hi-news.ru Open in urlscan Pro
104.26.12.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hi-news.ru/
Effective URL:
https://hi-news.ru/
Submission: On October 23 via api (October 23rd 2021, 8:33:20 am UTC) from QA — Scanned from DE

Summary HTTP 119 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 119 HTTP transactions. The main IP is 104.26.12.91, located in United States and belongs to CLOUDFLARENET, US. The main domain is hi-news.ru.
TLS certificate: Issued by R3 on September 11th 2021. Valid for: 3 months.

This is the only time hi-news.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	104.26.12.91 104.26.12.91	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
6 27	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3 7	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
16	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
20	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 8	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
14	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2 3	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
119	19

19 104.26.12.91 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hi-news.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 93.158.134.119 (Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.21 (Ascension Island) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.14 (Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	715 KB
29	doubleclick.net 6 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	130 KB
19	hi-news.ru 1 redirects hi-news.ru	148 KB
14	2mdn.net s0.2mdn.net	259 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com	7 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
6	google.com 2 redirects analytics.google.com adservice.google.com www.google.com	2 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
4	googletagservices.com www.googletagservices.com	147 KB
3	mail.ru top-fwz1.mail.ru	13 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
1	googleadservices.com partner.googleadservices.com	606 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
119	15

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	hi-news.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	hi-news.ru	1 redirects hi-news.ru static.cloudflareinsights.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	s0.2mdn.net	hi-news.ru s0.2mdn.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects hi-news.ru
4	googleads4.g.doubleclick.net	hi-news.ru
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	top-fwz1.mail.ru	hi-news.ru top-fwz1.mail.ru
2	adservice.google.com	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects hi-news.ru
2	counter.yadro.ru	1 redirects hi-news.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	hi-news.ru
1	www.googletagmanager.com	hi-news.ru
119	21

This site contains links to these domains. Also see Links.

Domain
www.data.jma.go.jp
voltbro.ru
t.me
goncharov.io
101media.ru
i10.ru

Subject Issuer	Validity	Valid
*.hi-news.ru R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://hi-news.ru/
Frame ID: BE0F4F055B08AD5A729A6CC3DF36A323
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html
Frame ID: 0A021DC86425F2DB9F2901A80D989823
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275
Frame ID: 29D2366B176C144E478A3DE69270DD20
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284
Frame ID: AC59A9A9712462095CDF5DC5D4B18FF1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302
Frame ID: C70A2CA92E6045EF3F49CBE7A5DF0E9D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312
Frame ID: 9E6873801F1FABC3F8CEF20C9C6B36A8
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&adk=1812271804&adf=3025194257&lmt=1634976853&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi-news.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993779&bpp=2&bdt=294&idt=303&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600%2C300x600&nras=1&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=313
Frame ID: A29055797A0F3E4D1F9492CB67E46F8D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A
Frame ID: CA0D24016CECCC61F2BBC2AE6E030142
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg
Frame ID: 9CE6EA84790A6FCACB7CE9B460986389
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C2B7367BC86D79FED35795FA607F0431
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/5846014/1632342222388/index.html
Frame ID: 154087F83D3D3840F678DABB20BB3A4F
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/5846014/1632342222388/index.html
Frame ID: 1C95D02F805073FD5CCC0F72076C5B6A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 132CB55B0113DFECD500318B22D7247F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 880997F0AC9492B8316E2AFE082FD048
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D18DA17FAC0F79BD272FC3081FDA9DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Frame ID: 635B4A23BA5101F21739E7105199FE27
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js
Frame ID: E126FD86A6A8494B94C181AFF496836C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 63ADA94A45F0AC19FB68E46972B0C290
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DB13412BAC372BBD86D96583C74C2C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hi-News.ru — простым языком о науке, природных явлениях и технологических достижениях

Page URL History Show full URLs

http://hi-news.ru/ HTTP 301
https://hi-news.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

119
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

19
IPs

4
Countries

1537 kB
Transfer

3279 kB
Size

29
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.data.jma.go.jp/multi/volcano/index.html?lang=en
Title: оценило

Search URL Search Domain Scan URL

URL: http://voltbro.ru/
Title: проекта Voltbro

Search URL Search Domain Scan URL

URL: https://t.me/hi_news_chat
Title: Чат с читателями Присоединяйтесь в Телеграме

Search URL Search Domain Scan URL

URL: https://goncharov.io/
Title: Миша Гончаров

Search URL Search Domain Scan URL

URL: http://101media.ru/
Title: 101 Медиа

Search URL Search Domain Scan URL

URL: https://i10.ru/
Title: i10.ru

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hi-news.ru/ HTTP 301
https://hi-news.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u0430%u0443%u043A%u0435%2C%20%u043F%u0440%u0438%u0440%u043E%u0434%u043D%u044B%u0445%20%u044F%u0432%u043B%u0435%u043D%u0438%u044F%u0445%20%u0438%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0447%u0435%u0441%u043A%u0438%u0445%20%u0434%u043E%u0441%u0442%u0438%u0436;0.38236414442062405 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u0430%u0443%u043A%u0435%2C%20%u043F%u0440%u0438%u0440%u043E%u0434%u043D%u044B%u0445%20%u044F%u0432%u043B%u0435%u043D%u0438%u044F%u0445%20%u0438%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0447%u0435%u0441%u043A%u0438%u0445%20%u0434%u043E%u0441%u0442%u0438%u0436;0.38236414442062405

Request Chain 27

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.KyjmSicx_tPKLFphqatYTo1N3UovdY9pYgEiI1cZQEK8yu1i03JQdZ1Gpmp6aSDg.6CjkLiZri6kA3MVjhCdbWn7pZGc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9435.7YRvpjNy5Vg5ehmbbbFkgaacodGSY0Zedij-9Qt4A61d98Tg410BM1jNKwHPU5ORuXic-cwSpQJ748fOV-E9aw%2C%2C.genRJlwv_T2LzKs6jVspOkTLACA%2C

Request Chain 37

https://mc.yandex.com/watch/2892676?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1367596565935%3Ahid%3A783680451%3Az%3A0%3Ai%3A202101023083313%3Aet%3A1634977994%3Ac%3A1%3Arn%3A297986838%3Arqn%3A1%3Au%3A1634977994647009972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634977993270%3Ads%3A0%2C42%2C61%2C3%2C109%2C0%2C%2C175%2C22%2C%2C%2C%2C512%3Adsn%3A0%2C42%2C61%2C4%2C109%2C0%2C%2C174%2C23%2C%2C%2C%2C512%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634977994%3At%3AHi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/2892676/1?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1367596565935%3Ahid%3A783680451%3Az%3A0%3Ai%3A202101023083313%3Aet%3A1634977994%3Ac%3A1%3Arn%3A297986838%3Arqn%3A1%3Au%3A1634977994647009972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634977993270%3Ads%3A0%2C42%2C61%2C3%2C109%2C0%2C%2C175%2C22%2C%2C%2C%2C512%3Adsn%3A0%2C42%2C61%2C4%2C109%2C0%2C%2C174%2C23%2C%2C%2C%2C512%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634977994%3At%3AHi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85&t=gdpr%2814%29ti%282%29

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1&C=1

Request Chain 45

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPIyjiIOM0HudEFm7hGIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8E6CA7Hjs-VvpShxc2pyc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH8E6CA7Hjs-VvpShxc2pyc%26google_cver%3D1

Request Chain 47

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

Request Chain 63

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPIyjiIOM0HudEFm7hGIgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfa8WcSd1L--NkFRVbMn9k&google_cver=1

Request Chain 65

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

119 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hi-news.ru/
Redirect Chain

http://hi-news.ru/
https://hi-news.ru/

71 KB
19 KB

103ms
60ms

Document
text/html

104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / W3 Total Cache/0.13.1
Resource Hash: 13c43f4a7a14cd83b55df02c237ce4647ffa3fb54663221483cd8e45f72d52f1

