW6bLDmggBjLcKLibdbxvQdCiokaYxMqwfuZBe2SPosFTlc2iESjAbjIJAWlbdnkzoKBVeKtcEWEUYg6z_97xTEw1CyXCzTNsHHm7eXa66gAR7Ta1hK-rXgUJcY4qTNks
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Connection
keep-alive
Content-Length
446
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK8Cb1i...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK8Cb1i...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDA5NDEzMTgyMTIwNg%3D%3D&google_push=AYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDA5NDEzMTgyMTIwNg%3D%3D&google_push=AYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0pBAJblJ0wbpho-Xcyw5iqBqKpa_qgnce8wdsgzsJeYXJnEz57wthpyQw_xvxX13_8_8kdZVJgroWVm89ApaA
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEyMjMxNzMxMzgwMDA5NDEzMTgyMTIwNg%3D%3D&google_push=AYg5qPK8Cb1iryiTv6gOTPj_tAZZCevJTLuB8njuwUpG9dq9r0HqBNEMdUnOFF_JEv47u0pBAJblJ0wbpho-Xcyw5iqBqKpa_qgnce8wdsgzsJeYXJnEz57wthpyQw_xvxX13_8_8kdZVJgroWVm89ApaA
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Dec 2021 17:31:38 GMT
dds
rtb.openx.net/sync/ Frame 00A1 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPKsdKCrTVin-2aUUb3xBC0&google_cver=1&google_push=AYg5qPJSH0-N5zZCeXqy6H_BgJn4W0Q9kfGtMv_2L5dgh9Dpdl8vzZlms_58Ov8AE7B7na2IOlqMrQOTNyWiFnVY_DQqhl4VwiYHpnhkco8Yj8--d0w7X87XNYWevCr0l6yHaCJzisLKHa-QW0kISdFPYEk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:37 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h0ha3ss0al5dukt492qgfr4sdn102ici
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB8hSAIa2oXOrNTTn4zvBELUkeawhwdpkydXWu9IR1znFPBMLYbyDb4XrPLsCFS431Jot-Av6LZxSZAu4IkmL9GrVJBPyroIj9xv1bHGT2lThckccOmS1AaOlrk4EcOVeqD9-IKdDCtA9yHt0bNrc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJB8hSAIa2oXOrNTTn4zvBELUkeawhwdpkydXWu9IR1znFPBMLYbyDb4XrPLsCFS431Jot-Av6LZxSZAu4IkmL9GrVJBPyroIj9xv1bHGT2lThckccOmS1AaOlrk4EcOVeqD9-IKdDCtA9yHt0bNrc
date
Thu, 23 Dec 2021 17:31:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEcIffsBqF-88iDNvROst9w&google_cver=1&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vl...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZWVItMTgtMTQwWA==&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vlv0JlbEXeRQUv4zIwI6TeITvtf9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZWVItMTgtMTQwWA==&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vlv0JlbEXeRQUv4zIwI6TeITvtf9DbrOe1tIp-TKd7QOZCwlys6Ki7fPP5qiMwl0zQF8St6YfNW8nYtIA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJZWVItMTgtMTQwWA==&google_push=AYg5qPLVogtZIh3YouiL4wzwmZXaytWmBLHk6uGVLVmhmdO1G39eSmPZStsCnbTQZdmrppQx_vlv0JlbEXeRQUv4zIwI6TeITvtf9DbrOe1tIp-TKd7QOZCwlys6Ki7fPP5qiMwl0zQF8St6YfNW8nYtIA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 00A1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDQFbr0a18CdYHmanKxVO64&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 00A1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyDfP0YHaEeqaQJdys3V0Vr9fzY6NkD3RVZfstfWC1b5aqDda8tM8VDoIbp8VshCD6NTRV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=600&slotname=6825749971&adk=3617756792&adf=3789992286&pi=t.ma~as.6825749971&w=300&lmt=1640280697&psa=0&format=300x600&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-4.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696193&bpp=1&bdt=713&idt=836&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379%2C300x250%2C300x250%2C300x300&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1125&ady=4294&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=9&uci=a!9&btvi=4&fsb=1&xpc=4kEhplr7w5&p=https%3A//newsyou.info&dtd=839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 7115 		4 KB
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Dec 2021 16:25:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Dec 2021 17:31:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Dec 2021 17:31:38 GMT
/
hal9000.redintelligence.net/scale/ Frame 7115 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
198e5d683a385c39d16d460f64f7744ed7c61db8650eddaeefbb776663a904a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16464
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7115 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
cb5fe3c718a90ead182cc933a4a1a7100885a77cb00d2e36a4a726fee3bb47f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16857
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7115 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
ae7b77ab272848a503aac4a2c20710d670d1dcc8ff802d961235f5a5ea2a4cf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15275
Vary
Accept-Encoding
Content-Type
image/png
frame.html
ad4m.at/ Frame 2B3B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 23 Dec 2021 18:31:38 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
2640802
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZY2RZpGayMvIXclyJRB1wVtTIYqVjEVgGWe0phHeKHl0GzLWmoTI3eaOMUZRq7%2Bqq%2FKdQp2RhcfkTF1A038YLnqtBVlxXmFNc2Da6%2ByDaT386yNOHI1Ku%2Fh6IWslDR61Fa3Lec%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c23531c6b415c98-FRA
content-encoding
br
/
c.mgid.com/pv/ 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?pv=5&cbuster=1640280698318245591795&uniqId=08630&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fyak-potribno-xarchuvatisya-shhob-pidtrimuvati-gostrij-zir%20&lu=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&sessionId=61c4b27a-0daa3&pageView=1&pvid=17de8592dcea4145dd1&site=413933&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531c8f3a5c26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEjv4Kp7uNbCWA6m-lV-kFM&google_cver=1&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQ...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQrCFWsMht-dTacCmbyEjeqtL1Tu90ffhw36lHPzgAK-0-7XdnJk6Os67D5eT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQrCFWsMht-dTacCmbyEjeqtL1Tu90ffhw36lHPzgAK-0-7XdnJk6Os67D5eTnRhnTJj4uqOHA0H7UhcYnIa-wqhU7xZFX906rQ&google_hm=Y6ZDuIRBikS_vcApqeofCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPLivEnn3tYXa3AdOHMrIXDXwt4NX3pK-nCNr58Y9OQ-HyOU3WkuRQrCFWsMht-dTacCmbyEjeqtL1Tu90ffhw36lHPzgAK-0-7XdnJk6Os67D5eTnRhnTJj4uqOHA0H7UhcYnIa-wqhU7xZFX906rQ&google_hm=Y6ZDuIRBikS_vcApqeofCg
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESECfJzcUMUS2ifMefg-QBO_g&google_cver=1&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2CqQrXNS1WmFUkG_aotArP0QyylEd-5p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2CqQrXNS1WmFUkG_aotArP0QyylEd-5pSE7cS2eHqQCFuIzxUr6oXHY&google_hm=Q0FFU0VDZkp6Y1VNVVMyaWZNZWZnLVFCT19n
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKh80NmkKNm_TwykGcAdi6OpWhiVO-Ddsp3NwyPD6MjDBVRmtIgSXlOTsqDRhhm7bN7Nln8XRa1FT7Vmnp9UEkuHs3ECYtg2CqQrXNS1WmFUkG_aotArP0QyylEd-5pSE7cS2eHqQCFuIzxUr6oXHY&google_hm=Q0FFU0VDZkp6Y1VNVVMyaWZNZWZnLVFCT19n
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame CC66 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJy0md_z3-XywXmw7aDrwkc&google_cver=1&google_push=AYg5qPJeV7Xp3MAFG3b5BxGsFPvlcUUmmItornx0YsdGowvhJY3KFr7i8MJaTJiyaiwu_Oh1IC5UDa5GZdHT0Fle7iyn-2NHPQGLroMRvZhixkg0WdKWcMn5_qIaOdG8zWHAiUzOzAFZmg01xNI2LJVXX_o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
2g5vbchptg12mjumi4tp7du68be9ht35
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPa0Mu5aHDAuKM4HrzRYaZnSFdFAoxDPKLLpz8JhpT6veyFwMV2PqQ7VfmNL88Wbd87wYBd7VyEd2p-bwh77UTvjYxCjC_BsdlrtERm90uom4Zbr8bCtx06m0gaOFhvZdLAecKDwE2Qg9JxPADog
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w81J6OztSk2YhFc32fG9Fg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLPa0Mu5aHDAuKM4HrzRYaZnSFdFAoxDPKLLpz8JhpT6veyFwMV2PqQ7VfmNL88Wbd87wYBd7VyEd2p-bwh77UTvjYxCjC_BsdlrtERm90uom4Zbr8bCtx06m0gaOFhvZdLAecKDwE2Qg9JxPADog
date
Thu, 23 Dec 2021 17:31:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMz81riPNkwccp7B9gYcpEo&google_cver=1&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3D...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJaMFYtMTItQ1RZRw==&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3DrDDjqgpyakwG6ywiy9jyIe4jrg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJaMFYtMTItQ1RZRw==&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3DrDDjqgpyakwG6ywiy9jyIe4jrg2P8FOQ6Ev8NzrVxj9ywkL8PiL1InFB_HjWy3_mZ91Di4xvERrrwKrM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hKOFJaMFYtMTItQ1RZRw==&google_push=AYg5qPIz1ejoPfX0_njBmU3Kzl9CuzeXJZxoOBAcXT7-KBWYmrY7sla8LjG8GFyksHUixxbkb3DrDDjqgpyakwG6ywiy9jyIe4jrg2P8FOQ6Ev8NzrVxj9ywkL8PiL1InFB_HjWy3_mZ91Di4xvERrrwKrM
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7Ho...
0
0
pixel
cm.g.doubleclick.net/ Frame CC66
Redirect Chain
  • https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMOYmFc-Sz4sAjN0mrXqu7g&google_cver=1&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASA...
  • https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASAzFDtY-qTuM7SKlXv3pO3base81Nll_2r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASAzFDtY-qTuM7SKlXv3pO3base81Nll_2rcYI23y1Nz6I3dD2qqMVf0hhJgS9k&google_hm=EKQto-g8QQWI0FhZ0Yt4rQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLysnsh_qjwFENGBJ6qiKa7ihkP8fKsCnztNAXZfcwJdlSDZTg5_ehRHwiRY59gqmMlT_qW---df00690la6v3LASAzFDtY-qTuM7SKlXv3pO3base81Nll_2rcYI23y1Nz6I3dD2qqMVf0hhJgS9k&google_hm=EKQto-g8QQWI0FhZ0Yt4rQ
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
no-cache
content-length
0
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame CC66 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In10lx-6cxJKx3TjZa4Bsw3y8smnb4Xk_CNS3kvs1J4ReG-c0o3rRpf9GUifvsPUjePSpX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
viewability
hal900018.redintelligence.net/ Frame 7115 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=90755200177226100951393011817018&a=e7afc725&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7115 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 20:17:49 GMT
x-content-type-options
nosniff
age
162829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Dec 2022 20:17:49 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 7115 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 11:22:37 GMT
x-content-type-options
nosniff
age
108541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Dec 2022 11:22:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 17B2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9bShLSxccsfTUWQNDVrg1j39eHmlKZ3def2bW9YW0IQqNVZG7nnPZi0n8EAkTjnOwjigBzT0KnMTqZv9tiyGX&sig=Cg0ArKJSzA67zPn35DZUEAE&id=lidar2&mcvt=1022&p=0,0,280,580&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3321513415&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280696534&rpt=834&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5359
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531d28a75c26-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: newsyou.info
URL: https://newsyou.info/YAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531d28a45c26-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
pvClk.min.js
analytics.webgains.io/ Frame 0F19 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=90755200177226100951393011817018&js=1&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
esrAwjQ7cvqZwf-9MR1DOmCn1aLUOrRDqS3thH_Ss9dvUbiL91caCQ==
link.html
track.webgains.com/ Frame 0F19 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=85207400175004800710776011817001&wglinkid=3432245
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5994697028380609&output=html&h=250&slotname=7901239171&adk=895116589&adf=3515999157&pi=t.ma~as.7901239171&w=300&lmt=1640280696&psa=0&format=300x250&url=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&flash=0&alternate_ad_url=https%3A%2F%2Fnewsyou.info%2Fwp-content%2Fthemes%2Fnewsyou%2Fads%2Fzaglushka-sidebar-1.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1640280696191&bpp=1&bdt=710&idt=627&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd411357b4686f5eb-221fbe950ecd0034%3AT%3D1640280696%3ART%3D1640280696%3AS%3DALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw&prev_fmts=0x0%2C580x280%2C610x379%2C610x420%2C610x379&nras=1&correlator=2738633273524&frm=20&pv=1&ga_vid=307658117.1640280696&ga_sid=1640280696&ga_hid=234211940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=805&ady=535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753658%2C31063825%2C31060049%2C31062931&oid=2&pvsid=2390655881465621&pem=764&tmod=970&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&fsb=1&xpc=CWAP2ylBpn&p=https%3A//newsyou.info&dtd=634
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/jpeg
Content-Length
667
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503
adservice.google.com/ddm/fls/z/ Frame 0C9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CPXp5uK5-vQCFXkOBgAd4G8H1g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4326771072990.503?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame F6AD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9545c546fd648639f530eaee87fb6f57a9776c8291b692e6b4729a90a06c9583

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531dbc156945-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggjWkDSOspvLOqSNARX%2BDCyEbgYQce2Hvlrvhq7WZKHgrMiqB1P2CowlvleZd7sPxkcoRNlwBndfPczbhsxQQC0L9zHjvSgBzGTDOw4QVp8%2FrU7ir3ny0NwE1IBAwFnpJ0Ft7vc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y73GbOin6WhtdKPyKAGPoUyhRZPPWSHD3iRYkRpyQ%2Fn%2FDSjMcqk0FfKwGj36%2FG2iN6uSAPqKHeo8rQyy9dqgBDaOGjTaiQ7aYNqjfEhGIhlY1rhalbELG96za%2FX2P2%2FielyRmQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531d6b5b6945-FRA
rs
ad4m.at/ Frame CD16 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e25da266ac457e770890e00d1ecce6870163f17fd907cd10cbae7953cb1b31d

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531dbc146945-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMLNifGyMff%2FX3qi9%2BvNRG1ZZx35IUEYATKFzx7CbsWKTim1imuPFU61aNb7DoBdL3wZJQjaq%2FZy%2F6cxgEhQTatfnrWYGWhwt6nBPZ1%2BfStmZf4IdOvBhGrgHzoI8MjUb3q3CnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BhIMOLRrIiQ45T53aDWfEaTamqIWFsTGeSiN4qUzfKFmGhbVnneaI%2FEpYyX55V0kYP0s%2B4pdmqOmJxxU928GyZU%2BSyD79JDWpn5E2NfUp5Gw5oxF%2FyAwPoPcYhzTL3aXTxpc0E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531d6b606945-FRA
1
servicer.mgid.com/1122348/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1122348/1?pv=5&cbuster=1640280698460209089925&uniqId=08630&niet=4g&nisd=false&jsv=es6&w=610&h=203&p3_w=197&p3_h=183&maxw_3=197&maxh_3=183&cols=3&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fyak-potribno-xarchuvatisya-shhob-pidtrimuvati-gostrij-zir%20&lu=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&sessionId=61c4b27a-0daa3&pageView=1&pvid=17de8592dcea4145dd1&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeb1f179dc98d64075f89409bed840ea63bd930be6fdeabea137046d092011a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531d69635c26-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
rs
ad4m.at/ Frame C66F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bf878b0ddeece5904d30fa5a2474bcb3e6b61cde4595a072587c0a9828ee224

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6c23531dbc116945-FRA
date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8GRY9Zuzy%2F%2B1fHsFiH7aFoclt%2FrnlwDSfNe%2B4hH50eGuGYsa7hJrfnOXqKUMsy5IaTxgE884kW6UOiPMnLaN8XIIhJ7MpeCko%2Fstg5a0%2B3OVp5KaOXXjaTX0zC0fm653qcAGHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-nb24