Request headers

:method: GET
:authority: hi-news.ru
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 23 Oct 2021 08:14:13 GMT
expires: Sat, 23 Oct 2021 09:14:13 GMT
pragma: public
cache-control: max-age=2460, public
x-powered-by: W3 Total Cache/0.13.1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QMKjBfnKF5hxGdPHiYi9itJ7%2FS38jQgu9rQ6AYdwjMHIri1tT1VLNsYrO1It73k6mbKa0iteo7%2FcsqMQovF3irUyowTuEVgi83v2xpQgfO69piZnztfvE%2FebSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a299e8c1f4bf9e2-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 23 Oct 2021 08:33:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://hi-news.ru/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKKkO180TAlQ3qPplQ%2F7cdiUnNdOx4GXjMcCdS%2FQW%2Bbd7mYUQ2fTxVyr1zS0cRx3lC15IXlGegEnuTuh%2FtHottmpzL%2FErjUZia3XFDRgGhDhx8qy%2FHahPIIBu78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6a299e8b895f4120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 mat_ant-515x285.jpeg
hi-news.ru/wp-content/uploads/2021/10/ 32 KB
32 KB 31ms
30ms Image
image/webp 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi-news.ru/wp-content/uploads/2021/10/mat_ant-515x285.jpeg
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4e6fe5a2bba3578b41867f75799ad20ab9318248ee60ea4bc1b5fb729659e7

Request headers

:path: /wp-content/uploads/2021/10/mat_ant-515x285.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46042
cf-polished: qual=85, origFmt=jpeg, origSize=34796
content-disposition: inline; filename="mat_ant-515x285.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32484
last-modified: Thu, 21 Oct 2021 13:54:18 GMT
server: cloudflare
etag: "6171710a-87ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OS%2B56BikX9J6OJ7WStooR4xn3axwklLkSLzEi%2F50Yt6o0qkaTwbxchw31iyhU0awEMhzCf6mGRb3YXbB4L1IOBWpPwJK%2FmMlmiIk5QRDXWMSbQaHz8UMrXGQwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 21 Nov 2021 19:14:54 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a299e8cafe3f9e2-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 aso_volcanoo_image_three-650x366.jpg
hi-news.ru/wp-content/uploads/2021/10/ 18 KB
18 KB 36ms
36ms Image
image/webp 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi-news.ru/wp-content/uploads/2021/10/aso_volcanoo_image_three-650x366.jpg
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c58a536449e605e0eab411523d7123cf868146534c40d7f106161146e83a6cc1

Request headers

:path: /wp-content/uploads/2021/10/aso_volcanoo_image_three-650x366.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499
cf-polished: qual=85, origFmt=jpeg, origSize=29097
content-disposition: inline; filename="aso_volcanoo_image_three-650x366.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18232
last-modified: Fri, 22 Oct 2021 20:23:10 GMT
server: cloudflare
etag: "61731dae-71a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7egoNK8QQsp%2FbV1WQPiyxAIQt73PL8wygM8CcmNwtRujiRWVtEWOwGsUNlaGdKdged2%2BB%2BdnY%2BGbGsBKbGI9b0yHBFRKANQ%2BkwwGUU3ixddAICy0cpBDRiQDll8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sun, 21 Nov 2021 20:23:11 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a299e8cafe6f9e2-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 login.svg
hi-news.ru/wp-content/themes/101media/img/ 715 B
718 B 45ms
44ms Image
image/svg+xml 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi-news.ru/wp-content/themes/101media/img/login.svg
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cf74bf535bfcf4c63700fffd55cdfa82a473655250405fa941db9ac5aacf0a

Request headers

:path: /wp-content/themes/101media/img/login.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 28 May 2019 11:28:05 GMT
server: cloudflare
age: 383604
etag: W/"5ced1b45-2cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITir4fzc6poLiEY09CCZRfcR%2BNOr2NdkINWkiUWBG5mGu5FeeCzNBO6ZPc2cIPKQ3cJT6UH8KQKyL8W551gGAfvmnSmZKDlcPt772MxtsULaJ%2BJGTY%2F%2FSEsHCag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a299e8cafedf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 search_.svg
hi-news.ru/wp-content/themes/101media/img/ 407 B
565 B 45ms
45ms Image
image/svg+xml 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi-news.ru/wp-content/themes/101media/img/search_.svg
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4ad3f0c519dc7701f2a5d01dd33e2e40519092c514fee6325fd20b1093f526

Request headers

:path: /wp-content/themes/101media/img/search_.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Aug 2020 11:38:44 GMT
server: cloudflare
age: 386069
etag: W/"5f3a6c44-197"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GF7dahmENDMKbAPfdp%2F0BJMezqse%2BcU6PalBGMRWp8O1e4lbGcmFCck5Dg%2F3IntLcyO5p%2BvvEmhWBd7jTUeTEBq5CQ3q2XwttWTZStIYqAFd4o41UfChD9fnMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a299e8cafeef9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 76ms
32ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FRMSPF0MRW

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5177f8038e6aa6e1bc4cc67e2866a785d4ef76c371b4ef938da48272589e9c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 49523
x-xss-protection: 0
expires: Sat, 23 Oct 2021 08:33:13 GMT

GET
H3 200 jquery.js Show response
hi-news.ru/wp-includes/js/jquery/ 95 KB
35 KB 43ms
43ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-polished: origSize=97184
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 13:31:29 GMT
server: cloudflare
etag: W/"5be58c31-17ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCxRZ6z3xx%2BC26Gljh3r1Q%2Bn8ErwH37RIyYcUsM8%2BqYwnN8bJstg9ovCXEOD%2FqhbHLbShI0dgQdBGxxquyswtiXG6wAgzUdoPjHE7HO3a9hdNRhotunWEohA8X4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d089b27b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 front.min.js Show response
hi-news.ru/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 27ms
26ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js?ver=1509
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 23 Jul 2019 06:51:23 GMT
server: cloudflare
etag: W/"5d36ae6b-17cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRuZtMjUwl6jjDSGMb2nhtun31tY2j6upqIxdQbVFBKx%2BHQh5bhvSJEHlYqDeztoSYozFE%2BkT2Y4%2B1oVoPQngWg%2BE7O5%2Ft%2BFzIPWMf2i4AD7pcNNGS%2F5OcNg8PM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d089f27b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 jquery-migrate.min.js Show response
hi-news.ru/wp-includes/js/jquery/ 10 KB
5 KB 27ms
26ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 09 Nov 2018 13:31:29 GMT
server: cloudflare
etag: W/"5be58c31-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKPVehmsYnamaUjqnAjyJjWacyA%2B3aE818KDrP3ivOcq2Oy4BjNhDyMUW%2B9rZf4hAco8zFGMiw8q473TBiG3sXPfKEODAZwkPC7HE8LDDZagemBKT4Qcv0InaNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08a127b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 lazysizes.min.js Show response
hi-news.ru/wp-content/themes/101media/js/ 7 KB
4 KB 25ms
24ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/lazysizes.min.js
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac4b10695e881023cd2af22d16152ef046ea3b1916c2cc8c5e39e6995a92978

Request headers

:path: /wp-content/themes/101media/js/lazysizes.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Oct 2019 15:47:54 GMT
server: cloudflare
etag: W/"5db1c7aa-1bbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=empaWa%2BVt3VzlxJhn55XGci8uo5flK7JQkY5Wpx6KafMQYufTEFokEQtqxVEWPwk1IjQS%2F2N4jPAIyZQyDecqawKN%2FR9aGrrGjWYjOW7xKUpGKKKrqK5mhSSxw0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08a527b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 com.js Show response
hi-news.ru/wp-content/themes/101media/js/ 1 KB
1 KB 60ms
58ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/com.js?ver=1565008114
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7aabcd06c7848ed5f498db0a0aa7d397a24d9fc2b39fece1d611979cb897b77