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-nb24
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GY7laMrMUqTNWGyV3M%2F960wxp0c%2Byk6R3rJudtRceynzq8R%2BCk%2BH1PSCd86sg1bTJUKtqRIYlo7rI3SH3Ob7DCJ0N6vYOK%2FVVLmye06UrMMqAum%2B%2Bp0M8pXBeA18aqSLIdOpRwA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6c23531d7b7f6945-FRA
all
csm.eu.criteo.net/ Frame D88B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=RXf7eNua4j8TotWVqLzMGwJWnFRL8MpcSA3sGqhtbdLiBniAwORhiys8DQV29IEdqIqd6rmROtZbk-h9phcmsXuzsoYBubgIhQNq95AF34QYLARQropKYKdUM7S6MIdSKplnDrrgSf4W_2kAE2TmAoEG0PK3-rmT1u-HU5thXyyJXC4EuM_CURqIJfaU6z6mKUadY3nf_5TPrLuy4bufcajNI-TXOwxupuCJJ__75gqWvsxIZbW9C4w9Nridx-nLTqVI2w&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAJ7T4Kp5cJAA1MMRFDPeYvb5Z2PsA_Dw&u=%7Cpz%2BnB%2F%2Bn4uyEO%2BAK5OqaqdTK3a%2FMlWVv9zkKf0iVyTo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyyMmeuHUa7ZkwLJbcGKtCev7ykEvaqDoX69R4_aEGZ7-2WnGtTB6szQn4iq37O7lJV12wllcQaj7KLBKRPI4IVe3XqXb9H2TAoQ5C3a3IGzzbPRaVbAiiLzNCfFURu1gRDwBstzlW9BiMiD8krcjEHBK8zuGUQ07IAczqY9Rxd7oztBoKuDxNXZ8f2Du2qMt7HAGaW6PVgf4D469_qT45Wn_T5dtZVNzsVI6PTVGulNZU_R_GYfachXjPMgeD0qL5f2jjfQLRbMFC1wYLkntOUDlU1RpIP8iCcRgqqwhlUW8eYIz_UEjiZwImW2DwfT54szR9eT2UiCFPemCER4xDVmMdsvoFvvaqUSKp-BMQwAPsKlMUR95kZbtki8N6lXvlzpFzTrSOjrYWn-WpgU_TGn7nE5auiktGW0Ml5xEyZ01MDHH03R3iz4EWoHjyQlJig&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4sEkeLLEYb7aJ4mungWxmLW4CMme0rFcvemV93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaAB1bbS6gPIAQmpAr6Gt4399rI-qAMBqgT1AU_QDxIlgHKNPfwpxlivWkWZsRboo_s-ba9JONQp35kV7EAZBPL_Pv3drvKcgDVhxbFmSc78U4XVufP7mTmzG3m2U8z0iK86MUBJv7gUNiAvx-K0WYdsII3frBAWKZFXe7rCm_VCDkmB9s4CyHG-MWTmC-o3gks3Ue1g6a2LqufettLZTletUjPZoM1zEMNMSXgvRmKXHaqJOhJ0sxmzmzeIGSi4DJxZeNilC58CUEnJabnFgrs6pMSmmtE6pLwEph_xwS9Qiohfu_aIG5VAtjrXVG72wlSoSR3i2Fg7IGgoCphWF-NVo7ZQ4pjpYrIdFdLHZCWogAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3xydmLNinKtTqlRbHjjgl0uuigcA%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
1
servicer.mgid.com/1024868/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1024868/1?w=300&h=496&cols=1&pv=5&cbuster=1640280698490969328424&uniqId=0af2e&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fyak-potribno-xarchuvatisya-shhob-pidtrimuvati-gostrij-zir%20&lu=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&sessionId=61c4b27a-0daa3&pageView=0&pvid=17de8592dcea4145dd1&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1846fe1b78eed3ddffa826be951eb9d544aa9052ccfb60b4aa02330bc0e40590

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531d9a3ad6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
1
servicer.mgid.com/1146775/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1146775/1?w=610&h=123&wrongImageSize=1&p3_w=197&p3_h=93&maxw_3=197&maxh_3=93&cols=3&pv=5&cbuster=1640280698494260544082&uniqId=06ace&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fnewsyou.info%2Fyak-potribno-xarchuvatisya-shhob-pidtrimuvati-gostrij-zir%20&lu=https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR&sessionId=61c4b27a-0daa3&pageView=0&pvid=17de8592dcea4145dd1&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1146775.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66982085058f8b21a98a875e4a31b5bfb2ec56505ecaf3a05ac94480d867a896

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531d9a44d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee2230a08e1f4741585089b80189c6559abdeb5510f2608ff2328b08bc71409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8443
x-xss-protection
0
rar
as.ad4m.at/ad/ Frame EB2B 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
703ae0e521c11132782ffb1655a7a825bd4c9ab260e69163b9b1dc84db2ca07d
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ggn5yh9e2fke6s8hw041k4c40zdrkgegbhppbn5ss628tq5b4wr5epyf6r597a5k4by54hhxpm5dmqw23p9p8srqph1z4wq8xmc76zqqgx9w4h2nvjttk8895s7ck320xyh5rv9p5brjsf84f8xz2w1rbnwxpxs14e6ebtj12aw4n0wh2a9sdfwen4w5pszd0a0vdy1erj5a2d43r4q6ax5j3k8qww9738103mzs790ezg1jrs9q4b96jn8dx4q9s38ap9mdc3zra7v5pj2j3vadscxeahdepc80h0qwvx9d4j40gf9yzrt7pkx0aqnepn2ad30at6cbw7ann3b78y7r2rjntw5zkegg667vkky4fn36y8rydzdx5wcjsgxhqbxp79w1mwp10bywjvr2knzbfn93s3f4cnw99x3a45fz03998xat&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531e1f2e5c98-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame FAF7 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e97aa5d61f6c3d342c08a989ff73b8835cdd1d43909f6adc5e243719d4bf90
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jn3dkvdmzs7v1czwaxsvjf9s8gpyhsh528p4yhbv5atktvx7jw1m6k1fptnhqtqg6nnrj2hqcmz1kdvfcdqnm17vnydgnt8z7p6c5v8s8chmk8bjv08404gncbnqvc52kw429akk4c16j755rmtrqyccbj0cxf1x4gsqk4f5r66n98ekh9r2vy218hptvsmr2k0mjp0eqcgs5ebbf9gbpjcaarzt8y34fszp2t5rj3ptfrvskacg4t071vpv7cr2t3xbc4zkpawba6n7cqen2s8ydmw0t08w2hm653jvvfb30v0sak59kx0xejmnvj5j8spptyfmxjvfnratgahmner08s0ysvt0cgvc6fhdyv6mc23yrwc8bqydnmtxck2s6cbz81stk7mdkqjnrt5qx49mmmsff7xwv3p27sc8ez297pzsj788&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531e1f345c98-FRA
content-encoding
br
rar
as.ad4m.at/ad/ Frame C20B 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a78c92f06fe42f2df4b23c869fd9b4267a6e85301db875ce027e4eb398506f0c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kwv8zbvqn6s6zpb8ee35v3x6nw1h8723rh4cp87gan7dz17bh9bvkf0d55n4bar684za48mgzbm78hjf2a5dyhbz4w50kxpfgmjbj3qwrda81saf73989fb2e03hgk9e5mte0vkwzsd6yg9q5kq30q76eb68jak848sd7abqy9vbzb2vmwb5qy2w12gadr575aw7kxn7nrjtx4mjnaa2kbpgmh4vcqvgr4dhce8c9b5zmqbe5ve5t187ygr774gejbw4pxws78xp6t2z8czfjcnqzzd52ze653yqyeyhrnyt6zx0xvrq9jygt33ncxg08e1zje105gdpp9z69zrg95qgp4kszjb5vaq063y88b7qhqtv6yf8khj3fkdah838jas7715dj8cwzz3rajr8e9xc5y38pq1tz21kb7603vs5h6t90f8a&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%26client%3Dca-pub-5994697028380609%26adurl%3D

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
cross-origin-embedder-policy
unsafe-none
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
cross-origin-opener-policy
unsafe-none
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6c23531e1f425c98-FRA
content-encoding
br
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5359
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
TV9EGYWE00S199ZT
x-amz-id-2
PNtXkU1glOZAxPzbk+hlX7OVIWvv4OOWBZOa90rbxDtDjftx3mN+VuI8Xcy/kOUSata9Gcz4dSw=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531e2af0d6e9-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1024868.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
HIT
age
5380
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
6c23531e2af4d6e9-FRA
expires
Fri, 24 Dec 2021 17:31:38 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY...
s-img.mgid.com/g/11739831/492x277/-/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739831/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvN2Y2ODI3ZDA0MjdlOTAwY2MyYWU0OTg2MmViMDk5ZjcuanBlZw.webp?v=1640280698-17SUIn7t5eqSFV4fb-WGSQqXQvqtes_bvj2293P0hYQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
224cf201-ffdc-42d1-8f1c-f65946dd1da1
age
188301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a7b4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
31602
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmY...
s-img.mgid.com/g/11739835/492x277/-/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739835/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIsd18xMDIwLHhfNDg2LHlfNDYxL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEwLzEwMTkyNC9lNTFmYzE4OThhY2IzOTkyNDAwMDhiNDRiNzAxNWQ4Ni5qcGc.webp?v=1640280698-Mk75nDK6ycg_JVeTl0pZII13x8nlKPIThXtxPw_CtR8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:52:34 GMT
x-mg-request-uuid
0dbfa391-ccc7-4675-b7b7-3abea9fb931b
age
184274
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a804eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21954
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwO...
s-img.mgid.com/g/11739845/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739845/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wMi8xMDE5MjQvM2NmYjc4OTBmMjc1N2UwOWZhYTcwZGQzODQxZTliMTQucG5n.webp?v=1640280698-FQ1n4QQPbIpKfeqXYS4CTqdd3alLDD98AqwapIiNsc4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:46:05 GMT
x-mg-request-uuid
19d1a543-47af-45fc-9b85-fa2e602a217a
age
183869
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a8a4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19212
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlN...
s-img.mgid.com/g/11739870/492x277/-/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739870/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMS8xMDE5MjQvZTFmYTdjZjc2MzNlZDJlNjQzMGUxMWJiNTA1MmIzMDkuanBn.webp?v=1640280698-9AtweG30RUwRm7XpAPauTv7GGdadNsdu8RnMRNsCPOA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:45:37 GMT
x-mg-request-uuid
9f4c8e02-fa90-427e-8ebc-d585a49a2d38
age
186540
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a894eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17578
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2N...
s-img.mgid.com/g/11739839/492x277/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739839/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNy8xMDE5MjQvZmU2N2U1NmZhYjE4NTc2NGI0NTA1MTc0ZmExNjc2YTguanBlZw.webp?v=1640280698-hJYHtSw8C1OZ6QGBPvioMoWeuQkHhc4ps0-ixM7Mjx4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:43 GMT
x-mg-request-uuid
569e242f-3e97-4d15-bb5e-bd3a4526e1e7
age
123618
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a884eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11548
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0Lzc1OTY0NWRkZDBmMDc2ZWY0N...
s-img.mgid.com/g/11739866/328x328/-/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739866/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0Lzc1OTY0NWRkZDBmMDc2ZWY0NThiOTAyYTNkMTZhNzRmLmpwZw.webp?v=1640280698-mNbkKzYFXUK8ledQrDCaFZCIuKY0KHVG4f05glsMOaU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1bfb7f841d4605b7d68345c7f431fbd570e205a1889bd4169337ee3dbc5f537

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:53:16 GMT
x-mg-request-uuid
182fa783-1dfc-4a4d-aa47-bdbac1d63061
age
188301
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a8c4eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11466
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2UxZmE3Y2Y3NjMzZWQyZTY0M...
s-img.mgid.com/g/11739870/328x328/-/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739870/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0L2UxZmE3Y2Y3NjMzZWQyZTY0MzBlMTFiYjUwNTJiMzA5LmpwZw.webp?v=1640280698-4MlkfINPvv4PJ0Ri-NtFk574-mWk2jy3ESldPn9D1J8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c05f1fdf2d5924dfee70fdb0f3cbf936d340a1bfa51321708662480e213ac2

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:59:07 GMT
x-mg-request-uuid
88a65c08-b14e-46a8-8676-15490a13f90d
age
181865
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a944eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9912
server
cloudflare
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzE4NDhmODJiZjhkMzY4N2QwM...
s-img.mgid.com/g/11739864/328x328/-/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/11739864/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvMTAxOTI0LzE4NDhmODJiZjhkMzY4N2QwMjM5NjlhNTY3YmQ2ZDY1LnBuZw.webp?v=1640280698-tq84_4CKtjn3biLvKKRJ0wIDuYt83nNev6aX5SOMmyo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4e43a1f2dcea35e21e08824c5af4f80597b562dc2f2df616aa359324b0b6b9

Request headers

Referer
https://newsyou.info/
Origin
https://newsyou.info
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Dec 2021 12:58:32 GMT
x-mg-request-uuid
5d90f169-4aa9-45f9-9d35-7254f1106994
age
183249
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
6c23531e5a954eaf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15744
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5994697028380609&plah=newsyou.info
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Thu, 23 Dec 2021 17:31:38 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame EB2B 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531e88285c98-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame EB2B 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231481
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXywIDvuJHvnXl0codadBOTQweuFiAeuNNSM%2B1B0bCYJ%2Bt6Yn7U%2BRLJUU4tiEnsEz3ZoW31kFKjHe3JEeVswjN4jdM5TFo7Eh2f3ik27IVsgAruqUg5Qg8tAobuXyIbliujg%2BLt6b5JVMJAt"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c23531e9da95c08-FRA
cf-bgj
imgq:85,h2pri
8D3AFD46DE6A8A4192546FA8CB9819FEA65F690B1ADB7E4317EDFF4CD6CF187CD66698DBA4854E239376743992A0A8E44FBC317DBABB2B29F6F314312465F6E9
assets.ad4m.at/product_image/ Frame EB2B 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8D3AFD46DE6A8A4192546FA8CB9819FEA65F690B1ADB7E4317EDFF4CD6CF187CD66698DBA4854E239376743992A0A8E44FBC317DBABB2B29F6F314312465F6E9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48de2e96c59ade9a6909479fa8c3348cc639b2ec4137bede0dd555445bc7c8e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=9edqkg==, md5=Nad3L7CXTHogAlrhn0T8fw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231503
cf-polished
qual=85, origFmt=jpeg, origSize=126254
x-guploader-uploadid
ADPycdt6oEhB1h4sRUYX-riXqxRsOMltK77tuFtk_cv85rGcIPSYVvHonRVOW7E0680Hgt_uFDViU9bSEi8IUEJuNfzfcb3vLw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30756
last-modified
Tue, 19 Oct 2021 11:44:31 GMT
server
cloudflare
etag
"35a7772fb0974c7a20025ae19f44fc7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYEcNAx3E57x8vWtWmhJptSc0BxqAIJ5Eml%2Fwpa4oKUWdnSmakdsOMDP60CLcItr22cSeBQ48%2BTp2rc4f%2FhYu%2BQtl0FzeGlQQxHia0R08PMerSjjCuJI7wv2RiPgaqalChOCNfMpmqQYPkX0"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634643871094003
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
126254
accept-ranges
bytes
cf-ray
6c23531e9dad5c08-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame EB2B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117699&s_id=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831386066926...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame EB2B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231517
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAulUYgg4GOug5qFjfCSTsVdTwVSwRJ6OTcuyFhsST0d%2FdU7ovZ4z0sjMjcp%2Btlt9I53ScZFmZ6d37fJQQeKFQuRXJVWZ7%2B5JnJEK4HExV0U7qQC4u%2B9VWoMRjNySzzyLqJYqsNsg1JoBDlI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c23531eadc25c08-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame EB2B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231484
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzAWHZ2s7QlDPrg1y90o0ZzjiAj2Q%2FD8JGKPXFrzcM5dW0QDXfRTJG6LL4db6xK72FIzgIliIP1vkcxYPiLc65nj4LX%2B89CSUMG0gb3nYedOzPwz2pOOjretniPH53iYV%2FaycItmhgN%2B4pIc"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c23531eadc15c08-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame EB2B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_con...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266647X113752V1225131106MSoneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183138606692666...