Request headers

:path: /wp-content/themes/101media/js/com.js?ver=1565008114
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-polished: origSize=1657
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 05 Aug 2019 12:28:34 GMT
server: cloudflare
etag: W/"5d4820f2-679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzRjThVn3uPtbSbNA%2F9R9CPyp1DDxLRJKjBiGyHi5Hvq5yNIZJ3vh1GKdTGbgdR%2BV0kKu647FIILRuIq3WEmopPeGUQgdDwE4UV7fVmtwcJdithQFPFsqfkourY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08a727b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 vcover.js Show response
hi-news.ru/wp-content/themes/101media/js/ 9 KB
3 KB 60ms
59ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/vcover.js?ver=1599661388
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2841f5750e49f074b3159b062d5bfa50947050037f8f96b99caff1f6f8aeaadb

Request headers

:path: /wp-content/themes/101media/js/vcover.js?ver=1599661388
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-polished: origSize=11334
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 09 Sep 2020 14:23:08 GMT
server: cloudflare
etag: W/"5f58e54c-2c46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6fc2%2BmSOyu9BBQeRPBc2AOaOhkekvYwIOIVAcDRGb6kFAjbTwUiZ3ZHIBfb%2BFFm07aVnLPTBFUPPzLh5nw%2BPXUnKVtnG3YRS5jy%2FGrKmnMg6bHkHgHrzKSxnJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08a827b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 youtube-video.js Show response
hi-news.ru/wp-content/themes/101media/js/ 1 KB
1 KB 24ms
22ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/youtube-video.js?ver=1578906918
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4268d3ecfbb7fd48a4261b47fe37a1970d2eed81843c7281580c88379a8e41dd

Request headers

:path: /wp-content/themes/101media/js/youtube-video.js?ver=1578906918
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-polished: origSize=1313
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 13 Jan 2020 09:15:18 GMT
server: cloudflare
etag: W/"5e1c3526-521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Lr1SwBBebYYcNwjftJzZLUe6K4JL2kmHNNCOqmNvbqHVmuH9C4q7yeu3STdFj21qfZc8UU7BUTWA9n26bExFq5XlF0SROizGYFq1PfcqXhM6WHn67dmRgVDy0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08a927b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 nav.js Show response
hi-news.ru/wp-content/themes/101media/js/ 8 KB
3 KB 40ms
38ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/nav.js?ver=1597664324
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06333bd28b3b3ea3c6a4ddc2f38256a830793d9692a6862733b09472e5483bfc

Request headers

:path: /wp-content/themes/101media/js/nav.js?ver=1597664324
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-polished: origSize=10451
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 17 Aug 2020 11:38:44 GMT
server: cloudflare
etag: W/"5f3a6c44-28d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKRTfJoKJAJePIu9HiSWF2BMW6sI%2BeFFvIDR76bgY9kktuzw5tRGp2IvEaewgmx8NpzHG2xIBaIGmiLxTPDdkaKacDZ3USfSdgGvYuyTC3ZMh3cV9Z9SULyswmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08aa27b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H3 200 jquery.adsenseloader.js Show response
hi-news.ru/wp-content/themes/101media/js/ 2 KB
1 KB 61ms
59ms Script
application/javascript 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/js/jquery.adsenseloader.js?ver=1.0.6
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dfb9684c99b662ecb4df0def9e07a3f61535e2ff3996c40ef53ff00d94db8ec

Request headers

:path: /wp-content/themes/101media/js/jquery.adsenseloader.js?ver=1.0.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 386069
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 16:26:24 GMT
server: cloudflare
etag: W/"5d276330-69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FtPM1N%2BdD9%2Bo95O8Uqdd0%2F9GzLCN7ePhhbM4C53WVKOV%2Fe%2B%2FekuJXU1kzsiE6%2FojNkni4lArCu5MV5EvnuASqv%2FJcW%2Bf110C4YNgwlFdzxbzhU2rkO0NV9BUGyI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-ray: 6a299e8d08ab27b8-PRG
expires: Mon, 25 Oct 2021 21:04:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 58ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

6694c4d07b11186cf40aa50f059900cff02807f5a22c84bccbdee7df936d88e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51123
x-xss-protection: 0
server: cafe
etag: 15307096310557349176
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 08:33:13 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 91ms
47ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6a299e8d4cc027b4-PRG

GET
H3 200 style.css
hi-news.ru/wp-content/themes/101media/ 510 B
885 B 58ms
58ms Stylesheet
text/css 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/style.css?1597665258
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ba48aad9be64a883bb5e2ef85c0f3514e7446b5d24722b9157d9fe310c81e82

Request headers

:path: /wp-content/themes/101media/style.css?1597665258
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 383604
cf-polished: origSize=794
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 17 Aug 2020 11:54:18 GMT
server: cloudflare
etag: W/"5f3a6fea-31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4zycHmWBhH%2BrdBRwrSl0clkus5GAWmz8uPa%2B7NQiO60fOCDAFJA7HH8bbJm7%2Bry0sHb0iJ3jvquTjZWfjFsXWk8d9BoCpftV8Ts49RSpahaVlqtfw6zpXSS8wEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6a299e8d08b427b8-PRG
expires: Mon, 25 Oct 2021 21:04:13 GMT

GET
H3 200 app.css
hi-news.ru/wp-content/themes/101media/ 88 KB
19 KB 58ms
58ms Stylesheet
text/css 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/themes/101media/app.css?1611331550
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7c9352bd8e553ba535a3797580da3e2e5871f8d292785a234db26a5b85a7e5

Request headers

:path: /wp-content/themes/101media/app.css?1611331550
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 383604
cf-polished: origSize=90353
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 22 Jan 2021 16:05:50 GMT
server: cloudflare
etag: W/"600af7de-160f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrbyWaHmr6lZrDeKYFW2MvBMRkkmbOYPqOWmnpOzPxlbhPYz9Frd4ZAH8kQUp8CfEmkx1FKYZP9f5CfPMdOU%2F1bzqBtuH19f9JjuQOhS4rRgH1GTJ4H10%2FRoScg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6a299e8d08b527b8-PRG
expires: Mon, 25 Oct 2021 21:04:12 GMT

GET
H3 200 plugin.css
hi-news.ru/wp-content/plugins/tag-sticky-post/css/ 0
609 B 69ms
68ms Stylesheet
text/css 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi-news.ru/wp-content/plugins/tag-sticky-post/css/plugin.css?1541770289
Requested by: Host: hi-news.ru
URL: https://hi-news.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/plugins/tag-sticky-post/css/plugin.css?1541770289
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 383604
cf-polished: origSize=102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
last-modified: Fri, 09 Nov 2018 13:31:29 GMT
server: cloudflare
etag: "5be58c31-66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5ALFjvFksjexmjB%2FYbVeIe8EekrPWXoNA8cK%2FY6t1NJ70F2R2AKrcdW46FYZpcWdNpuADF44cMSjHDPPC938PmMoMIEAeSemj8FSWD0Mjz%2FEeCgWFkaXDRJWvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Mon, 25 Oct 2021 21:04:12 GMT
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 6a299e8d08b727b8-PRG
cf-bgj: minify

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u0430%...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u043...