43 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266647X113752V1225131106MSoneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266647X113752V1225131106MSoneidPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCponeid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame EB2B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231485
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxy8KuSvBb0mHXABKn3g3WqWwT2HcHTvrxpq2ST%2BzjtwD6rp2SS9n2prG4djPARa8rhCU4lufG6mLRMZ8b53vsfUF0iL%2FkaCBuOy97sXUsPgHXLI02pKxrxefdjKLXgyI0iy5J5DWuS9cHPH"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c23531eadc35c08-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame EB2B 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231486
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To%2F6NUN64pxs%2BMrkRFEeEXRIcgU3r3eFBfk3FRgxNdOWGoaPP8wMdoUQ4bL7MzTDyrJTpMqu6a7eDxPmKmdLuxmbRM2OgZ9CFlW4DbDnW5u7rFO2nt8CLLIvM2j4E7f65cjo2pwZ4Sr%2FHt%2FV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c23531eadc75c08-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame C20B 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531e88305c98-FRA
cf-bgj
minify
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame C20B 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=V11ayA==, md5=Cid9We/KA2mmmDZF4nNlng==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231481
cf-polished
origFmt=png, origSize=115129
x-guploader-uploadid
ADPycdtIU2bd9HJ3PUUMwSg2Y6KTL-nAo_dJ-HZWAVTObKwbmf9DkLQXNAs_azrk7eJ4sEO2bowh1qRlJCPOVTiXH_8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54564
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z%2FsidF%2FrY0fK84JSycmHu8itP62oPZKyd0DVIx6Fw9MYZjm6CF1UdL41HqKlj6gvr8pnct9pbei%2FinbfQiDXPNx5Ut7VSRGIJB1JmPz0rEDIobd8JfUn01Y40cq83J%2FolqfkcMekTBTTi9w"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883484779402
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
115129
accept-ranges
bytes
cf-ray
6c23531eadbf5c08-FRA
cf-bgj
imgq:85,h2pri
8D3AFD46DE6A8A4192546FA8CB9819FEA65F690B1ADB7E4317EDFF4CD6CF187CD66698DBA4854E239376743992A0A8E44FBC317DBABB2B29F6F314312465F6E9
assets.ad4m.at/product_image/ Frame C20B 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/8D3AFD46DE6A8A4192546FA8CB9819FEA65F690B1ADB7E4317EDFF4CD6CF187CD66698DBA4854E239376743992A0A8E44FBC317DBABB2B29F6F314312465F6E9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48de2e96c59ade9a6909479fa8c3348cc639b2ec4137bede0dd555445bc7c8e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=9edqkg==, md5=Nad3L7CXTHogAlrhn0T8fw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231503
cf-polished
qual=85, origFmt=jpeg, origSize=126254
x-guploader-uploadid
ADPycdt6oEhB1h4sRUYX-riXqxRsOMltK77tuFtk_cv85rGcIPSYVvHonRVOW7E0680Hgt_uFDViU9bSEi8IUEJuNfzfcb3vLw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30756
last-modified
Tue, 19 Oct 2021 11:44:31 GMT
server
cloudflare
etag
"35a7772fb0974c7a20025ae19f44fc7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laY9sVxUTclcRMuWDHSDkBT4GtGsVa8PY9A4idv4bh8Pj%2B7%2Bb%2FxD6UbO8Asn6pwZ2dIHm78JgH7NIPKTi7uou7qjRgxJXMfujEa34G%2BgHNH5w64OoafJ41%2Bt06QhQCSFb7uvVnmrj5J7qGUx"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634643871094003
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
126254
accept-ranges
bytes
cf-ray
6c23531eadc55c08-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.o2online.de/nws/img/ Frame C20B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=117699V1226132702M&subid=oneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117699&s_id=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrA...
  • https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=202112231831386066926...
43 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
78.46.85.162
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame C20B 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231517
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdua4HE5tgYL9XtK-eiTvniYjScFLiCFlKUT9qVyd9WSxZd_ObMXnHRkFnmvhe4hv-lU5Cwb4kNVBciqormPRIs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWGu02J6dGs6%2FpfHB0eM7CNxRQQLnvcqhrI0qhoni%2FVEb5aSUUjlnNUJr6e82vSsUUZ3lXv%2FFBF4pUiw0JBF%2FB%2BEx7uUTrgiYKOb%2FhMU0II2F17btwNmXSaxckVs96joDhxmXUirADplet9S"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6c23531eadc95c08-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame C20B 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231484
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdvulYrDQNUtRxoDFICktszvBld-zumqmU9xDn4fyYnfszA26fzJ2NfXO2rFBYElUh5ZQKFvMfk-nQj1PrGuhQwqjXpKBA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V0iLs7To2omFRzn2Y1Hw43AMCf8i3iStHvlYVcujbHDsYSIjEXKtOmsabg6dpo7xgqKqRJkRH6Lzc6iIwxEt0kTxs%2BDb3DFRTXv%2Bk2BRc%2FhqxjOmq92GMdtO1D42q1vTXeyxoSZ8dh9HCjM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
6c23531e9d975c08-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame C20B
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_cons...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20211223183138606692666...
43 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.blau.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
X-NODEIP
46.4.62.19
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame C20B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231485
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ADPycdsBhB4SVbJUId60_2wHZUuWtHjLMoe6bTHlFfyjCEmZdEXkw_UjuYWIUZ_IKN87qb1Urx01sOoLtw5CjdqWHx0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12110
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjXJlERVkPSUuDES2ZioyF8GMan6RI2Hrs4HwqXPuBEOX2Hku%2BVR2H2%2BWZZFqNsvNo8fnCS5pDbJrJAPITWAXfrHbMEsPwhlUbJhjtpSx%2BdFwICh0hVx1GCVfv5POLal34OklZm2oK%2Fp8gn9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
6c23531e9d9a5c08-FRA
cf-bgj
imgq:85,h2pri
6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
assets.ad4m.at/product_image/ Frame C20B 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6B38C70234B9F3188DD5EE431E82865D3F73254228570FEAA8E0EC084126CA428EE25DBF94F692B9BBC7FE9C22F4F555A804B8157CE8832EEFA3C4F5253BE361
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=FQtvKA==, md5=fhrs2Vg2w7QpQT0tLI6VHw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231486
cf-polished
origFmt=png, origSize=128410
x-guploader-uploadid
ADPycdu670Rk0ISPcs7txQwGYIL1NvXNwFkHaqljLnngC8hZQe9GoRcQBXOqPMxMUAPKD1P6hyAQ8mreDGPEoxRJxgs
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73694
last-modified
Fri, 10 Dec 2021 12:01:51 GMT
server
cloudflare
etag
"7e1aecd95836c3b429413d2d2c8e951f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOxL8T9lP99T9XYHAlSnkiWrO%2BAun33Da8AL4qqQy2upF9K06lhsCzKvDaCPlHbCUeE0XJkhhui4iPRbOIQma0MCgd9HvWwiqwkpveff67pCriMdsMfwyoQ4IzvUpbXCdH%2BAb%2FCKX6Whl8ZB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639137711863674
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
128410
accept-ranges
bytes
cf-ray
6c23531e9d9c5c08-FRA
cf-bgj
imgq:85,h2pri
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame FAF7 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
695195
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Wed, 15 Dec 2021 16:25:03 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
6c23531e883d5c98-FRA
cf-bgj
minify
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame FAF7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=KCmbHg==, md5=qo//b2x9KW8DnVvNoA1SVw==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231489
cf-polished
origFmt=png, origSize=17428
x-guploader-uploadid
ADPycdscMzT355gfSvVKa315d6JuOfUPL6dDnmcmdLYNl3QtMdasAETU7zoG7Y-WnSZ9SmEzicp006oUhvL1oSLYURw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4642
last-modified
Fri, 22 Oct 2021 09:58:13 GMT
server
cloudflare
etag
"aa8fff6f6c7d296f039d5bcda00d5257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfj7f2rVdr3O5MRcFIVeDG0GKJ557cHvAtae1wtYsE8SRMI0%2BYwjdP8MjGudh2zhU9Iuksn0joA51V8%2FBzoldUQUWnxZwQtmqDoNKkw9LPq0AywmLCUBr%2Br6oCaxdh05t%2F%2FUNuTyqAkwr0HI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634896693300485
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
17428
accept-ranges
bytes
cf-ray
6c23531eadbd5c08-FRA
cf-bgj
imgq:85,h2pri
FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
assets.ad4m.at/product_image/ Frame FAF7 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FCE49E1531E79349833FEBDB7533A30B9A744177F8264E7C61970A62BE1544B5AAABFF9C609FE11E6920604AA41733C8FF5A69EAC3919EA134B2C24AEEA9B457
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=lmXgQw==, md5=1xHkv3KBHo5uf1DGNNz2kA==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231518
cf-polished
origFmt=png, origSize=565110
x-guploader-uploadid
ADPycdttGuPH0tGGsTzYzi_HZa0bkyncq1FKkCr_SkQDpyipLH002gMAgRRybUjqDFImnL9tF1IG4uybLuB5BTz5CdffakzVVA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
367856
last-modified
Fri, 22 Oct 2021 10:16:19 GMT
server
cloudflare
etag
"d711e4bf72811e8e6e7f50c634dcf690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7Z0S1kVl66SItJINDLl1nri79PY8AJKwqxbFUz%2BNVDXGd%2BoXdvP91nMqZBKz%2FsBeUWk%2B%2BjunRlCp1xXqD3bjEqk5Il5AQGQR%2FQ05bi8ITdy1MwhYOzHaGA3zcpY75OShyfM5BFcCsgyXQ5a"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1634897779481391
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
565110
accept-ranges
bytes
cf-ray
6c23531e9dab5c08-FRA
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame FAF7 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231512
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdtWwmpW-PaJZY0dnkd822pnNX7k033JfgoXtkmRFgGuoCCXv2tAkXIxzUQtlPattvQmzbd6P4gadkbwRoFHXWk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTOmggPH9brmrDdxjyUuvR1FneZ5aHL0%2FnksgShoUc8sbvcHU7RVelo9W6Sn3nOfbLfbg6fH4XxsJKAeHAVKJb%2BZhfGbz3yxjVKZZcEQIpBvLVvcSmEb%2BBlyJbRWYlWgt4vq3feY5WhD3b21"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
6c23531e9da05c08-FRA
cf-bgj
imgq:85,h2pri
F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame FAF7 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231479
cf-polished
qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid
ADPycdtkYnNyqZGTrUIs4bDjg1vIY92fTtTtJ5jbmJvPDlwEa131Kv16EQqHm0PrNiQXuG_TMliuQ_o0XL2wqYrg7AM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35504
last-modified
Wed, 19 Feb 2020 17:37:15 GMT
server
cloudflare
etag
"9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHbGJA01DArF7QNn5UcIWfKPthUb2iv7mTvmDHoHQ4XPBopA1RIcPT1hBpn9TJJUqTiHpvXP4zLjUPERudv3iyiRHVJPPn3K7NLPIByAb%2BKhPnPuSDMfPn%2F6DkCl316y2rkItH3mKy6XYkY3"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1582133835673152
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
40264
accept-ranges
bytes
cf-ray
6c23531e9da35c08-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame FAF7
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CK6PgeO5-vQCFY3Kuwgdf4QCmA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTgoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRot...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280698_2f55c111-6416-11ec-a9fe-2263e4039ea6
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280698_2f55c111-6416-11ec-a9fe-2263e4039ea6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1640280698_2f55c111-6416-11ec-a9fe-2263e4039ea6
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
assets.ad4m.at/logo/ Frame FAF7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/5404B18EC3C42814EC55ECCDAC94D540D07E28DC37C9B2BFAB5ACD0D732F3D3007B5B05DBBEC85F426804F85EE3DC1BB4334F2E31FDEB997FF3BDB393C20025F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=/Q/6tg==, md5=wyA5XaMHHJmGLFy2SnfRig==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231513
cf-polished
origFmt=png, origSize=29675
x-guploader-uploadid
ADPycdsmFjfCjDxNw9V-boqB6FitOxRABzpI0ASd-q5evxceu6ld2zjQQa0lvdZ6k4MfCs-bD36Lxm1fKOdoxa4PmWnpEMHeTA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11084
last-modified
Mon, 11 May 2020 08:26:17 GMT
server
cloudflare
etag
"c320395da3071c99862c5cb64a77d18a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTh7ivQ%2B9EwPX4tvYTViBUjzTfOUiJEQZLj%2FGYbFXbEFO%2BaUzNc%2F2%2FdAGONdgQdF9Yq2xQCEA52hEZdf5lHEkkertaK%2FuopxcCFysEKSZ944%2BT1Rxy%2Fiw9drPpXa9RGS6V7cMFQn1SBAh5u7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589185577639472
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
29675
accept-ranges
bytes
cf-ray
6c23531e9da55c08-FRA
cf-bgj
imgq:85,h2pri
9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
assets.ad4m.at/product_image/ Frame FAF7 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/9AE8F63960E59AEBA7C87D6EC1BCB3F76BB15CBF908C84DAC0430D19E4DCF95A0C6FDF609CFF5E20F0EC3E37D1C1616A2D3D74BDC25D3D6E4B606E1E2C4F2181
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=1Hb8/w==, md5=hZxXU1RAQV3ntT4Wegq49A==
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231510
cf-polished
origFmt=png, origSize=491451
x-guploader-uploadid
ADPycdv0e36FsQkZoBK2yex_tamgC8JE6CG6cJcc4y3xIllzIs84o9X7Vzqt5dZBlXf5PfsuA31PBWF9ANQ5Mebjj2ELRimHbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
310322
last-modified
Wed, 15 Dec 2021 16:19:29 GMT
server
cloudflare
etag
"859c57535440415de7b53e167a0ab8f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWrqLIvFOp1csliQGQvm%2BHdoys7J6VDx9a39Z3st09MxvuaymobS7P4uZnmEoRFlhs36Se1u1PmNxILXy14Ynr1sF9pX5lqwdfUTJ7Ag4nwxu8ByToitzjoD6F3AGfMoIx12JEwCFzqw7EsV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1639585169260253
content-type
image/webp
expires
Fri, 24 Dec 2021 17:31:38 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
491451
accept-ranges
bytes
cf-ray
6c23531e9da85c08-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame FAF7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2471479&v=10679&q=372055&r=412871&pv=1&pref3=&pv=1&pref3=oneid4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUKoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame EB2B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
e841cec87f0a6b2375ab144017db281edb81370033ac48994e9db43dffdb8230

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1473
Expires
Mon, 26 Jul 1997 05:00:00 GMT
i.js
cm.mgid.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1640280698673497412044
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1bc88c034ea2568ffd22c7ab53c3ba3360bafae214df5cf166c7aa8ba7542d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23531ebbfdd6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4BD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 23 Dec 2021 16:35:09 GMT
expires
Fri, 23 Dec 2022 16:35:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3389
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B7C2 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b94df74107de1e2ddb523ce14897772131bc766d1900aac242709028691ada1f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RQx80Z/Vt+34gTIOuK+SVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 23 Dec 2021 17:31:38 GMT
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-RQx80Z/Vt+34gTIOuK+SVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
link.html
track.webgains.com/ Frame C20B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
e27b0971cac58e67f7b1812bc9a9442a2fe9184cb3e901cfedbed8b9bbcfc9de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1473
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame FAF7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2v32hqvwd1fw3zs9zbqfvrze7et9szp1mvta04r6105qav37904t2138k7h8mn35jm0asxy240tk1dan7mhajs1ceymd9tccdxtjpzdx91hg7djf0qt2xf6qngmk34zseasn23j4q0b8jt8mw02qspbg0dnvgwb68dh5edejv2fm0zrdc4jd3dfr7chb54b41v4p62j9bc3657zevn381ssjz4rjrb65jy9zjn2y3281sqs2ny5665tsrrjdpkan2t2g5e8ecgyb73vhq1deth3sfexakc1k2n2r22srednzqacn6vxq5vkg%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
71e89e86e86c82fe4a43d29e5c5bb6ad29e857992ee1720a41db7146ec11621e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1455
Expires
Mon, 26 Jul 1997 05:00:00 GMT
i-noref.js
cm.mgid.com/ Frame 5ECC 		19 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1640280698709792326496
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/n/e/newsyou.info.1122348.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c23531efc42d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
activeview
pagead2.googlesyndication.com/pcs/ Frame E553 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuST5DTj5cUtaRgdsWusX3H3tvMh0p05RlQt6NJ4jn0BTUinKUXby-3bATFg9YOYJAVEr39kd4TptMhfLCboTBt&sig=Cg0ArKJSzIeiDiEKE-exEAE&id=lidar2&mcvt=1008&p=0,0,124,1005&mtos=223,795,1008,1098,1098&tos=223,572,213,90,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280697181&rpt=334&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B7C2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2390655881465621&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
pagead2.googlesyndication.com/bg/ Frame A4BD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 13:02:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
16134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13555
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 13:02:44 GMT
sync.html
s.adtelligent.com/ Frame 6C94 		1 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=658327
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280698673497412044
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
VertaMedia 1.0
Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
600
Access-Control-Allow-Origin
https://newsyou.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame A9B7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1640280698673497412044
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Dec 2021 17:31:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Date
Thu, 23 Dec 2021 17:31:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/ 		0
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=lbnAVg2UX0v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c23531f9e4a4e8c-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=lbnAVg2UX0v9
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=lbnAVg2UX0v9
  • https://usermatch.targeting.unrulymedia.com/usermatch/iponweb/b339fbb3-0af1-416f-977e-9f720d141153?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/b339fbb3-0af1-416f-977e-9f720d141153?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/b339fbb3-0af1-416f-977e-9f720d141153?zcc=1&dspret=0&cb=1640280698950
  • https://sync.targeting.unrulymedia.com/csync/RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003
Protocol
H2
Server
213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=TnX1MQTCZlRAhIKK3UKE&pi=mgid&tc=1
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=501037&c=TnX1MQTCZlRAhIKK3UKE&pi=mgid&tc=1
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353201de7d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=TnX1MQTCZlRAhIKK3UKE&pi=mgid&tc=1
pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT, Thu, 23 Dec 2021 17:31:38 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bGJuQVZnMlVYMHY5&muidn=lbnAVg2UX0v9
  • https://cm.mgid.com/google?muidn=lbnAVg2UX0v9&google_ula={guid},5&google_gid=CAESEDsV8rp3YtgL5pNQcOEvFx4&google_cver=1
0
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=lbnAVg2UX0v9&google_ula={guid},5&google_gid=CAESEDsV8rp3YtgL5pNQcOEvFx4&google_cver=1
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6c23531fed90d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=lbnAVg2UX0v9&google_ula={guid},5&google_gid=CAESEDsV8rp3YtgL5pNQcOEvFx4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=d3093044-ea9f-4fa5-83f3-d54088a7cc00
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=665953&c=d3093044-ea9f-4fa5-83f3-d54088a7cc00
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353204e22d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=d3093044-ea9f-4fa5-83f3-d54088a7cc00
date
Thu, 23 Dec 2021 17:31:38 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=7928755818476390351&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=b339fbb3-0af1-416f-977e-9f720d141153&gdpr=&gdpr_consent=&us_privacy=
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=b339fbb3-0af1-416f-977e-9f720d141153&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353209eb1d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
//cm.mgid.com/m?cdsp=433145&c=b339fbb3-0af1-416f-977e-9f720d141153&gdpr=&gdpr_consent=&us_privacy=
Date
Thu, 23 Dec 2021 17:31:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
cm.idealmedia.io/setmuidn/ 		0
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=lbnAVg2UX0v9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6c23531f98745c62-FRA
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=fbbc6de0-065b-4d9f-ac1b-96d342c134ca&ttl=1642872698
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=fbbc6de0-065b-4d9f-ac1b-96d342c134ca&ttl=1642872698
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353205e3fd6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=fbbc6de0-065b-4d9f-ac1b-96d342c134ca&ttl=1642872698
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://rtb-usw.mfadsrvr.com/sync?ssp=mgid
  • https://rtb-usw.mfadsrvr.com/ul_cb/sync?ssp=mgid
  • https://cm.mgid.com/m?cdsp=287839&c=2fc83076-304b-49fd-ab6d-2b05a7278350
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=287839&c=2fc83076-304b-49fd-ab6d-2b05a7278350
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353236ae1d6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
//cm.mgid.com/m?cdsp=287839&c=2fc83076-304b-49fd-ab6d-2b05a7278350
date
Thu, 23 Dec 2021 17:31:39 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=lbnAVg2UX0v9
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=110634389261605868&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
mw
mwzeom.zeotap.com/ 		95 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=lbnAVg2UX0v9&zpartnerid=1532&zdid=1532
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 23 Dec 2021 17:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://newsyou.info
access-control-allow-credentials
true
cf-ray
6c23531f98704e13-FRA
access-control-allow-headers
*
content-length
95
usync.js
eus.rubiconproject.com/ Frame A9B7 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16e193e01b3ae667484d6b11a440a75395094ae65e221a43be8d24754b5cac2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=37705
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9703
Expires
Fri, 24 Dec 2021 04:00:03 GMT
pvClk.min.js
analytics.webgains.io/ Frame EB2B 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
KKgzA1GKBdd7xdBjNm5hYPLHwC4ovdXnKiU4pIFKp0CtDAXyvkmnuA==
link.html
track.webgains.com/ Frame EB2B 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidY8mhrf3fwBgTGC9HetQt1JWSkSWt4jKtroneid__asuid60L0moNh5fqdSyvPwiSJ46NjJqdF8-beasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C167497%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CPJ4HBfEbabK2Qf9HjHbtMtPPgSZT9TkGCp%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CbwqTQfYZs5KWVHYHbHzt8CwwmsxTJTJPSJ%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=abd8a6c6f9d92b9ca164284f0ff1f1f3%2F5050503406790913130&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jjbef6hx032qkbnm464ty57jpkfjj5pj3j8vjeejf7xz3xgv8rv9bw206ytda0cm0q9mtp4ztjytz4aasajrr7xfqwcq99n3nth0af3390mv4bpv2hf2pckgfb4t7kgkehpj6f4nccvdzgvn7r991md5f6thek2ptj8ndjjcwecakzk8xk0rbqt68sg9y1w8jgcj7n92y06f3q87w8qg81z7w1w9w0xm49wtfkh8kx3nzys7wqsh5qjdqcw1rpvcvgqt87pxra8vtmw7z6g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2_mOebLEYYn-BKuvngXw-5rgCpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0PUncvf3VRIpVB-SLhMbKNAx88ZVqRkvVv5wt3gFYZt8g4ChZ0_lPaA7BnCyblH4MS13WLow2OqgJYlwTldEGOpHbLENvAf4hn4Womu3Na2PNx1FrPG6pqXxYjoQWHVuj50hSZD03-vOiOxJ4lM49UfEp73z4t7mF82-rXPUEku7IhtH_7-aXhLJaqS1x4GtJVfoiYsiQ2mPMajb0fnillkYvmQionDFtp9Ss3JQigmkZ3zBNYikvV-WQI4TNzU3G6d-Ij4tvD_wzi6LwnQ6rG-5PLZRNQZf1RxOlHEWWr1h3yiTJOvQshyb2xC-os-d3VdE0glm_99b9oAGvLaZ853-j8sxoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0S4JiznMsq8T-XiKe1zaEkS5rMXg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C20B 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneid64rFefw3feAxfeHmHYtECxVms2T1Tjga7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
z--1ZVamI9NFR8mbNepcYjmgQQNj_ByuD0Gk2g_HyFIeXTGqnazaIg==
link.html
track.webgains.com/ Frame C20B 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidq7ZumfWfE5qUZHgHDtJtMb5heS3tAzqu3oneid__asuidPn5gDtDNfjmooMK5wnKQ6MFko0xaK1auasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20833%2C19491%2C43784&b=j6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CMm9Uzfpram3JfWHEHGtDtdzps9T4TPDa3&f=xPKSQf9AHQXbHPHdHztDCRRgcJT6TW6uA%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2C64rFefw3feAxfeHmHYtECxVms2T1Tjga7&c=300&d=250&e=VAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7J&g=94249aa6a81bd536354846d198c18b88%2F4259833368735670256&i=20774%2C20773%2C27720&j=14%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698509&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kywxdjnbtftzj2fhh8k5wr3c8f2kqxda8t9bhfk6951gkznnjscefabvd4xkq3pvqah6w52pssm6n78d6zba6y98m7pbrq9nnxjha3sv0r7bxbwdt8cpwggcm25gcfe46f8x9zc3w962xqcft9qytznz87b6rdqfb5c1fkv7q4bpfrzr64b3e7mktbtr0fzgjafmgsdrnwb5mp7xm6khpwqwvqfm72zf9vczqkge0yx3kgj3mdzexgdac7fc7eqb9d0c36e8qkahdzwj96g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCVhpRebLEYYqwAYqengXUpoJIkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNTk5NDY5NzAyODM4MDYwOaABwq7o3QPIAQmpArjTclTQ97I-qAMBqgT7AU_QjtIcJ-ahWwdSq9lZTfI9lKwwpzv3PRUxSBWup_QQge25AXrFDKy-BTcMmC3jtgdGcWT31Ypy4MgJ4GaEMTsW4Viztneh6kTf1GBXlOeXHi0u7-1WAOv2QKLSqNMf1pHQ_mMb8hmndij9M0jp79uuRseAMwDBsl_6O75mkRF7_5o7jYn5HsCQf3H7ZI4A89j61gmKss2RhURkLlRnDSMo0d1unSabEW1FWNIHpxf08X9JT3Mvuj8Q3NJJykZWi_nRQyemTjozbXLylgfM2IERMji8wUQcTW_O4oPUswn4iO1nDNhodaXzfmuQ-XQ9ILvejQutuz9sLyuZgAa8tpnznf6PyzGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2ljREVDavBQhda75putZ7dKiTRAg%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame FAF7 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766801&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1g2v32hqvwd1fw3zs9zbqfvrze7et9szp1mvta04r6105qav37904t2138k7h8mn35jm0asxy240tk1dan7mhajs1ceymd9tccdxtjpzdx91hg7djf0qt2xf6qngmk34zseasn23j4q0b8jt8mw02qspbg0dnvgwb68dh5edejv2fm0zrdc4jd3dfr7chb54b41v4p62j9bc3657zevn381ssjz4rjrb65jy9zjn2y3281sqs2ny5665tsrrjdpkan2t2g5e8ecgyb73vhq1deth3sfexakc1k2n2r22srednzqacn6vxq5vkg%26a%3D&clickref=oneidd9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUjoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth&viewref=oneidD8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtVoneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 11:05:10 GMT