43 B
528 B

49ms
49ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u0430%u0443%u043A%u0435%2C%20%u043F%u0440%u0438%u0440%u043E%u0434%u043D%u044B%u0445%20%u044F%u0432%u043B%u0435%u043D%u0438%u044F%u0445%20%u0438%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0447%u0435%u0441%u043A%u0438%u0445%20%u0434%u043E%u0441%u0442%u0438%u0436;0.38236414442062405

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 22 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:23 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//hi-news.ru/;hHi-News.ru%20%u2014%20%u043F%u0440%u043E%u0441%u0442%u044B%u043C%20%u044F%u0437%u044B%u043A%u043E%u043C%20%u043E%20%u043D%u0430%u0443%u043A%u0435%2C%20%u043F%u0440%u0438%u0440%u043E%u0434%u043D%u044B%u0445%20%u044F%u0432%u043B%u0435%u043D%u0438%u044F%u0445%20%u0438%20%u0442%u0435%u0445%u043D%u043E%u043B%u043E%u0433%u0438%u0447%u0435%u0441%u043A%u0438%u0445%20%u0434%u043E%u0441%u0442%u0438%u0436;0.38236414442062405
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 22 Oct 2020 21:00:00 GMT

GET
H2 200 tag_jet_beta.js Show response
mc.yandex.ru/metrika/ 189 KB
64 KB 130ms
63ms Script
application/javascript 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag_jet_beta.js

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: br
last-modified: Wed, 20 Oct 2021 16:44:53 GMT
etag: "61701d55-10089"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65673
expires: Sat, 23 Oct 2021 09:33:13 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 145ms
47ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 15 Jul 2021 18:35:46 GMT
server: nginx
etag: W/"60f08002-64db"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Sat, 23 Oct 2021 09:33:13 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/ 270 KB
97 KB 55ms
40ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

62a3a5c3522634ec70946cfb765afa4e42d172fdcfd1915f8054a6743eab48f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 98892
x-xss-protection: 0
server: cafe
etag: 12506851480111335836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 08:33:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 0A02 10 KB
5 KB 29ms
6ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211020/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 22 Oct 2021 15:13:19 GMT
expires: Fri, 05 Nov 2021 15:13:19 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 62394
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 204 collect
analytics.google.com/g/ 0
314 B 36ms
14ms Ping
text/plain 142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FRMSPF0MRW&gtm=2oeak0&_p=2027055196&sr=1600x1200&_gaz=1&ul=en-us&cid=1055965363.1634977994&_s=1&dl=https%3A%2F%2Fhi-news.ru%2F&dt=Hi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85&sid=1634977993&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FRMSPF0MRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi-news.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hi-news.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
305 B 43ms
14ms Ping
text/plain 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FRMSPF0MRW&cid=1055965363.1634977994&gtm=2oeak0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FRMSPF0MRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi-news.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hi-news.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
995 B 47ms
47ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=1055180;u=https%3A//hi-news.ru/;st=1634977993660;title=Hi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=0f58c4d9856593d8;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.5//4g/0/0/;lvid=1634977993905%3A1634977993946%3A1%3A7df7ff9a37edf1be0907a228db88843d;opts=dl;visible=true;_=0.7346166290569534

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi-news.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://hi-news.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://hi-news.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://hi-news.ru
access-control-allow-headers: *

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9435.KyjmSicx_tPKLFphqatYTo1N3UovdY9pYgEiI1cZQEK8yu1i03JQdZ1Gpmp6aSDg.6CjkLiZri6kA3MVjhCdbWn7pZGc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9435.7YRvpjNy5Vg5ehmbbbFkgaacodGSY0Zedij-9Qt4A61d98Tg410BM1jNKwHPU5ORuXic-cwSpQJ748fOV-E9aw%2C%2C.genRJlwv_T2LzKs6jVspOkTLACA%2C

75 B
75 B

32ms
32ms

Image
text/html

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9435.7YRvpjNy5Vg5ehmbbbFkgaacodGSY0Zedij-9Qt4A61d98Tg410BM1jNKwHPU5ORuXic-cwSpQJ748fOV-E9aw%2C%2C.genRJlwv_T2LzKs6jVspOkTLACA%2C

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9435.7YRvpjNy5Vg5ehmbbbFkgaacodGSY0Zedij-9Qt4A61d98Tg410BM1jNKwHPU5ORuXic-cwSpQJ748fOV-E9aw%2C%2C.genRJlwv_T2LzKs6jVspOkTLACA%2C
date: Sat, 23 Oct 2021 08:33:14 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
606 B 51ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi-news.ru&callback=_gfp_s_&client=ca-pub-4970661981239585

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

53a1a376ec0f481d043f4451c9ef6e2ecb3870e4c083c61179faab483431cd59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 43ms
21ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi-news.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29D2 71 KB
26 KB 513ms
488ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0f9fdf7b191bf7a812f991dce06d93db5067cd9b565bb201a8316ef9e88f7984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
content-length: 26670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 08:48:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT
cache-control: private

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 36ms
36ms Image
image/gif 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
last-modified: Wed, 20 Oct 2021 16:44:53 GMT
etag: "61701d55-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 23 Oct 2021 09:33:14 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC59 70 KB
26 KB 574ms
572ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cb1514958fedd7a980065957f42bf6bbfe2e0c634f4d7b01ee57aa6053ae8b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
content-length: 26533
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 08:48:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 37ms
17ms Script
application/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi-news.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C70A 14 KB
7 KB 314ms
313ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

38e8d703d9fea369c9d723cde9d0ad87c1c69456df97c889f37c043b46ec7118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
content-length: 7362
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 08:48:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E68 12 KB
7 KB 369ms
368ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b5621a58bce3a4bb2dc6c2ea34a8e97041906af21ae226c2d2cec126eb311a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
content-length: 7016
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 08:48:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A290 0
19 B 27ms
26ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&adk=1812271804&adf=3025194257&lmt=1634976853&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi-news.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993779&bpp=2&bdt=294&idt=303&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600%2C300x600&nras=1&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=313

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4970661981239585&output=html&adk=1812271804&adf=3025194257&lmt=1634976853&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi-news.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993779&bpp=2&bdt=294&idt=303&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600%2C300x600&nras=1&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=313
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 23-Oct-2021 08:48:14 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT
cache-control: private

GET
H2

200

1 Show response
mc.yandex.com/watch/2892676/
Redirect Chain

https://mc.yandex.com/watch/2892676?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...
https://mc.yandex.com/watch/2892676/1?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen...

366 B
448 B

32ms
32ms

XHR
application/json

93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/2892676/1?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1367596565935%3Ahid%3A783680451%3Az%3A0%3Ai%3A202101023083313%3Aet%3A1634977994%3Ac%3A1%3Arn%3A297986838%3Arqn%3A1%3Au%3A1634977994647009972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634977993270%3Ads%3A0%2C42%2C61%2C3%2C109%2C0%2C%2C175%2C22%2C%2C%2C%2C512%3Adsn%3A0%2C42%2C61%2C4%2C109%2C0%2C%2C174%2C23%2C%2C%2C%2C512%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634977994%3At%3AHi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85&t=gdpr%2814%29ti%282%29

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

7542d82a1aae6f4db94576e65bc6283df7b5ecabb130d8c5c476eafb52168bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
x-content-type-options: nosniff
last-modified: Sat, 23-Oct-2021 08:33:14 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi-news.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 366
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 08:33:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
last-modified: Sat, 23-Oct-2021 08:33:14 GMT
location: /watch/2892676/1?wmode=7&page-url=https%3A%2F%2Fhi-news.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5q1nhcbdg9bm2d%3Afp%3A319%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A1367596565935%3Ahid%3A783680451%3Az%3A0%3Ai%3A202101023083313%3Aet%3A1634977994%3Ac%3A1%3Arn%3A297986838%3Arqn%3A1%3Au%3A1634977994647009972%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634977993270%3Ads%3A0%2C42%2C61%2C3%2C109%2C0%2C%2C175%2C22%2C%2C%2C%2C512%3Adsn%3A0%2C42%2C61%2C4%2C109%2C0%2C%2C174%2C23%2C%2C%2C%2C512%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634977994%3At%3AHi-News.ru%20%E2%80%94%20%D0%BF%D1%80%D0%BE%D1%81%D1%82%D1%8B%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%BE%D0%BC%20%D0%BE%20%D0%BD%D0%B0%D1%83%D0%BA%D0%B5%2C%20%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D0%BD%D1%8B%D1%85%20%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%D1%85%20%D0%B8%20%D1%82%D0%B5%D1%85%D0%BD%D0%BE%D0%BB%D0%BE%D0%B3%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D1%85%20%D0%B4%D0%BE%D1%81%D1%82%D0%B8%D0%B6%D0%B5%D0%BD%D0%B8%D1%8F%D1%85&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://hi-news.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 23-Oct-2021 08:33:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C70A 42 B
63 B 40ms
39ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bg-9EX6vExULao7LIZR66vuMTOOlYhX8RCcUfIZQdIBqqKpNsYw-H3tu96XZJ38gPbK_gN86tf1zv1wdemtHRvgmUDNVeNlYqFa5QMe7jouZWWGSg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame C70A 3 KB
1 KB 29ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:26:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C70A 120 KB
37 KB 71ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame C70A 14 KB
7 KB 27ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA0D 624 B
300 B 32ms
31ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkTxQDrzBFH3ASmdU2_jUbRrB9Yo6va8XX-BJhKsZ-sb5_2fZfc_qwUuvyT; expires=Mon, 23-Oct-2023 08:33:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C70A 70 KB
28 KB 55ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJUgy-fehUIl9ylNtbpYutxlAUnu032LRd6xkzXnJ9wzTA625Ro0Ew0sU9BCMTCCg9UrQN_CQ1zE9opVIFn30BWVUPNG3glx2tWFVKxfCZxFghjxgIMbTsfF1wrPDzZavnaJB1KwhioGMLSRjHU9rIC0baHQ&dbm_d=AKAmf-BSgXofZlF7187jr9klP6ZwokV33Xtvhi2FHVKMZry9FsHJuAycjvD2CO2drY5Rwa6BrcOyezlxGnx6cNHHiHDcWyaDXzbkhl3lA49zXcCBfSPX4C_5rLdvlq9olIESSk7bQkmy6Et6jTydqScPyC5KfTrLpvkuk_c-ZbcU5VEKSpWZmTQFmXiX7eSi8U-yDSU8VuB5WPcuVk5pduF4eJPRvucaqkUyiUWFFf0QNp_6HFL61JCeOvSZwEs_7wtiqDZazqZMZdNM7TOMiIznwmAGAPAmXSu8Wuy8nxg632V2PHnZ0AWAhplmPiCTFKShJupIu1yviBvCqB571RTxrRw6k-_6X9IO7f4OJRfnSQTe2W3hqb9AQSrXxgWEjmZb8uwOwM8zUYdEPGlgJ8hKTYVnL-kNkHTxmH4LEg9px3io5vvscw4X7qyEea--ACx42wYpRlg4mXQXf7OEE1TkgpgW2cEgPCE45B33XzL8N66NTHH7nq6Sybc6WUgXg1z05gV9rQU9-7EjejxmlBk47WnD-ACKU0akaclttOtlftLQUtir-PSGOBqI1AI-yLiH-UBd3SWYKLl72RQFzJobru8JQ-KLayGmQJswtCpy9qMsHEiG_ltPwjoeGben5AcP7agDi1vmAHs-oMXCuV-cNmWeQjRdwJWefAU4HUBLmbt3bWIhqS0V7Ymij7Xadd1n6thC7VkmJdg0_ozhvqFmPoJJQfo4QWPmtFNcHeI5NhL50-m62hmIKyqXNQXizhUv-QqoN5ptAoGacA7uO2QLFRvOv1qIAiAI3gFwVGA_TLOswppDZg8cfXXfwJ4ameoA6-VYXLh19HGESD01i0R9cfBiQavp71QTDGnSWDFWn1FC_HFSOLdROMJUkW8mbKPg7T4zCXcnimXUHZOHN7HekxqUaPO2NMxelr789-0oZUBcw_aZ0xUvqXljBTmjeho-ii1_UvtDFQxwO7gF0GdoC9tgbe5gydt5UsLr66-QV2j2kGN8yhq_pZqcCD5AyitAp1aml8Qyy5OEEBZNbc2ZZ94nTFh8QCjZ0KJrM6eDkBT9_yWLEb1hx0H56kYMkz9_zxV0i_HaL9xzUUq0nr4fASdYcK83KMgz9tCgJvi_bxbA7odD-GVUsPpU0dMHYa5QDbTIanxQDhnwCpUmAVOr5EdzRv0jLaKg9ZFtaYAUR_TSCpHo-PE_jM_ktIfYRLnYOGIQtEjsgKOv-Uc_0OYQmQqVSi9Hw8cr8Vt5c4LiDHNLpLdI4T3yFt_GMYyPDWVNFGAAEDiRxm0TpfcKbfRpplNITpv0fDqSrlS2__-PAM6K0dV55NiNRU-DY00Py7ZWMabdAgcAbg2XSUqWTonjNoXJKzQY-O-a2z7ly-E5Qez_grx6P9puBQHJfUtR8Xp4w9Fqloh7NHJfEc3YJ_dOncXHWFntW2_CSz1hemnkiWg47IcRVPjM6JK2_1M99Lho1aWvVFTFES4COP-OR2HleuQ2ttNRsW0zlarWZkQv1UcvNc2jkUHvrB-dcwsXmWrzLhFMf27vyJyryU5KDL-4PSim1E7iVq87RIKxYzzD6WUkr0r0VkRS2tZqrhp7XiXXtjmPccjQmJUwscnx7DWmTOXMpy9OVxMtelMY7gYD_E2wkVPTmNzrVZe-SQdz86A3ptAiSHCxSaRkTao1cVxQyehLxPovoc2CCu3AXGMeo_xExGWkQaTmAUvwCSC9i1bZu_5mygyjfMSMfUcYpiq6gfFweWlKbaaWPu1NqMv4j5U_1BM9rBStKA22h4rKd7a1BDoKmH6NloI_OCBJD0AWPc2YdgM8l7QpguRDNz3E0em4ldSBWkm9mA0jAD2lCxt4uk-UVzo73WTu1WBPIdMc2UNvXTuXdsKujQoV4v8e_7kNms6soAwnwf3tSt1dIUpxawmvU4esfZQgMffu60aFxvbm_qsEvfYvmsYDfIu4-Dj4LZpMybqtPBl2LdMcg5Xkp3Qv4N9H_MnzS1uRW82ml7nnrwRpEYPV2irHR946mKv5M6L3-mSbk1SWeabbiL0mSEaIsCgTPv5ZepkQwokMww_bOJyy0Ic5qNXr_9QsjjWqiuLH9rXK-60gkdOdUjQTgaUMlkYraAnzml209RodomMNXtANcvTw1w9wqo9h-Ymf6WZGCc80_DzNPk4DEsVnKdZlzpBJMRG1cBtgGT7VDUydcPq7mxmwuQGmmsku9fsHDpgL1NttyoxGZq-RzZR_D23ToglbhM_TFu39hfPctXd9e9aeyEaYpppyktm9bsd6MNze-Bn_UxGfaS4oCut3KH5kGA4k9GWsySlF74Ys7ZR0EKoIxirQ8jNc4cvTie4dYtZKazx2NLoA1xguTyfeOGkcL1M_DTkfebhyTnA6cr2rc7JiSN7Sz0B3may_KBB0x3ksXcji9bXgSFSpaPtF8mRLMn0eBy0JlLteS74Xzo4FFasi9Nu8B_AJ0s3U4b6WgSFVV84hLiCmiDtRpzuFrD2lDfUlcbwqOK0azuDtDoFZEztGvjaQCtdKGEIwocASoEY9oLx1JtOwOw86JZTJm0JG1ecUClbsOTM8jUijsfiLkklbaFQ0jbfgC8JVL7QBHJvUI78r6yGWr27zUpPMfP-F0tfYPKlt8NgkRTMTLXMqZGlHaxFOuP1Z2X8dwkz5b1TSHqxidt2tjO5sQnmhfYBrbbQ2PYGZpskQfHxNNk72PzvO7w-oid1mCLIhqGVKz9G9QJtkrFo-926fhvOyi-wDB2iG2u6KRrjOB58ZHmyWIl-fcp_uexcAAzDvvM6JiR6fl0OUZ9jrnUDJJ0S1QxAO64BToCP1CipR_sWkGyBD9ViLOMYPrw7Ixcs0y-PuuHYLSn0&cid=CAASBORorSo&rfl=1%2Chttps%253A%252F%252Fhi-news.ru%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9aee4518f7e22707e0b75a222dd64ecab927663e03cac069380e979b41791ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1264613738&adk=2534352483&adf=3198628617&pi=t.ma~as.1264613738&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993765&bpp=1&bdt=280&idt=293&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=507&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=5&uci=a!5&fsb=1&xpc=SVmxjPVOA8&p=https%3A//hi-news.ru&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1&C=1