server
AmazonS3
age
24094
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 23 Dec 2021 10:50:05 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
GuVwf1i5FKwauJqm6SvVLHbu26RdzE5iSxKcAwh7o292JPerwZ2uaA==
link.html
track.webgains.com/ Frame FAF7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidzg37aRfYfqqqWteCBHMtqtPV99FVSZtgkTWoneid__asuideteQTtt7m6d3Pm-s4yKBbR8dSbsK_Ifqasuid__misaglam_advancedad_300x250&wglinkid=3766801
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=169080%2C15255%2C176225&b=D8qh3fWwhGGGBa3HmH9t1tkbKKTWTmTgbtV%2C23Yh6fAqfMAJtVHWHkt8tREbaWT7TKBTg%2C4PGSEfX5CAXZ1FGH9HdtAtrGDaZTpT1EUK&f=d9DSEfPkHpppJTEHjHwtqC54wwC3T4T1rUj%2C4PGSEfX5CwQRSGH9HdtzCjWrtZTpT1EUK%2CrJmHQfD9c3Zp7hAH7HjtJCr6ga5T8T36sd&c=160&d=600&e=9sv_Ka9v9igDFFnI1kYKmrTX93lAQvgu&g=e97dd56984eccb2c64256dbba44c24de%2F16178602847887762720&i=65760%2C25174%2C26429&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1640280698506&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jp31dyhdfzxak96v9vbe79r7r9c5s523t9hqqp773xr3rc0vsc48x1q0r14j34jzv87fvte9pwz8fzwf0m2h79emjrej1prrm7mx7q8vyqttntx3rqr53fnyqrsshrkxepenbc0nkgk62ydawhz78xpx5bs5k75a351ktnsn6j1292zeez25d2zjz611wcn915e2t3nez7d26xz39n0zkmcd2d0qxr8bm6ddqxjdc2j26g1egm4xdqm9e9fkcdt8az9tpmye5m70b81eq0g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCAUetebLEYdSeCMypiAPovZaQDZDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAcKu6N0DyAEJqQK4z-m_AvqyPqgDAaoE-wFP0MnsvaPN_uZzTrrVJVinVtTKN9lwVlj57_MBmKd4HzzyIlKlZbEULhtDqTzp1Sz2urgC7KbHmX4BFAj8n9bKpMBBccx9nQClpqiAeCEKANjvPkr7Gxw8i-Rw_L58rPE22QofUIS-QN_H25lDEnWueHWyrQpsKFw-4Z67UzboJ41eDBw8s2Qjowb4_yP6S9zcxLhMzff8e97AARfWxnjkbXFEVQu-zWADBldBJGKMixXiauAiGVOnH0vYXv9EThDVa7Y-hAw6yV--PnxOKrBTvnl1FCNd3U_zZQcTI6EF3_h6TkCw2KvQ5Gn3PijRVcCy7Wdmf5T4m1EaOIAG8Pb5mO2H7Ka-AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2rVxvgv5D0K-GG6nnFFd_EQKPbaw%252526client%25253Dca-pub-5994697028380609%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Dec 2021 17:31:38 GMT
Last-Modified
Thu, 23 Dec 2021 17:31:38 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
2759
Expires
Mon, 26 Jul 1997 05:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame A9B7 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame A9B7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
5e3ed5b16ff95387d0b9d1c5e78ff6a2
Content-Type
image/gif
all
csm.eu.criteo.net/ Frame 689C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=lZyo2dua4j8TotWVQqy-NQy9orJekn1BUcURQP8cXmW-6akcYNp1KJNUQU1iUwhIZxwlhU709CNQd1jlyYHV_1i_QYWIMUoDwsqfqXHmGwdsZjTG7yTRgtyJtFyUn9LRWrhtWGEMRTzGpVt1MPRn3ULoJHVreLK1-ukG7i9apa34Ear6l8tgGBwZeAt93zXA-_a9Xui-IWWVmtBnYr37NCxqyYl9G6P0ORI6HXgRoyFyaAI9FrIMWT2odc2wAmkL837QBg&sds=2&rev=79924&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YcSyeAAI4uAIFUSyAAsq4CUkUTLbEHJaiWN4ig&u=%7Cpz%2BnB%2F%2Bn4uytBTXETBX00lT9HYZArrAA5ciovYRGW2k%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUEjU08dWIaJP0eZa0C7d1zkXGzMxVLv8kWKlZ1Lb7wUbkp5-VBa12znQD7LPBT9pNz2NAAyMJbBdVNJArjEDh48z6jRZ0kZfXOvrrKHg9fIJwi2LLPzNXA1BobhWEnnY8QCFGCZB8AiSrPJ5qfYfUHYmZJjTMpCe0js7avEIg61lHUoXjNfdDx1WSwOSQRgGMPZoAQQQ9-7NAGaSz3jlIriKbl85q3CQbLYpXfgDHPiw1W-6I_kkr-h_L_Nr171wxQ_IUHfOD6vY4tPMc3hka-eATPTO0NhlmBH8m4y9Z0Sjnur1fzJMEQ2ACG25XL3XQYUd7D4R27mjl5N1bcursHk-pOWwB2qcX1uYFqQUJUx2KM8tw_XKhgUfuwSNiM10oX5h1_C9s8w2b7srrSmYt3zVMfH1MAFTiTtX6X0HAQmKQL23s3BYFR8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEbndeLLEYeDFI7KJ1fAP4NWsgAfJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTU5OTQ2OTcwMjgzODA2MDmgAdW20uoDyAEJqQK-hreN_fayPqgDAaoE9wFP0KfWilzWwZdDQVhOnTLFd1Le5KvRbYuKUpL_yGHZz_g-bwcAu-bNmz4lPR0FjADYi2INZ75llYFJfci9QapECRagcYiyNhU1vPpd1URUvdJYdCvffL8JFxPGkMJBr87Z47nTVk0AU9eNy63ti2VMvWmH5983aT6cBDiw2yY6KcIB4kI88BSCtoxpCQwc08pJvcQZcQyLQ11KB14FVAjOaHV-vqZadLsVCh0fk_EYmWfUYznKa3UawvOWCMjtpQycHy56HSbriLCVlzt4ea7jqWh9wpanJPheSBBNsCAcOT8H1PROh0fd6cfIPuwDTruSnzdt-krFgAbtueP38az7o44BoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1pHsx15DtE9JxOcHX-chonm6uekw%26client%3Dca-pub-5994697028380609%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 23 Dec 2021 17:31:38 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2390655881465621&bg=!f3ylfDjNAAZKWFskSlg7ACkAdvg8WlgXlcoYRiJHOQXyAh-bMQFspcmGDspks3lNAS2vYdgRLTSsZwIAAABuUgAAAApoAQcKAHt-FBa2Q82zNzDOVsAEovD1F7CsVtQv1nfdP6IvDhdYxul4WriY8SgMGVa2OW4o-RW5J9VDzNwhvic3c_xbZr0HPDK8bQSy7-iUfdHGDq4ItM6VxDXR64nTZNlowtPm6w1diVuCHVMMiOM5keLKMOBHIeBNeBGoH9rsXXKZAqs6-gxM8KPa0ZF7ClsZv4usgqWKhjBR92B7YjrEAl8UqxUotKe9xRxO795Hcy5JAdNVnBfzGOOdL7pE6Fw7hflQiXUA6UmrY1-aYrmY6YBRed0FFHw4EQwgbnwtg5w-lZp2ousNlfP5KYpvQjnSOFEo1IY8zsQKFup33cWL4X0VeIxjUVZBZYpFfhSU1_xgG-JfON5_LSibrn4jgsrmXG5bgXtFqtTLBBg6WKiznDr8S3HvsiCSIcsFxmFeO9ylNScWXB1jkofhpu_JxuTYex6E2FALnKmfLaCYhdEcMo1bRx8rzP46tykBdvA4wu5PCjuRuQ8hazBxI0XKZYaxHKMAkJ2o2CdbE2LHdowGk6e7XqU85W0LIXnh-1pa6JMnArbzk9Wwyink2vGKTvjpdG52PZkrcf2095tSWEnNqSflYW2mFMTFFT2uuNYJM4Gu8fL6TLYZ9UiKEG3_QwKJOmt2l6a-hubHRVpM6Y9bwkS0P6ZN1FVkR97aoDB1Pmsb35J_cedjDC6ZzM-kQpeYzqe0yqJIB2okvR2Lv9CO_A5svVXWk8d7ZIiBoVfoWpI2RL5XfaHetXFPyIy70f1g6hcnnq5NyRVe5PQf-DiS76q7ZrnE0BGNcTjGyCA3eKL13dZz9BG9BH4-j5g6-u0dsYgNBjzGaD8-mzS_jidEBc0ZebWMM7aE8Ly951-ldqkTaJFGMOb1odo-3hwMKEA9EN95j7E0Yz5Ghk5VXOXdbE3naqkSxHzp55DMnU9ZDsyxWj6dPj9e70gGRqYziqv09R18EoYxmjSuBd_z_F335-GbJXiLBX_h-zPFNY0pj2aiiG_pS5EwoUL969fbAgurggwOWUQ-BTGY_ALTbmZuIUYP_HF3J4u37xTFUP8gY-34Hm1pqgIBd45fANnSWg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsyou.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/ Frame 6C94
Redirect Chain
  • https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
  • https://cm.mgid.com/m?cdsp=617666&c=8e86856fdf87d32b
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=617666&c=8e86856fdf87d32b
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=658327
Protocol
H3
Server
104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6c2353258dadd6e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Location
https://cm.mgid.com/m?cdsp=617666&c=8e86856fdf87d32b
Date
Thu, 23 Dec 2021 17:31:38 GMT
Server
VertaMedia 1.0
Etag
8e86856fdf87d32b
Content-Length
0
tracking-event
api.webgains.io/ Frame 0F19 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F19 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDgAysPhuotpOSSo2dXQ9jF7EN3gr6K2HUkYzyAVyqnWjZ7HXTu9W2-1agMLKq35l-tlkicaTrWq569s3o8BXJ_w&sig=Cg0ArKJSzBIZdUEWkBzkEAE&cid=CAASF-Ro7sYS-QnzYQNKvFfb-GbB3iCsX_Fe&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=895116589&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640280696826&rpt=1377&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900018.redintelligence.net/ Frame 7115 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=90755200177226100951393011817018&a=e7afc725&vb=v
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=90755200177226100951393011817018&a=10d889af
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 17:31:39 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame EB2B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame C20B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame FAF7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.25
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.25
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.207.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-207-34.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 23 Dec 2021 17:31:39 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
img
pix.eu.criteo.net/img/ Frame 689C 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1165318-_x600-nocrop.jpg&v=3&w=800&s=LzlBB40wIezU9oSbleSOY3Pn&b=800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 22 Dec 2021 19:04:08 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
80851
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=31535999
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
141508
expires
Thu, 22 Dec 2022 19:04:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 function| _m2119463472 function| $ function| jQuery string| ajaxUrlFlatPM boolean| duplicateFlatPM boolean| senseFlatPM object| adsbygoogle object| head object| script object| gnezdoAsyncCallbacks object| mtzBlocks object| node5876 object| node7880 object| jQuery1111025465456846271883 object| node6822 string| iS object| iD object| iP string| iR string| iT string| iH number| iI string| GoogleAnalyticsObject function| ga function| ym function| flatPM_arcticmodalLoad boolean| debugMode boolean| duplicateMode boolean| senseMode boolean| countMode function| flatPM_sticky function| flatPM_addDays function| flatPM_adbDetect function| flatPM_setCookie function| flatPM_getCookie function| flatPM_testCookie function| flatPM_grep function| flatPM_random undefined| flat_body object| flat_count boolean| flat_counter number| flat_iframe string| flat_sep object| flat_pm_then object| flat_date string| flat_titles number| flat_dateYear number| flat_dateMonth number| flat_dateDay number| flat_dateHours number| flat_dateMinutes boolean| flat_adbDetect object| flat_userVars function| flatPM_ajax function| flatPM_then function| flatPM_persentWrapper function| flatPM_setWrap function| flatPM_next function| flatPM_start function| flatPM_setHTML object| flat_pm_arr function| jQueryLoaded function| jQueryLoading function| randomInteger string| RESOURCE_O1B2L3 function| smiHTML13248 function| smiCSS13248 object| smiq function| smiHTML13267 function| smiCSS13267 object| _0x54e7 function| _0x3ea5 boolean| scriptaddedobl82749 number| __o1b2l3_updateStatsEvents number| utarget_rand number| utarget_cookie object| utarget_script object| l_m2373539737 function| smiHTML13245 function| smiCSS13245 object| name46now object| Sk object| FB object| _mgIntExchangeNews object| MarketGidInfC1122348 function| MarketGidCContextBlock1122348 function| MarketGidCMainBlock1122348 function| MarketGidCInternalExchangeBlock1122348 function| MarketGidCRejectBlock1122348 function| MarketGidCCriteoBlock1122348 function| MarketGidCInternalExchangeLoggerBlock1122348 function| MarketGidCObserverBlock1122348 function| MarketGidCSendDimensionsBlock1122348 function| MarketGidCRtbBlock1122348 function| MarketGidCContentPreviewBlock1122348 function| MarketGidCResponsiveBlock1122348 boolean| mg_loaded_413933_1122348 string| scr object| div object| x number| len undefined| newScript object| APC object| adexOpt number| loadingMedia object| adPartnerMediaAd object| place object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| result string| key string| apuid object| sessionData object| loadedBanners undefined| getApuID object| shownAds2489 object| initRtb1640280696046519761 object| MarketGidInfC1024868 function| MarketGidCContextBlock1024868 function| MarketGidCMainBlock1024868 function| MarketGidCInternalExchangeBlock1024868 function| MarketGidCRejectBlock1024868 function| MarketGidCCriteoBlock1024868 function| MarketGidCInternalExchangeLoggerBlock1024868 function| MarketGidCObserverBlock1024868 function| MarketGidCSendDimensionsBlock1024868 function| MarketGidCRtbBlock1024868 function| MarketGidCContentPreviewBlock1024868 function| MarketGidCResponsiveBlock1024868 boolean| mg_loaded_413933_1024868 object| MarketGidInfC1146775 function| MarketGidCContextBlock1146775 function| MarketGidCMainBlock1146775 function| MarketGidCInternalExchangeBlock1146775 function| MarketGidCRejectBlock1146775 function| MarketGidCCriteoBlock1146775 function| MarketGidCInternalExchangeLoggerBlock1146775 function| MarketGidCObserverBlock1146775 function| MarketGidCSendDimensionsBlock1146775 function| MarketGidCRtbBlock1146775 function| MarketGidCContentPreviewBlock1146775 function| MarketGidCResponsiveBlock1146775 boolean| mg_loaded_413933_1146775 object| shownAds7460 object| initRtb1640280696045727656 number| bannerNum object| onMainScriptLoad object| loadAdpartnerVUnit object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| google_image_requests