43 B
894 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 08:33:14 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDTEW_A3SJg9f1DYb-YxgPA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CA0D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPIyjiIOM0HudEFm7hGIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 08:33:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CA0D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8E6CA7Hjs-VvpShxc2pyc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH8E6CA7Hjs-VvpShxc2pyc%26google_cver%3D1

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH8E6CA7Hjs-VvpShxc2pyc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNWfsX7Mrhn05yEc6UYkqUadaXHrK2dMPghBu0uXlIcJdbhtBAaawsB5U32HrvnmRS6WkIfksqSs5Q5IyzO2KVtirqPZ2A

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
X-Proxy-Origin: 216.131.114.199; 216.131.114.199; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 18d80bb7-2f92-43c0-959c-6a6df3db338a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
X-Proxy-Origin: 216.131.114.199; 216.131.114.199; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7041a50b-8fc5-4311-b698-bfdb4becb004
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH8E6CA7Hjs-VvpShxc2pyc%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA0D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
X-Proxy-Origin: 216.131.114.199; 216.131.114.199; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 428f07e8-e613-4e2b-b627-3376390c04e7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E68 42 B
63 B 40ms
40ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DxKyC8tHpEEz45ZNMnTmdAhyeF57jz6yPjG5TpjabCM0FH3442W3LcVXAr7USxZ2LbH2j7tk9pQnofHtA0K65mL2ZBNJPsb1MhcA_rczwvsfChPAw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9E68 3 KB
1 KB 23ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:26:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E68 120 KB
37 KB 48ms
48ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 9E68 14 KB
6 KB 24ms
8ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:04 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9CE6 624 B
297 B 29ms
29ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 08:33:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9E68 70 KB
28 KB 52ms
52ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWL5zHHI14H7vWfgCNKvDdkPYM-NpJzyU94oW85T5k5OhvdtRaTZNJ9G6_fcacPvKBcTlv8SxFIFFdpRqHv5BAZe6Cjpjvwa1-pkGYlZc9HiPcA70Zj3NLlKdCKgwTN_zbE5dpWjaStmCwop4IoGqbTU4uQA&dbm_d=AKAmf-Cu5-TAtA9DmKd5yS0x2hmE2GOVSfjlSgHi5jOkAHH_Jpi78Qm1IigFfrNUoa5OyYbr_V-QBR57F0OIeqnNwZLgmbxVfiDVS6SJIKIMIyakG4Yr93o0EazX6AV-0MDuKsMLkEjDiz5SZXaquosGLKGZf5jpDc_scQFGqk-OagLlvpdrYzo144tZ3pP3hLVBO6h51n-dZPRlZkHmKYOt8GaUg53OlNs2YRVV9mx2ghWX8VGT82NeggtDtm_HuB9zE6RNDtg6bQ-s4PpjJvG8mfztlXw1NuDO5Ihkxo3gD8mkVV_47MJ9kaUU7B5kWOohbKBLid10ntNucLnlKclUXi7T5JN_YsI2dP5W1VMvcFSY9W7B4b803JnNI77V8Tm9sYYCM0L49wtW3wDi90D40YlyKGobH62J1aYnsDAOS1ijw18N1dMVvErIRvRhIObZlc0kMyalta-P1n-aY1es_9GIxY94Y-kYBGCvSSddFn9Xxyp5q8ssgeEVG69nv2Ad6GTU3qYfePXmm1EvNc5ffwD0oZPme2iHwt-oxVHtKJZqEjfYFgz6a16Fjd8w8PGC58ppNriLspcIg0cZj5AF1EAoZ6p3UKOPl3WodRMKFrreeL-as_oNkJKvIJoYVOLI_4bPhbknsCXxnHsxaQpWc7uzPZtt6UK9X8S2tktxZBnaPl2zH76F9zJgWdE0qDAgqC1epa6Ft7dqW2pKk8ygW9dBBYQfpd3sxnt27NIcOLcr0mxvKBKnaoCoocZVOXG0-ElhpyzX6dNEVnxwx2s5L9UIEtICnnQxq9T3dKFBvz__YUj42yM_0i7Mt4BrOOpxBGiR6OJgPETdTXvWboCFqMcQreC4yKqRTxbrZ49wC3ITn3zdgRhxJavTlyvdE2iuJphlCLgDURX2ijJrGBW6nUBPOTqvyBCzoVUWgAAHdZLUtXgdRQgsYLY6d5ZnkRzrPT64XNmcIjzuUFvZ6Txr4ARgzE08gt1Wmvd2HBMZ5TLMwVismZ3mPPknHsxl_8G05ukE3kBbq8LIjTJpBRqLm7dEaB3RrXDhetH5hmmvNYh7Qjc_uH46j-EkLGX2x4_oqs3kThAJkNRjh4fx6FwWddZu6_XcYL5Yy2yO-VVGGsips_xo1ED2pVEbwVI24VTLGiyzEpZ-FH-D_yibhfHKzTtDjHvFp5rNRSvnnayQN-yKTZl5LUqms8yCyfFEF8-t-QPTEJ9X5dF3aVouwJY_Z6K3yLBrRnye0qU74WpnsXowRioEk2-dwYdZ79s-DDMyyGNKmUKcOKr2WZUB4wFTsomd7AG08PEnqBT-noZBuuovJDWmfvN_rgoY-S3YA1l7LUyqdAWD3aR_X49XFRahlf2A_LWyCpjQQZrE3RmqF3aKAL7nSGOUz-xe9Jb2KnsjIEz4sNWHE6OJ7EwUdbU7WYA5Ocyrze4xJ3ldCxmd4nE6lE8A7mfn9M57gDmvMpMNX4VFdADtU7UJD5dnLmZg3lNnkaKmY2IoWGmwTRwPtuaxjfL8NOKl9cD5txcEpOVioKV_fti-WmLDe5MHNdo6FGwxekvNzYKKXLokhHKjJw5rxZgm97Hi1hms2z59vkca1gWS2h1zpyaf_V6X-bqs0imlq72ALt2sKvnXFA5td5Gw2mXQEDYea5hV6bpLMtBXFKQ4bGgPiG6q7w1sqJWKj6oYxGaHrj5fIBX-xqVBVL-l8kUR_QtBhNE_zuBwH3v1FE0jrK4bqjaV6ggtkCNiPu_fNp2LK4GGlwBzJaAh_HesNXALSa-8Z7Njq2IG33INpntJzLnshJrEl3WSaGPAsOcgf26-AcWJ02Cw5Iz5NcHvXUdPBLJYcCD3r3IRblrSIV65uZpbX4IPU_uFAWESPsRboS9q4bN26I08wfGCXoc9nor-2oQpmQp_CJ3Yh6MDCfIruIF0yeirCUjJYS4mTPR8m8jgPj4XV4Ru_rRs4wLjro0PRXCyHXI3fLnvCeAXu9qTOgd14QcOw-gpmQPyhEEHu6-OiHiXmny2rDssUo9hs1XHFpTVFOVbNrFmHP78XcE0RYwErIfP-5bMDu7y-LSoohNy2J4sK8lVKcUxI6xLEY-9Bp01E856GzM8UTNAHtAKpscEGLq4Kvz72Ze0PdtgwNBfRstBsnlgp7a0tPXNt0YS85Vqh_cMzNoJeDU8XO6DiKGV8-PpQiMeahfT7ASV8CGhrV6G5YuHWHJnAtX9LOHeLlju-jLwLLO1vkdTf8JuVpm3lnyXGVc2uRDMZUCOfVxTpwhvUEZweKoFNM9tgnZxla7pjBZU3MMYWrT8HRQGfubyNzfh6iCDBrbU9drk_CSv3xXyINiRTQzCjZlXUQKc-gYxRiIwrqh1HaJT8yMAIme-PipMH3JeZ0OMpUeFbVOLhfWzA6jpM3GQBMw-W9yGad2Mj1sOH4xmRZAdDy3QLLNDjmvO8nEn8BvFYh5NTEE_8Ah_sbU_N1USeUf-wGEfTdj0Qrm_sAIpwYKqrxjustw6abA_ANeoMtoBCx1f4J4INkRbmb7bh1gORCFQNIHf1cAbrUhrVZqpN_nP_Lnv7ZhdeA_BPOrkN32fvO9eYvG7LuKGKL2czWdIwDXzJVnylSiBR0Ofs37226zpIY89a2c2kSZ5OcpcUl0K9Pwrhxh1_yzSIeVmYg7q9y6m97l1ksdOZJOJwEyh8CkiYdaOPeevcIVmuP8mZol-30M_yIyJqLrmgju2aNzjZ8ctBKFBR9EjAAbypN_y0ZzC8Ihq6-SCCtbcIX7BR_gEklhS_gCS_fCatLrKJDpPcpW398zuz_i1AYPS4Znq9-T5dTzAlR8Kzj7X-JscEihQX54ywB9_eRZRiycb1LlpgRkx-s9_Gi7VgMK9dT26siSSXoKJVzCo&cid=CAASBORoyyE&rfl=1%2Chttps%253A%252F%252Fhi-news.ru%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