function| adpartnerMedia function| loadjscssfile function| createWidgetHelpButton object| TelegramButtonOptions object| Widget object| shownAds7858 object| initRtb1640280696098222156 string| google_user_agent_client_hint boolean| laScriptLoaded function| addJqueryFbrRc function| take_ban_teaserFbrRc function| getUrlVarsFbrRc function| take_ban_teaserqKpeK function| getUrlVarsqKpeK function| addJquerysymhl function| take_ban_teasersymhl function| getUrlVarssymhl object| gnezdo function| adpartnerVUnit object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| dmpProfitclicks boolean| mtzCheck number| intervalIDFbrRc number| intervalIDqKpeK number| intervalIDsymhl object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _typeof function| _createClass function| _classCallCheck object| web_script number| is_clck function| web_callback string| website function| are_cookies_enabled function| inIframe function| compareElementsWithParentsToSelectors function| compareElementsWithChildrenToSelectors function| compareElementsToSelectors function| Browser object| browser function| run object| Ya object| yaCounter44453875 object| onMainScriptLoad5555 function| WidgetTelegramButton function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| cookie_expires object| options object| system object| _parent object| banner_clases boolean| edge boolean| linux boolean| new_opera boolean| ua_ios_opera boolean| ua_ios_opera_mini object| main object| banner5555 object| banner7459_29284772869286190 object| banner2489_1640280696046519761 object| banner1640280696046519761 object| informer string| ban_teaser object| banner7883_1640280696098222156 object| banner1640280696098222156 object| banner7460_1640280696045727656 object| banner1640280696045727656 object| block string| text string| prev_link string| teaser object| google_llp function| removeGooglePlaced object| googletag number| cur_time boolean| wait_start number| _997726831838 object| _997726831831 object| cd string| dt object| onClickExcludes function| mgReject1122348 function| mgLoadAds1122348_08630 function| MarketGidCReject1122348 function| MarketGidLoadGoods1122348_08630 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1024868 function| mgLoadAds1024868_0af2e function| MarketGidCReject1024868 function| MarketGidLoadGoods1024868_0af2e function| mgReject1146775 function| mgLoadAds1146775_06ace function| MarketGidCReject1146775 function| MarketGidLoadGoods1146775_06ace string| _mgCanonicalUri boolean| _mgPageViewEndPoint413933 string| _mgPvid boolean| MarketGidCSvsdsFlag boolean| _mgPageView413933 number| _997726831832 string| user_agent boolean| mac boolean| windows boolean| ua_chrome boolean| ua_ya boolean| firefox boolean| ua_opera boolean| ie_11_edge boolean| opera_dev undefined| ie_8 boolean| ie_9 boolean| ios number| cou object| b0 object| b1 object| b2 boolean| class_selector boolean| match object| items number| count number| item_w number| item_h boolean| flag object| pos object| h_body object| h_doc object| new_post object| GoogleGcLKhOms function| LoadCriteoAllPlaces1122348_08630 function| LoadCriteoAllPlaces1024868_0af2e function| LoadCriteoAllPlaces1146775_06ace boolean| i.js.loaded boolean| i-noref.js.loaded

138 Cookies

Domain/Path Name / Value
newsyou.info/ Name: b
Value: b
.calculator.codes/ Name: uuid
Value: 12966cde-1c76-4b94-8ea3-06999242b04e
.mgid.com/ Name: __cf_bm
Value: GbDPTcgnsA06PeQCivuN4OMkql8MBthZd750.2QS0wU-1640280695-0-AUog8GyTxpZi0SJ4vw8WZxGGir0vGbpMr+7K4tGdgCK7oyPfG5p+iqmdyk/8rLEFZ5nIoDT3aA8S5IhaTGSrX4o=
newsyou.info/ Name: vcO1B2L3-1
Value: %7B%220%22%3A1%2C%22*%22%3A1%7D
newsyou.info/ Name: lapuid
Value: f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
newsyou.info/ Name: session_id
Value: 441fcb44-fe27-4565-a9c8-27dbdfd66af2
newsyou.info/ Name: session_pageview
Value: 1640280696.1
newsyou.info/ Name: site_visited
Value: 1640367096.1
ppvesdfiojol.com/ Name: current_server_session_id
Value: 0a790210dbf5e6670feaa992fb91b734322e142dvvv465721816
ppvesdfiojol.com/ Name: visit
Value: 1
a4p.adpartner.pro/ Name: newsyou.info_ref
Value:
.yadro.ru/ Name: FTID
Value: 1XnB9u3YQE8E1XnB9u0006V4
.utarget.ru/ Name: uuid
Value: "BB8oewcplOO02gtUh+OxnLVYYsqn3ch+XZy87o8+dHA="
a4p.adpartner.pro/ Name: apuid
Value: f0c93e8d-f6a1-4a3d-8293-5e14bf0819c0
a4p.adpartner.pro/ Name: apudmg
Value: 1
.newsyou.info/ Name: surfer_uuid
Value: f8551d44-af5c-419c-a883-145ff548bccb
.newsyou.info/ Name: la_page_depth
Value: %7B%22last%22%3A%22https%3A%2F%2Fnewsyou.info%2FYAK-POTRIBNO-XARCHUVATISYA-SHHOB-PIDTRIMUVATI-GOSTRIJ-ZIR%22%2C%22depth%22%3A1%7D
.newsyou.info/ Name: page_load_uuid
Value: 90ccfcce-8072-4ddb-ba1a-42774b7b16e4
newsyou.info/ Name: cbtYmTName
Value: 3Kf+tbj+5v7v7Ovqub2/7L3t7e7p6+/o/qF4
.yadro.ru/ Name: VID
Value: 3B7N7L2rPv8E1XnB9u000Oi0
.newsyou.info/ Name: _ga
Value: GA1.2.307658117.1640280696
.newsyou.info/ Name: _gid
Value: GA1.2.763616890.1640280696
.newsyou.info/ Name: _gat
Value: 1
.newsyou.info/ Name: _ym_uid
Value: 1640280696382176813
.newsyou.info/ Name: _ym_d
Value: 1640280696
loadercdn.net/ Name: vui
Value: 0224e3c79a7a4c71ae288dc925dc8c8f
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2533225045fake
prodmp.ru/ Name: rai
Value: f2633dae6172330321037dac7875127e
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3617776627fake
.newsyou.info/ Name: u_count
Value: %5B0%2C0%5D
.newsyou.info/ Name: _ym_isad
Value: 2
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWHEsnhOBQUZY3zSAi5YHN+VBFKIgyGqFbV2VUddSzCj
.uuidksinc.net/ Name: jcsuuid
Value: qOyhT2fVcsgWDPZv0FPv
.eskimi.com/ Name: __eConsent
Value: 1
.acint.net/ Name: cSyncDp14v3
Value: 1640280696
.newsyou.info/ Name: chash
Value: A6VIhfjWW3
.newsyou.info/ Name: __gads
Value: ID=d411357b4686f5eb-221fbe950ecd0034:T=1640280696:RT=1640280696:S=ALNI_Mbep9dhzPGbHfQBVx3Xd4Bgj8wSBw
m.mixadvert.com/ Name: bbe9d2b8d3bf7196f7022550a40d6e22
Value: 438579%2C438575%2C438578
m.mixadvert.com/ Name: f3a826c60b78eb15a6c7bbaea354d6d9
Value: 1
.gnezdo.ru/ Name: weborama_cm
Value: 1
.gnezdo.ru/ Name: uid
Value: uZQlT2HEsngC1UOQ104QAg==
.yandex.com/ Name: yandexuid
Value: 8613435051640280696
.yandex.com/ Name: yuidss
Value: 8613435051640280696
mc.yandex.com/ Name: yabs-sid
Value: 603967121640280696
.yandex.com/ Name: i
Value: di/L0vnRdJ1tpD5/gWCx3Sa5hFcgitIzxX1QlNg/+YCFLK3KXfyRSdmYHFucWcCTPLAumQNm3gJbm46es42WztpDmqQ=
.yandex.com/ Name: ymex
Value: 1671816696.yrts.1640280696#1671816696.yrtsi.1640280696
.mgid.com/ Name: muidn
Value: lbnAVg2UX0v9
.adhigh.net/ Name: gi_u
Value: uLjiADnNyzCz.AikABlF96Fkn_A
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWHEsnin6AAZGq6XAqgRf6NjU25HgNz6sqeTRgOIEa16
a4p.adpartner.pro/ Name: buyeruid_64
Value: aa390072-4c5c-480d-587a-edb59abb70cb
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F78B2C4611905054E02D27C63
a4p.adpartner.pro/ Name: buyeruid_63
Value: 8b9d8c25-98ff-4f47-4443-17b921d04456
dmpprof.com/ Name: uid
Value: 1471d21b-0a5a-4ecc-9f12-7b1b807763c8
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: 566daa8b-92fe-5365-8e78-6b22efbcd95b
m.mixadvert.com/ Name: abe2a10ca0401e1fbbe0ab03b54f646c
Value: 438575%2C438578%2C438579
m.mixadvert.com/ Name: 8c7239b3698670cc11540a0d8f9b4062
Value: 1
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F78B2C4611905054E02D27C63
.admixer.net/ Name: am-uid
Value: 640f6b8d7ec5469880fb3cfe80dee7e9
.betweendigital.com/ Name: ut
Value: YcSyeQAB_7iwqMcgwk7RmIi629eVNeLWEfrDLA==
a4p.adpartner.pro/ Name: buyeruid_47
Value: 566daa8b-92fe-5365-8e78-6b22efbcd95b
a4p.adpartner.pro/ Name: buyeruid_57
Value: 566daa8b-92fe-5365-8e78-6b22efbcd95b
dmpprof.com/ Name: enrich_data_v2_5
Value: 1640280697
.aidata.io/ Name: __upin
Value: TE5J2gxPZTtRaRqnVgstTQ
.aidata.io/ Name: __upints
Value: 1640280697
dprof.site/ Name: uid
Value: 1471d21b-0a5a-4ecc-9f12-7b1b807763c8
m.mixadvert.com/ Name: b4a77e2a3b454a4cb60df5484afb5c18
Value: 438575%2C438578%2C438579
m.mixadvert.com/ Name: b35a58b0d6e970945283857b262c4a32
Value: 1
.mathtag.com/ Name: uuid
Value: da8061c4-b279-4901-9aab-abaeda0048bc
.doubleclick.net/ Name: IDE
Value: AHWqTUm8e3mdX7-tUg0wDJzhHRnRFoKtXFeqrVPpEaCvQq2Bpn9Gey07k4LzDvgPf-E
.quantserve.com/ Name: d
Value: ED4BCQGDJYEA
.quantserve.com/ Name: mc
Value: 61c4b27a-1fb82-db9a0-7c8b6
.casalemedia.com/ Name: CMPS
Value: 3273
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMST
Value: YcSyemHEsnoA
.medialead.de/ Name: trscj
Value: MTY0MDI4MDY5OHxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRrd056VTFNakF3TVRjM01qSTJNVEF3T1RVeE16a3pNREV4T0RFM01ERTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.awin1.com/ Name: awpv14098
Value: 296283|1640280698|2ef8fb11-6416-11ec-9ff3-2231056962d9
.casalemedia.com/ Name: CMID
Value: YcSyei96agj5s.i7arVAIQAA
.casalemedia.com/ Name: CMPRO
Value: 1149
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C3CD49E8-ECED-4A4D-9884-5737D9F1BD16
.innovid.com/ Name: uuid
Value: 10a42da3-e83c-4105-88d0-5859d18b78ad-20211223 12:31:38
.doubleclick.net/ Name: DSID
Value: NO_DATA
pb.media01.eu/ Name: ASP.NET_SessionId
Value: ex0sejbhhoiga2rh1h4grd1y
pb.media01.eu/ Name: DTU
Value: 86336F4FE5A83A7F3B45415F5E071CBB
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.adriver.ru/ Name: cid
Value: AodNQiYZ1FGyBnT0FvqDYtg
.hit.gemius.pl/ Name: Gtest
Value: KlxdWRMGQMGGrlDOIKMYm3sissGMXP8cXRbG
.agkn.com/ Name: ab
Value: 0001%3Aie69XW%2BCgVRgcH0vNnamRVmLDu5JfFhE
.agkn.com/ Name: u
Value: C|0CEApV276KVdu-gAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20211223
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
servicer.mgid.com/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
newsyou.info/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1122348%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698591%7D%2C%22C1024868%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698593%7D%2C%22C1146775%22%3A%7B%22page%22%3A1%2C%22time%22%3A1640280698596%7D%7D
.addthis.com/ Name: na_id
Value: 2021122317313800094131821206
.addthis.com/ Name: uid
Value: 61c4b27a3b4070d0
.addthis.com/ Name: ouid
Value: 61c4b27a0001855c500131f29086fbd0495f5b2b66587c62e40b
.awin1.com/ Name: awpv10679
Value: 412871|1640280698|2f42fc60-6416-11ec-a9fe-2263e4039ea6
.lead-alliance.net/ Name: ppv1225
Value: 2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth
www.lead-alliance.net/ Name: PHPSESSID
Value: lm5p0ck2sphrsm61uvrqapg2d5
.lead-alliance.net/ Name: ppv1226
Value: 2021122318313860669266655X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuid9sv_Ka9v9igDFFnI1kYKmrTX93lAQvguasuid__suite_Netmix_Reach43_TopRotaMonth
.awin1.com/ Name: awpv11938
Value: 412871|1640280698|2f55c111-6416-11ec-a9fe-2263e4039ea6
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY3MDAwMDAwMDA2MTY0MDI4MDY5OHZsZWExZGUyMDIxMTIyMzE4MzEzODYwNjY5MjY2NjUxWDExNzY5OVYxMjI2MTMyNzAyTVNvbmVpZGo2cUNFZmJHY2V6SnNZSEVIMnQ2dFJSR2NLVHpUQWpTOW9uZWlkX19hc3VpZFZBVTRLckFDNWRUX0JoTVJhcU00TlBtelA0X1lBajdKYXN1aWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzY5OQ
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTY4MDAwMDAwMDA2MTY0MDI4MDY5OHZsZWExZGUyMDIxMTIyMzE4MzEzODYwNjY5MjY2NjQ3WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZFBKNEhCZkViYWJLMlFmOUhqSGJ0TXRQUGdTWlQ5VGtHQ3BvbmVpZF9fYXN1aWQ5c3ZfS2E5djlpZ0RGRm5JMWtZS21yVFg5M2xBUXZndWFzdWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g0M19Ub3BSb3RhTW9udGgxMTM3NTI
.bidswitch.net/ Name: c
Value: 1640280698
.bidswitch.net/ Name: tuuid_lu
Value: 1640280698
.bidswitch.net/ Name: tuuid
Value: b339fbb3-0af1-416f-977e-9f720d141153
.creativecdn.com/ Name: u
Value: TnX1MQTCZlRAhIKK3UKE
.creativecdn.com/ Name: ts
Value: 1640280698
.e-volution.ai/ Name: v_usr
Value: ef3e9db5-4030-4a7e-bed4-8773ccf0b373
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1640280698_2f55c111-6416-11ec-a9fe-2263e4039ea6%22%2C%22sp%22%3A%22awin%22%7D
.zeotap.com/ Name: zc
Value: 5c8b03fd-bbdc-4d0d-7780-7f415ce73ae6
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117699_-HTLP&utm_term=AFF_la_117699_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2021122318313860669266651X117699V1226132702MSoneidj6qCEfbGcezJsYHEH2t6tRRGcKTzTAjS9oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=117699&ratenzahlung=24
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021122318313860669266649X113752V1225131106MSoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__asuidVAU4KrAC5dT_BhMRaqM4NPmzP4_YAj7Jasuid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.360yield.com/ Name: tuuid
Value: d3093044-ea9f-4fa5-83f3-d54088a7cc00
.360yield.com/ Name: tuuid_lu
Value: 1640280698
.adsrvr.org/ Name: TDID
Value: fbbc6de0-065b-4d9f-ac1b-96d342c134ca
.idealmedia.io/ Name: muidn
Value: lbnAVg2UX0v9
.lentainform.com/ Name: muidn
Value: lbnAVg2UX0v9
.smartadserver.com/ Name: pid
Value: 110634389261605868
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjUvvbqmZGjOhAFOAE.
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7928755818476390351
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-e1f92a30-f90d-48d5-aece-32aca1fecbfa-003%22%7D
.mfadsrvr.com/ Name: tuuid
Value: 2fc83076-304b-49fd-ab6d-2b05a7278350
.mfadsrvr.com/ Name: c
Value: 1640280699
.mfadsrvr.com/ Name: tuuid_lu
Value: 1640280699
.mfadsrvr.com/ Name: ssh
Value: !mgid,1640280699
.adtelligent.com/ Name: vmuid
Value: 8e86856fdf87d32b
cm.mgid.com/ Name: mg_sync
Value: {"287839":1640280699,"433145":1640280699,"617666":1640280699}

6 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9496.xUMg2T_QuwobfxP2FId4zvGReO_akWPsV0kA65MgxguciGrwduobLpieKGGvKLQI3FGspm5KEp1WkhgQVH-DIA%2C%2C.HGDofkV1VVCqIBgyXRHJLVbmbSU%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKvT69bcQwH48sWvhHGxDvfRYDc17_iF5FD1n5nRcpn6b3ccK5PJpEgl3Qk5JV2zMLdn0hXbS4pgl_3an8OliViTd79aK_RZFPLVJDZ1rFHaiyMeg92Eb3YAeM52ORZ6qPMjkXgqTWXPbJdko-TZR4&google_gid=CAESEAEZcV2wgonujxEzGM8w_mo&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIwAABFYAAAAB&google_gid=CAESEPr5KxEAKBclM5A4MCID6E0&google_cver=1&google_push=AYg5qPLtrdeI5lOE8AI0Ut4p5v0i95p1uGsSDAmJZszIsYgEMTuNYiqORStpta1EIaqO948sS8WOIYzxtUc6LebXT9Pus9-sXLMPQre27T481jobQSG2wmucF8FhMg1vq8uo8w4cucRww1UwbJeaRkHytwQ
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_gid=CAESEMyAc0mQjk6z_wV4VXZUV5s&google_cver=1&google_push=AYg5qPLCjGxj3g1GtGwHexaxs9EeAFm5HQaTfhKphtBttJ84D2fegP8IT47cJYs1l1idcoDYiP_lNGR_r_BlWa8AwVudOvXiXCaEQoUqZ40wwBBIvtnlehqRFOaKmXlRADA981nswHk9sVXngVlknmB8
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPLeH1HN208akshk09scEXAOdSpvEXYKMyDsy620IU9Leph-1hSq1xkOThGSkXRZoanVfwKz-5vs2pVczuP1wW2GgOVGuSNfBsy3Irg8Gwpjh5z6A043G4J8Nt9jQXnm4Dm_nrL40PQhe6u4Uq4Bw1U&google_cver=1&google_gid=CAESEDQFbr0a18CdYHmanKxVO64
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YcSyei96agj5s-i7arVAIQAABH0AAAIB&google_push=AYg5qPKw9Hi7yfxr0QGPRtcJ-QT3MTWtMk5ixiGTuKiCkrCVSIe2y0YtRIwJPEHmCj98mYDv65pk3NLgN0QXXom7HoSdPuRU04D3oI-PgabyvqhdbjtjJd33nxGmmGpXgJGuXfVdSHZ2HZ7pVgqOhTnQNBM&google_cver=1&google_gid=CAESEJOyGTESCfqY0lOCscbEeX4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a4p.adpartner.pro
acint.net
ad-server.eu
ad.360yield.com
ad.adriver.ru
ad.doubleclick.net
ad4m.at
ads.betweendigital.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c.mgid.com
c1.adform.net
calculator.codes
cat.fr.eu.criteo.com
cat.nl.eu.criteo.com
cdn.mgid.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cms.quantserve.com
connect.facebook.net
counter.yadro.ru
creativecdn.com
csm.eu.criteo.net
d.agkn.com
data.24smi.net
dm.hybrid.ai
dmpprof.com
dprof.site
dsp-trk.eskimi.com
e.dlx.addthis.com
eus.rubiconproject.com
exchange.buzzoola.com
fcgi4.gnezdo.ru
fcgi5.gnezdo.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
guepslka.com
hal9000.redintelligence.net
hal900018.redintelligence.net
i.cdnkimg.com
i.i.ua
i.mixadvert.com
image6.pubmatic.com
img.servestatic.net
inv-nets.admixer.net
jsc.mgid.com
jsn.24smi.net
loadercdn.net
m.mixadvert.com
m.trafmag.com
match.adsrvr.org
match.new-programmatic.com
mc.yandex.com
mc.yandex.ru
mixadvert.com
mwzeom.zeotap.com
news.2xclick.ru
news.gnezdo.ru
newsyou.info
ocmurc.com
odr.mookie1.com
openfpcdn.io
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.media01.eu
pix.eu.criteo.net
pixel-us-west.rubiconproject.com
pixel.everesttech.net
pixel.mathtag.com
pixel.rubiconproject.com
portal.blau.de
portal.o2online.de
ppvesdfiojol.com
prod-rtb.ad4mat.net
prodmp.ru
pv.medialead.de
px.adhigh.net
pxksnymto.ru
r.i.ua
recreativ.ru
rtb-usw.mfadsrvr.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s-img.mgid.com
s.adtelligent.com
s.uuidksinc.net
s.zmctrack.net
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync.smartadserver.com
ssp-rtb.sape.ru
static-de.ad4mat.net
static.criteo.net
sync.1rx.io
sync.adtelligent.com
sync.e-volution.ai
sync.targeting.unrulymedia.com
t.trafmag.com
tags.mathtag.com
telegram.im
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
usermatch.targeting.unrulymedia.com
utarget.ru
vcmjf535tx.ru
www.acint.net
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
x01.aidata.io
zn3.2xclick.ru
cm.g.doubleclick.net
104.111.215.191
104.111.239.217
104.16.199.73
104.19.132.78
104.19.136.78
104.19.217.61
109.206.161.21
136.243.84.74
142.250.184.194
142.250.185.130
142.250.185.134
143.204.98.117
143.204.98.82
144.76.91.199
145.239.108.234
145.239.193.130
146.0.227.110
147.135.189.55
148.251.139.77
15.197.193.217
157.90.6.171
165.22.198.175
178.250.0.139
178.250.0.160
178.250.2.148
178.250.2.150
18.196.159.27
18.197.42.49
185.148.37.26
185.148.37.79
185.184.8.65
185.187.81.40
185.248.101.21
185.29.132.242
185.86.138.131
193.106.93.124
193.200.65.18
193.200.65.5
193.200.65.6
193.232.150.148
195.201.243.72
195.209.108.35
198.47.127.19
2.18.233.201
213.19.147.45
217.65.2.150
217.67.179.205
23.37.42.132
23.79.143.124
2600:1901:0:76b9::
2606:4700:10::6816:1857
2606:4700:10::6816:284a
2606:4700:20::681a:134
2606:4700:20::681a:ad1
2606:4700:20::ac43:444e
2606:4700::6810:135e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d01c:1d8:8102:c759:eaa3:7bf2:5466
2a0c:5c81:5139::2
31.220.27.134
34.120.139.69
34.242.207.34
34.98.67.61
35.212.212.222
35.227.252.103
37.157.4.28
37.18.16.23
37.48.86.87
45.133.44.37
46.236.13.147
46.4.114.109
46.4.62.19
51.77.59.234
52.208.97.166
54.171.63.239
54.76.176.197
62.149.0.72
62.76.25.28
69.173.144.138
69.173.144.139
77.123.132.42
78.46.23.46
78.46.85.162
79.137.69.91
79.171.117.17
8.39.36.142
80.211.42.243
82.113.101.132
82.113.101.236
84.200.5.215
85.192.12.169
85.192.12.173
88.198.250.30
88.198.31.232
88.212.201.216
89.108.119.43
91.198.36.16
91.198.36.78
93.95.100.117
93.95.102.105
94.23.153.171
96.46.186.57
00178a586698a7fa20ba1a9abafe8f49e60f12be51cf5a1f9c5abf96ca9535b7
00c2021bdac59d8348ce96f8eda3d24c9d1d99d6c60f63e020c6567e39078d11
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01d738b974f2a2c1ff954758467bc25edd7ff64c6f95cf6cb4ffed6e5296dc29
01eedf9ad2fa092f748cb184504064ca0eba07bcc5575fc44ed4db8569d90e00
01fc60c1d200f53aee72e8063192aaa53443dcdd7fc6d77038dbbcad76b5989e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02e97aa5d61f6c3d342c08a989ff73b8835cdd1d43909f6adc5e243719d4bf90
02f65192f241aaeebce5b89626d1c20d90739ece6e1871bbfbfa5a891a513e3e
03f2a36140bb0fcd71f5997bef76bcfc187184b0efbd7cfc40dc1143563fb865
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
04de6d3800623a10b27786f05fd52d28ed521db09395d5585a255c93ffd764f2
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
05b45e6141df88569b4606ad0d0d5f8f39e09780c05e6beb2127cb7b8a3a7404
0667c9b68ef073ed98e3e67e7826cb617f7f04d6d253193afda8a8729e63ea3f
06f30235522cd456e8b6d72ee66ae4897d07afdf3df24cf30121714a793e2157
0769a620ccba5a6119e7c4ac2c741513c0e5c20d1c13001caca6d838be89c8d1
0826d1f79d9d4fd9070ae2669931dc22730ef26dad2c0ee4576cee2a4eb8b6bc
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
0888f8614dd827641fe96234587c678d2b3371743435fb3bef6ad6a30d9f3b43
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
08a46c0a0b392a521ad67669083ded196d73ded54e4517c513802c228818d893
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a4ee12a6285a20bd09b9b9f2c7970f73b5252f6fccf555abdd44528daa9d211
0ad9efa7148c3b033e0430aa47c0d7279c5fb9ae699f34cc794b361bc96171cd
0b033515b1023d80f80ee227136cf5509f6e5b66bb39450ddafa1d1bb5b2acab
0b0de6e3a6587d6c3ac6785b637766ca026aa60e8d805320c223ea7b152bf4de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca14c8ad6edb3491f5668aab51b1b6e98da550d79ea028f4438530db273ec71
0d8d71bdcae968558d46992970999923a5644067497dc156f3f888f517a58b9e
0e25da266ac457e770890e00d1ecce6870163f17fd907cd10cbae7953cb1b31d
0e40f3c11b4f7c11da658a2617a75dee43a32e250c1bf3a0cd93af1791f186bb
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edd22cd3a69f4fd314a19249eeff84e8877cf0f045dff7bd5fb4c8672acf2bc
0f48df046030dbf9a35dd57b4d1ca0a4d5d7b34656b12d1376ba4a37a15a2335
1161d45a13f6665b1d1fb6333fb2abe46ae498dbc7978be79629126ecdc8ccb9
11829caf5041f8e4a207528dfe2af126d600de8de41413551cd915bf9c8855e2
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
138bec58cfd65720c14272d5aed343b949207725edd5f676bdcd9bb092c963f0
142df9e0618edd64600d047f04a0af0a1ee3a6885586498b9f6075311072d180
152cc158dcaf09453a0a54b74fa60e3c8b9580a44ebc42a1e7c9241487666cf3
15f3c556ad662edbd583450f4ee20aac3183c2a09ba9a04aba83287ec2c3d81d
1674c8deb93d47e19efdc5571ab9fe78e35ef63f0acfbed9b35d5086a9562100
16e04bdf6c116d4ad9220245c02b90483beaee2275b489e27d687f3b519d382e
16e193e01b3ae667484d6b11a440a75395094ae65e221a43be8d24754b5cac2e
1745d0810327aa0f02e2605db1324dea2e9f0cfa602a6388731d37ca93b597b4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1846fe1b78eed3ddffa826be951eb9d544aa9052ccfb60b4aa02330bc0e40590
18ac5353d0a99aa4c2a45f60300967bf39d8bd6b4380d04d04de45d324633a02
1940b7ca414417d344c0a3f22e2cb27873b399224c321d4bb3c38862e543a1db
198e5d683a385c39d16d460f64f7744ed7c61db8650eddaeefbb776663a904a5
1b86d8c739c9f3e1ecfde56ea85f699ebeb53a6d576523828150c147bb11f54e
1be560913b89a17400dd33cc2f45681a8da000c18284a4e22c695f706fb17016
1bf878b0ddeece5904d30fa5a2474bcb3e6b61cde4595a072587c0a9828ee224
1c3a8aaa4b0a051f9ca1f0aef8c9e2cbb22a38d1ccfb0792df67519df883352c
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1e98a3ede349fecfd14a4b6cefad84f9b31076e53f30fb2bbb63adcd54f0f64f
1ec53179a71bb19d3bdec146371021485e5a26ea598ad52816bbc4a9bb5afb27
1ed1d1cb8623bf3167e5cbb2b7c30b8d26f243976ee9f6788d34a4e4b2de3d83
1ef04a1c93a13a14f95aca49fc23b395cf2d098d94f282b413c601b48ac08da1
22364d9de6d3a227b12361aace79a5dd19368d1a7502acd0ce2d26b967817649
23375fd2e0c63e3d79d1e26c31e908a63310221ff8c10e5b7bafb71ae478f555
23c457922f48e6e7385c0f6752ef457269b4e82fe464e643c68c295679ed858a
249b119942b681f6d95fcc5c35f7de2c99900c09550b25305bb3c394130dabd2
25518d2c841e59dec58e64b57333fbd2640ace7042fe584dc19649690e14272f
2583cf8eb97f939efc9061496ceef4087cef7e486b196ef00807dabc1dea6833
260152ce49fdbda7b0f1e2f69d61ce39ba49de9a161971192cdf63af15207dbf
27643e651751bd6c2cbe1350d6336dd8cc807049b14bdecd4620d7e1afd010ad
2792408224dde6373f1778228a05505a2a36913137c920af418594c08133fd0a
28c3b24f87d5f92b9674f8f01f11fb31a3e68538ea483ac9812986bb8b8d9294
28d4bd1f035e957aaa00531c44df5cf7b802ae9235261ed370510fdd1743a52b
29d1a4d4ff04f4985edac2ff2f76c900d7dd6727fbb9e2f4b8256c2f47d41c77
2a7fdae0b80ae21d9affa1106cd1016597efedc5f7b7f769933886b7395f590d
2b2253cfc50b551deee4c786f70806aec3acaff3551ff2c5d9e7f1960571c367
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2dd4c3f695945454f2c089203615d6577c3091b06b6fd56af76b787bf9adad53
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30c8e94dcf064f8923a53124378f80ce3944cbcf38c2644109745f5fa87d5876
3117ef8de99c385baec23e1ff509a1cbdb1efec22548af8218108e58a9669216
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
321456ef8ddd049980ddcee8a96bc9892d8d17e8e0eee70221b1f756f09f000b
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33d33233fa304cba9ad1dac86ba996e277c70ccc98ba40bc8108870947581357
34be68137ad4c75b3f32e4d6040059dada44a964d396adb8adb1ed378c7e3b6e
3504a8a26e685ad04cd1fe2574629e035f290b23777f893eae5967a4367361ab
368f12a10a00c1967ab63087a3bc15beb8115628542bc5491a1574edbbaf02f6
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
39f80ca9e2657a13a8bbc594841621bd75cb9db1b4b323435183ff5f4d4b3995
3a2eec023adc8c05274eed54b4443f2a95502bba843fe0685313d992785f7c6e
3e724d102e9bdc7dfaddd395c778e2e16c041aac0be0e5694811d0ad0e376c61
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4db2e6c27e9a8a54e3a1d233f47265a21634f8021c4f750578e5af7f2c590
3f059a896f19075cf9d64d8fa50267ecdd05ee9a2542e4b14045d9304b559a84
3fb03c5889929639808be7ec57fdcac0a13e2bc5de31ac48723aeca4c2ff246e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ce033c8ee824b2a4e435541df84a0d95075fafa382deb7a91c02f9e15bbe1d
417fd63c23a7c6e249b54002e965c6d3eda19e06b84a4ae80e226021ed2ac9a6
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42c05f1fdf2d5924dfee70fdb0f3cbf936d340a1bfa51321708662480e213ac2
42f1001a0d21e42b0a40b9ff231b0ba95c48b4fd2fa21d3e4f1aba15e202b018
4326e73edd0976498d9a48d9aa6dec1aa2a9e65c0791d644c9a441e2e120a6c5
43f5baed8d80092fa79bd7816ff6cbad5400f88284279fb6e1b4a726f2ce7a37
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444a7c9634c632f0c82c785f247608abc7a46b73d1524fe9cafcff1651995a55
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4734ffbfd451d92135f5e04a89dcdffa7954a5a22deaba07a7fe1ade9d5519b1
4753f90bdfdad30a348172526d878688da5f17f2798d68349c1e361114ce8378
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
48de2e96c59ade9a6909479fa8c3348cc639b2ec4137bede0dd555445bc7c8e7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4960d1197a326ebcd1c3f9851a3e65773a4e2307a2234f6cbf7d31ea9207975d
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
501f96e96a44f615cbfccd552666bb53fe89744d6b603d4edc5ed37b9c14ff6d
506832cd024e2c68070ec94bb5d99c7b0ccea49979b2803aeda7c6839d0ef8cb
50787a7684b4c3b017af0d1f754e97969bdd6cf20bf2d59e81d614dccc916c84
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55306872269e2f1b8b7df1b131017007577c4b4ae361f9c1e3cc0118e0e29b1e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