98767c2fa30917a87f1b3dcca23c1ea709c6e1395eb423a696567003c6e631dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28677
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame C70A 106 KB
38 KB 55ms
11ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame C70A 8 KB
3 KB 8ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DJUgy-fehUIl9ylNtbpYutxlAUnu032LRd6xkzXnJ9wzTA625Ro0Ew0sU9BCMTCCg9UrQN_CQ1zE9opVIFn30BWVUPNG3glx2tWFVKxfCZxFghjxgIMbTsfF1wrPDzZavnaJB1KwhioGMLSRjHU9rIC0baHQ&dbm_d=AKAmf-BSgXofZlF7187jr9klP6ZwokV33Xtvhi2FHVKMZry9FsHJuAycjvD2CO2drY5Rwa6BrcOyezlxGnx6cNHHiHDcWyaDXzbkhl3lA49zXcCBfSPX4C_5rLdvlq9olIESSk7bQkmy6Et6jTydqScPyC5KfTrLpvkuk_c-ZbcU5VEKSpWZmTQFmXiX7eSi8U-yDSU8VuB5WPcuVk5pduF4eJPRvucaqkUyiUWFFf0QNp_6HFL61JCeOvSZwEs_7wtiqDZazqZMZdNM7TOMiIznwmAGAPAmXSu8Wuy8nxg632V2PHnZ0AWAhplmPiCTFKShJupIu1yviBvCqB571RTxrRw6k-_6X9IO7f4OJRfnSQTe2W3hqb9AQSrXxgWEjmZb8uwOwM8zUYdEPGlgJ8hKTYVnL-kNkHTxmH4LEg9px3io5vvscw4X7qyEea--ACx42wYpRlg4mXQXf7OEE1TkgpgW2cEgPCE45B33XzL8N66NTHH7nq6Sybc6WUgXg1z05gV9rQU9-7EjejxmlBk47WnD-ACKU0akaclttOtlftLQUtir-PSGOBqI1AI-yLiH-UBd3SWYKLl72RQFzJobru8JQ-KLayGmQJswtCpy9qMsHEiG_ltPwjoeGben5AcP7agDi1vmAHs-oMXCuV-cNmWeQjRdwJWefAU4HUBLmbt3bWIhqS0V7Ymij7Xadd1n6thC7VkmJdg0_ozhvqFmPoJJQfo4QWPmtFNcHeI5NhL50-m62hmIKyqXNQXizhUv-QqoN5ptAoGacA7uO2QLFRvOv1qIAiAI3gFwVGA_TLOswppDZg8cfXXfwJ4ameoA6-VYXLh19HGESD01i0R9cfBiQavp71QTDGnSWDFWn1FC_HFSOLdROMJUkW8mbKPg7T4zCXcnimXUHZOHN7HekxqUaPO2NMxelr789-0oZUBcw_aZ0xUvqXljBTmjeho-ii1_UvtDFQxwO7gF0GdoC9tgbe5gydt5UsLr66-QV2j2kGN8yhq_pZqcCD5AyitAp1aml8Qyy5OEEBZNbc2ZZ94nTFh8QCjZ0KJrM6eDkBT9_yWLEb1hx0H56kYMkz9_zxV0i_HaL9xzUUq0nr4fASdYcK83KMgz9tCgJvi_bxbA7odD-GVUsPpU0dMHYa5QDbTIanxQDhnwCpUmAVOr5EdzRv0jLaKg9ZFtaYAUR_TSCpHo-PE_jM_ktIfYRLnYOGIQtEjsgKOv-Uc_0OYQmQqVSi9Hw8cr8Vt5c4LiDHNLpLdI4T3yFt_GMYyPDWVNFGAAEDiRxm0TpfcKbfRpplNITpv0fDqSrlS2__-PAM6K0dV55NiNRU-DY00Py7ZWMabdAgcAbg2XSUqWTonjNoXJKzQY-O-a2z7ly-E5Qez_grx6P9puBQHJfUtR8Xp4w9Fqloh7NHJfEc3YJ_dOncXHWFntW2_CSz1hemnkiWg47IcRVPjM6JK2_1M99Lho1aWvVFTFES4COP-OR2HleuQ2ttNRsW0zlarWZkQv1UcvNc2jkUHvrB-dcwsXmWrzLhFMf27vyJyryU5KDL-4PSim1E7iVq87RIKxYzzD6WUkr0r0VkRS2tZqrhp7XiXXtjmPccjQmJUwscnx7DWmTOXMpy9OVxMtelMY7gYD_E2wkVPTmNzrVZe-SQdz86A3ptAiSHCxSaRkTao1cVxQyehLxPovoc2CCu3AXGMeo_xExGWkQaTmAUvwCSC9i1bZu_5mygyjfMSMfUcYpiq6gfFweWlKbaaWPu1NqMv4j5U_1BM9rBStKA22h4rKd7a1BDoKmH6NloI_OCBJD0AWPc2YdgM8l7QpguRDNz3E0em4ldSBWkm9mA0jAD2lCxt4uk-UVzo73WTu1WBPIdMc2UNvXTuXdsKujQoV4v8e_7kNms6soAwnwf3tSt1dIUpxawmvU4esfZQgMffu60aFxvbm_qsEvfYvmsYDfIu4-Dj4LZpMybqtPBl2LdMcg5Xkp3Qv4N9H_MnzS1uRW82ml7nnrwRpEYPV2irHR946mKv5M6L3-mSbk1SWeabbiL0mSEaIsCgTPv5ZepkQwokMww_bOJyy0Ic5qNXr_9QsjjWqiuLH9rXK-60gkdOdUjQTgaUMlkYraAnzml209RodomMNXtANcvTw1w9wqo9h-Ymf6WZGCc80_DzNPk4DEsVnKdZlzpBJMRG1cBtgGT7VDUydcPq7mxmwuQGmmsku9fsHDpgL1NttyoxGZq-RzZR_D23ToglbhM_TFu39hfPctXd9e9aeyEaYpppyktm9bsd6MNze-Bn_UxGfaS4oCut3KH5kGA4k9GWsySlF74Ys7ZR0EKoIxirQ8jNc4cvTie4dYtZKazx2NLoA1xguTyfeOGkcL1M_DTkfebhyTnA6cr2rc7JiSN7Sz0B3may_KBB0x3ksXcji9bXgSFSpaPtF8mRLMn0eBy0JlLteS74Xzo4FFasi9Nu8B_AJ0s3U4b6WgSFVV84hLiCmiDtRpzuFrD2lDfUlcbwqOK0azuDtDoFZEztGvjaQCtdKGEIwocASoEY9oLx1JtOwOw86JZTJm0JG1ecUClbsOTM8jUijsfiLkklbaFQ0jbfgC8JVL7QBHJvUI78r6yGWr27zUpPMfP-F0tfYPKlt8NgkRTMTLXMqZGlHaxFOuP1Z2X8dwkz5b1TSHqxidt2tjO5sQnmhfYBrbbQ2PYGZpskQfHxNNk72PzvO7w-oid1mCLIhqGVKz9G9QJtkrFo-926fhvOyi-wDB2iG2u6KRrjOB58ZHmyWIl-fcp_uexcAAzDvvM6JiR6fl0OUZ9jrnUDJJ0S1QxAO64BToCP1CipR_sWkGyBD9ViLOMYPrw7Ixcs0y-PuuHYLSn0&cid=CAASBORorSo&rfl=1%2Chttps%253A%252F%252Fhi-news.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame C70A 23 KB
9 KB 7ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:24:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C70A 41 KB
15 KB 7ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 12:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 22 Oct 2022 12:07:07 GMT