578b130d8727e233ece4772e7fd7680c22d200c00c76135d141a9ce2327f9126
584cef30c8b0276d0fa2b0a7999ca5eb2de381f83546601106665e47d538f23c
5b185dd40d4ba895e3f8afae356188fdc6d199d58c0b8488c78017e1ab678807
5b5dc1a57876e8fa20398561ac1a1683f14c14f2525d94b420d6ba41f7315d37
5b6f15d8bb5d9ca1fd24083687af8e69ec015ed2b185e6add7a18d14b4e488ad
5cd40fe604b58b6d0f2fd44e5fcc9423a943051aedfc3d44aeac6612dd7e2050
5ee2230a08e1f4741585089b80189c6559abdeb5510f2608ff2328b08bc71409
5eeb1f179dc98d64075f89409bed840ea63bd930be6fdeabea137046d092011a
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
60761959bfa05664c5be83eff421095dd973b4be4b9c48a01324d4e0462af2ba
607a8968e01d948c65077c563dc2c41f1cdd1222f25bab9506f004d66cbbf621
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c9183ace7ffb179b0dcfe1b88a807e6bc9a649eb6dd0936b7ba94528524929
6332eb2954c176560c97fd7d5c37283e164b549a0fcdedb7bb8faa91861f09a5
640326025d71b72e26143c8c6a675e93fe1f91e30546465dd0a66ec79a9423fb
66982085058f8b21a98a875e4a31b5bfb2ec56505ecaf3a05ac94480d867a896
674329bbf96e86caeebb8a3016f9d55089c6d1041d3d500d8e3820f92c936d96
6804acce8caf4034e76ca17282755c64641e3d54ae4c7f6218d059d076cb9e22
683261ccc2dc1324cba36445048baf8d8efb176c5281838cc87c5c16eb6e234a
69e7791a1772852a0d705ef8dd343046b2fcc2c67254dc74b99b417f43f8a527
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c4e43a1f2dcea35e21e08824c5af4f80597b562dc2f2df616aa359324b0b6b9
6eb1d97374d7d109c419a5b5d30eb49e6e57095ceea9e60945301a0d359b32cf
703ae0e521c11132782ffb1655a7a825bd4c9ab260e69163b9b1dc84db2ca07d
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
71de106760511fff2fb22aa4ddb430b7874a0b09603e83dbedcfc6d39988aea7
71e89e86e86c82fe4a43d29e5c5bb6ad29e857992ee1720a41db7146ec11621e
728f9e0f31df9c092fda709c1d4e403f7207235085ef2e1bc9cfe650cdded303
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
72eb47be0de224add691e0ad18bf8ff3decae4be687d16893ae7bf2be0759fed
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
75371a5df05386d219525a5b55175a24aa87cdc62e8fe41fd6e7f2079f3574f9
75aa3921cb12c8ff1c0b5b813294bbbafe8db812227ade6e840940f6e916d0d1
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
77e2c2dab1887094a00c3a8adab90f3e9eb971b0f4bd13e84ec64dad6596c52f
786fee4f218168667336172b2193b3cb92dbfb87954c308883b7d1f61f859eee
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7aa01b65ddab63af081b179c28164c663a40e042b2ba1fed2644ee6f9d2a211d
7b67fc13bf4d8f7458ffc48cdd38c49c5bd36794916c70e77c5346ec79c39235
7bea74a8949fb8732fcd7fa98dc7f441dde603024aa79ddd781521c85dd33b93
7d237dfa717c464d0b2ef3a320881cc92303e925b06feaa9d8a16c7c46379f3b
7d398fc0e57ee1ae5c4728c807bf7ce0979c8d84347ba94716dc046c53384bc7
7d7dea60fa923ab7d7120f0c2e05888e781939006d0777b63ef9148ebdd623f2
7da902cfb1e6ce6cd76b1bfa86ff3b3c57c6687a1dd302aa6aaf195cf8b981be
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
7e436efe4ae1cd0ebb3e5fef30ea54de8151e1dfabd9cdc0abe1b87e7b216183
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84d565061e82749bb38cc4a7c70297d3bf134a3074aff197428cb143ba75cacd
8542ad7a156049afa2ff7426ae30fd28900c16e497edcf6ba59752d28b67857b
85aabae75d5f15afaf76346e3a0801215c6653dbb2c7c25c61920c8e63bffba1
86b709f6ea9aef813433566286a6d23b38956e01e2a73c1b9d822c951ab369ff
86c269f58ff013e4c961ae50583e44adfd794f0d415030a549cf2f92db0295b3
8773f887e6d0472f166df5c8d38f43a81ac55d5174ebdd9f5d9fb6e53961fa8e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
887141ac69ccb8ecfaddb08bf1a9c90e7e29b95e6e922517d3e0361c9cec48da
8981cabff4fda433a470ade513ba3bf91b98c71337bcb688e2d41b652a1fde96
89b2c7dbf2b7056cfbdbd537c73a18e4a7d47c044363716af4e5278f7afe70cb
8a19d5065354bc8a69d35fae71d9f5712f927c27821f171872e8356f1a6e2186
8b659f72017df1d6cdc07307be915ec445d7640648eda9f055cffa10dafdc722
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8dc3b246bdd50fb0e58757d0ea57926403274d2ac4a13ed41b6271a2a8c497d9
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8dfc0ae8ecca5b8d31b22274afd2d694f14a18cdaaaeae1808c51fd6f4abe91d
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
925ad6a33586b6032bb0ff1853d0eb0e656819f037dba0f89ff0de81fd17377a
93000525c0fea6959cb8c3b43d7283b1723569e47a7022fa011499d164c7510b
93295644da9af673ecf074ce2a3962f685662b6f69c498a77a37e4708b84ce5b
93398887feeae6379c164b5421590428a861e7454218df7d47fb5166a31dbf35
934569be62b1a99127a84d97d4af0b5a5f96eebf42d6fcc82ed600f6a2b2e630
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9545c546fd648639f530eaee87fb6f57a9776c8291b692e6b4729a90a06c9583
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
96365d0efa97cf43a947425785b2bad3f7eb518f6222143d2674cbf29fe92d3a
986036fffea7b52937718badd063cc28a6da29792e6df5c0176b302008928381
995b1f176d6239b8702e840125a5ef8e71db113fbb76a62badcadd799bfa761e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af4452d17142a228ea92d8e4e2f582bb56dd738c029999be11298edacc9e7a5
9b2e4e684cdadbc294776f003aca54c0b210adabebaf526e8a8201b8846c9a45
9bbcb676d301f496bfd2d2e173d8a7b5751e5ce2959d4e6a6510d6c4faabea5b
9bf22fc586522c232312af090b15051bea9c555cd8f5b562b2e33f4f21c5def3
9d105532b10ffe64f4dd076d7dbb8784e3abfe6d1ec8fc26cfe13ec5684a408d
9d5998e5a6fffb4e580a7658811134df70019191f5bf7637fdb4f28ec04c0c22
9dd8d5b0e9c06e541748f4c93dbc079b292faf1cccde20f41d4efb55abb9fb2d
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9eec64368167047f9d996ee210b6d3bb01980aabadd30d0c9a65c6ed78bbd35e
9f6804fdd2b2633326f1170d0103ca8e09203e377584a5aeb8e1cc888a51e7cd
9fd72153ba3e8a36d7e6a93d9bd5acb61f8f1cde905b95955a10761aa7e3636d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a8aafea7c182cd50d239de71da565129cb1110563f5c87ede4f0bdd740008f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78c92f06fe42f2df4b23c869fd9b4267a6e85301db875ce027e4eb398506f0c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3b7658eb5e8da1a310d0655a996a3fa10aa92d14b37e62b2d678d3f5501e6e
aa6f4107b5a29a1b3d1e0fb085191dcd7d8bb9497ae061d1e1304abd20891f86
aab9c6dbb018701405b1fbf23f43f644ea6fa1dae7000b4813532528297eed4a
aab9e2e7c2f73090b47d4bfd4c17c79b9cfbf629e28d86a15bd79c414d7e2ec4
acea01cdea4e090821a151180072e8cbcdb209ec947aeee99cde455d8f75d1c8
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
ae07ae363826bb4478d2028eebbf5b01267fa4afa9af5aec85e00ac13c3e8736
ae7b77ab272848a503aac4a2c20710d670d1dcc8ff802d961235f5a5ea2a4cf3
afe745e46cf68d489a17d47f0ec00188dca7f8aa011aaa38558a30d4b15d4127
b04576f019aed6e765ed16042d3e64936f63cd5e6d3626ebf420ff4495ac4e44
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b6e3a1887bb29f6f38c2fa31ebf4a77c12d1f559b72aa56c9d2f4bf07a2c0
b1d8189f87b428e1e35303478ce05cf5100756c6deaf1e8517be0c2d5554c87c
b267a4cc065aca882faaa89c18de0dbf47ed477b17aa66cb4e7b0a7ec0500de8
b343350b5587c2b0d7ac9ec63f80841b16c12f6ec073fbc5ab913741ee800cf2
b3c144c4f8692cad3e391f43b282ff6cb59f2bb3f03c805f8d0c0cfba2f6dd60
b7402a8f7ed4cfb889d2a18565b719a2abacf3a3e866242ac58dca3b9cb65808
b94df74107de1e2ddb523ce14897772131bc766d1900aac242709028691ada1f
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba07a6fa7d7cc4f6b5b28a85169014124073cd45e8673785154d9710624acbc0
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bacf5d2cdcb9e75599240481a7a703be7aacb54e21cd79eca6f911e1654b546f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bcef721dafe0ef3058c2c30dfcb35fdef78b3087d0931a73e6e7f39653fcf784
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be4b685c8eb876a04a4bd3d428e9ee07af9ecae6446db4ee5a4d3ebfd1417ec3
bff6fe2953477c19b112787a90875cba98f8fc5204e4c455fa3a70f700188269
c0c23011858c549a6b44a63b806ad7d903442196065e04fba6199c97a30675b2
c1886d63d3c5161dd67737d6fcc76e041f04ef3e391515b27fa7aa876c6e2e5e
c204114b876a9686bc7ed4d2cf1c5afb633128d28d9297076c46133531cbae0d
c29fb37699996df1d4eb577635c7e9a2b159abf4e95fd99101ddd20f421f5d63
c3dd2f1505f3ffe42e220f07a858fc6bd2413d41c69adaf869ffbe85c0578bb2
c3e63ba9021b787501e42cc5d47690dd5f529ae19fe7905aaa879644ef15bfaf
c47059aea1c35a75cce187a3921d7f7da3a2947879b6b6b4fce5fb1abab844b6
c5f5cc2fc2a6af809ed007848c0a557f7f17addaeae2b27ce4f88a6530141257
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c71cfdc5d8624558e2cc670a0dfacfca40f7bafd4f1393ed067e4e381ad8e6e5
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c87d9ded7d493e779fca78d1ff9b3fdd46c42487c9a78723e71b8557c79f0b3a
c8810cc297021d92ff07fbe4c6f11734b5a16a969c1f8f5a748c2f6e0ac27b33
c890091815994db924443b1f4c5fbd0d3674a8b8bd53b8da1b7e9a014ce7ef4e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
c9af752bbb8158660879cf030c3a9ce8bdbf74c7c6bcf82ba7c7cd931474e05b
caac9197798524998a0183b70185ec49c3cc7d6daf12ef050ce628716273c23d
cb5fe3c718a90ead182cc933a4a1a7100885a77cb00d2e36a4a726fee3bb47f4
cc17d109139a33b161c661f209fc503ee7fcf8f7ebbbf3aaf535ed0ab2b8cc89
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccd0d28962618c48f75fc894dde961d87f9bf9c1a45ed23e0ffc27eabcad7bcd
ccde38a33644e69252c84d45de8c264a150f10d3b554b727c22a910788cccb6b
ccf5d949307d337ed53f7035a324ef7547a40fa1c2012f34473a9574e3143018
cd7b4556d5bd34469c523f7f1e60498ea73cc451900d96980ea585be357ccac5
cd919786e58a29bed6ae038fd3e7f514232525798fc80a3d1127a5d6c5c103f4
cdc6a672e24d84d0277383399879fb8a1d6e02cf7f1fab4fe2a31aa173ad9faf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d18621f7385067fcfd7ddf9af42da75c9026a0d74be6db9580f5fbe6bf73dbce
d413187e7fd42a10ac03e4b166868be0fc8d0f38ed81e354de3f5176a29ef990
d451478e68967318296d36228990231513bc7f5e5de8c11d825f8061a4e5e6cd
d503937452e40c21fce10346b29287ad23b221a372547f248da87ca5efb55767
d5dc3810d345b69ede6455734f4efcd13ed56b902668192e7d2004c171591a8b
d620c7a36bf1452a89dc5053f93ccb3e292a3fb5bfb20a3fdcae73e9dc7045b5
d765055b65e896dec7dc9ed63ae3e4cd789f98bae3963fe6503b6e6d58be1b5a
d7cb6b13cf0b4b97e4becd8af31127e5dc2c9a7d102e7cbac37692371e87fa37
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d8b23abb2adac5b8be1e9bd2a4ca3aadf1ac1cd9d3af882d6996acf00dbd6544
d949686f3370e098926a76db97a797b8c9705a6739118d3090473dee86ab0ef3
d98786d0d1f2ea3270d27f459db6be4a334c26b364e79f8f0d106c274aac2200
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
db1f461314ae65f94583f6c4c7953c8e8aaa4db12372c6b0a8e95d22ae170114
dbe0cf6b50ec23fd38afc516f0b26906780ec018276247a735f51a47a7aa76fb
dc41a2546e6b5e28ddf2602393ecf0337cf32b46eefecea182a5e3a08f1edaff
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1bc88c034ea2568ffd22c7ab53c3ba3360bafae214df5cf166c7aa8ba7542d6
e203e224e5db4d6614a7dab7c0e6f5b41be1b480d0c0729000b30186c9e97a9a
e27b0971cac58e67f7b1812bc9a9442a2fe9184cb3e901cfedbed8b9bbcfc9de
e28d00d99f2095e510221082276b6b83e88f4a46782b84bb7e301196adc44ca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e414b711977cbe1edbc0df054c347260bfe8c2d8007ef44fbaf01b8fef0d529a
e461f1fc8c8c579ce2cfd14d323e118b437217a5deedd3d7e59e0a9d7e944b1c
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4bb9e0506f58f5253017c1d860a7371ab1488d2c23e3002f4c230ce19fa7cf6
e75ed43041906d7a1a30057773711c90085183a5f4563f5279cfb0519a3c4ed8
e841cec87f0a6b2375ab144017db281edb81370033ac48994e9db43dffdb8230
e8bcbffbb8d6c67382224ce3dcc606693d1ffe08545805c167be22f9f0ab12fa
e8d203255691f4983941ea2017c33393fbf5eb9805af71869c1404f84ad80c5b
eb3e69b97fcd7317d12d702fe7d25c6bbc2f0dbc9eb2a9a23ffc31ba9b4d1ac2
ebe43817c43c329b2bcf2d0c367782a3085ca9afe0134f56c778be2dfc5bd4d2
ec23fa82b800082a70a0f1c0ba6d020cfc6e6f0c2c88bad68ae9be93394d5d0e
ed5a11894c21c008675badc52c7d06a2b7c37789074ea71fad33c3f449048d1e
ed79ab516c86cb0b3da37d48ebca6f7b1f0b979325cb02db26bf5208cf00dbd9
ed978d4a83c4129c5bacfae8da58a2534ca69cae2d95d7939a5d328628f5089f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054bf0870f8a7262d7c6a7c35cb1ceb67823f501c4bf19b8389849fe3cf9838
f0d0f1850320a483d6f8460bad59e89dbbae24f4197087d31321e72730da0be2
f1ac433b47758c3556f9af8da32f75332b8ab0b1b12ec8ee89279fa9ac3d3da7
f1bfb7f841d4605b7d68345c7f431fbd570e205a1889bd4169337ee3dbc5f537
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2748fdac882bab3f3e1215e9946e0bb4a1b8a1af4c9a6b124e86ceda52ec531
f3039063bdeeddc487f9a6e8f625e1a10c8a37ec37e2707a3a3835aba0fc8686
f30711901769b5fad09214da2177589c15425a1748c77d332334fd15ed7859b9
f43121e8466577816a16da77f5b7948aa5496afeac7876a6318d7e967e73cb39
f4fcea89d430967c0e79d7d860cdc150b8171e52f55b2455509535a9c7d5290a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f691f8ca77961efc68a2a3a39eb5fee440a429949574cdd5a23cef733b46ff0d
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f83ac55e664bf32f310e796669e32fc8663391ab4dce6555826273d211bb3246
f8dc66a646d00dcaa6a2204e194a8b209b9c5bbf6251b4f93b9824c62ab51317
fa02e1df9da0b157753a0ac3c6c8317b395be7419694aedab2fa22204b3c191b
fb4846f5487c54dafb9e1cbcfe53c46b1d1f5dcab4bc344c6d7d9dee43ebfe03
fc85bb3b3a2bff9d250f66df95f49ef3bd56ecac5ddc44f03fe16df1c46ebbf9
fcbc61a1473aea0abbd62eef06b8b7bf34ff9452ea74f6efcfef28a4ac587ff1
fd42eb21f950a6ebd0e3eb2b9194232ddb6e1421fab1503b03a6d16a7476aecc
fe5c82457a761c5111af9d2bfd63aaf6471fe4ae39dd83285cca6e8c23f503c7
ff2fba31cf312d105355e295fef5f3579ea90d5662299a06036f419d32872eb4
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75