GET
DATA 200
OK truncated
/ Frame C70A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a17006736daeaf7556e18e32f05e395ac0119d36f9747fbe09ea95a35956a8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 9E68 106 KB
37 KB 22ms
8ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 14:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 14:35:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 9E68 8 KB
3 KB 6ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWL5zHHI14H7vWfgCNKvDdkPYM-NpJzyU94oW85T5k5OhvdtRaTZNJ9G6_fcacPvKBcTlv8SxFIFFdpRqHv5BAZe6Cjpjvwa1-pkGYlZc9HiPcA70Zj3NLlKdCKgwTN_zbE5dpWjaStmCwop4IoGqbTU4uQA&dbm_d=AKAmf-Cu5-TAtA9DmKd5yS0x2hmE2GOVSfjlSgHi5jOkAHH_Jpi78Qm1IigFfrNUoa5OyYbr_V-QBR57F0OIeqnNwZLgmbxVfiDVS6SJIKIMIyakG4Yr93o0EazX6AV-0MDuKsMLkEjDiz5SZXaquosGLKGZf5jpDc_scQFGqk-OagLlvpdrYzo144tZ3pP3hLVBO6h51n-dZPRlZkHmKYOt8GaUg53OlNs2YRVV9mx2ghWX8VGT82NeggtDtm_HuB9zE6RNDtg6bQ-s4PpjJvG8mfztlXw1NuDO5Ihkxo3gD8mkVV_47MJ9kaUU7B5kWOohbKBLid10ntNucLnlKclUXi7T5JN_YsI2dP5W1VMvcFSY9W7B4b803JnNI77V8Tm9sYYCM0L49wtW3wDi90D40YlyKGobH62J1aYnsDAOS1ijw18N1dMVvErIRvRhIObZlc0kMyalta-P1n-aY1es_9GIxY94Y-kYBGCvSSddFn9Xxyp5q8ssgeEVG69nv2Ad6GTU3qYfePXmm1EvNc5ffwD0oZPme2iHwt-oxVHtKJZqEjfYFgz6a16Fjd8w8PGC58ppNriLspcIg0cZj5AF1EAoZ6p3UKOPl3WodRMKFrreeL-as_oNkJKvIJoYVOLI_4bPhbknsCXxnHsxaQpWc7uzPZtt6UK9X8S2tktxZBnaPl2zH76F9zJgWdE0qDAgqC1epa6Ft7dqW2pKk8ygW9dBBYQfpd3sxnt27NIcOLcr0mxvKBKnaoCoocZVOXG0-ElhpyzX6dNEVnxwx2s5L9UIEtICnnQxq9T3dKFBvz__YUj42yM_0i7Mt4BrOOpxBGiR6OJgPETdTXvWboCFqMcQreC4yKqRTxbrZ49wC3ITn3zdgRhxJavTlyvdE2iuJphlCLgDURX2ijJrGBW6nUBPOTqvyBCzoVUWgAAHdZLUtXgdRQgsYLY6d5ZnkRzrPT64XNmcIjzuUFvZ6Txr4ARgzE08gt1Wmvd2HBMZ5TLMwVismZ3mPPknHsxl_8G05ukE3kBbq8LIjTJpBRqLm7dEaB3RrXDhetH5hmmvNYh7Qjc_uH46j-EkLGX2x4_oqs3kThAJkNRjh4fx6FwWddZu6_XcYL5Yy2yO-VVGGsips_xo1ED2pVEbwVI24VTLGiyzEpZ-FH-D_yibhfHKzTtDjHvFp5rNRSvnnayQN-yKTZl5LUqms8yCyfFEF8-t-QPTEJ9X5dF3aVouwJY_Z6K3yLBrRnye0qU74WpnsXowRioEk2-dwYdZ79s-DDMyyGNKmUKcOKr2WZUB4wFTsomd7AG08PEnqBT-noZBuuovJDWmfvN_rgoY-S3YA1l7LUyqdAWD3aR_X49XFRahlf2A_LWyCpjQQZrE3RmqF3aKAL7nSGOUz-xe9Jb2KnsjIEz4sNWHE6OJ7EwUdbU7WYA5Ocyrze4xJ3ldCxmd4nE6lE8A7mfn9M57gDmvMpMNX4VFdADtU7UJD5dnLmZg3lNnkaKmY2IoWGmwTRwPtuaxjfL8NOKl9cD5txcEpOVioKV_fti-WmLDe5MHNdo6FGwxekvNzYKKXLokhHKjJw5rxZgm97Hi1hms2z59vkca1gWS2h1zpyaf_V6X-bqs0imlq72ALt2sKvnXFA5td5Gw2mXQEDYea5hV6bpLMtBXFKQ4bGgPiG6q7w1sqJWKj6oYxGaHrj5fIBX-xqVBVL-l8kUR_QtBhNE_zuBwH3v1FE0jrK4bqjaV6ggtkCNiPu_fNp2LK4GGlwBzJaAh_HesNXALSa-8Z7Njq2IG33INpntJzLnshJrEl3WSaGPAsOcgf26-AcWJ02Cw5Iz5NcHvXUdPBLJYcCD3r3IRblrSIV65uZpbX4IPU_uFAWESPsRboS9q4bN26I08wfGCXoc9nor-2oQpmQp_CJ3Yh6MDCfIruIF0yeirCUjJYS4mTPR8m8jgPj4XV4Ru_rRs4wLjro0PRXCyHXI3fLnvCeAXu9qTOgd14QcOw-gpmQPyhEEHu6-OiHiXmny2rDssUo9hs1XHFpTVFOVbNrFmHP78XcE0RYwErIfP-5bMDu7y-LSoohNy2J4sK8lVKcUxI6xLEY-9Bp01E856GzM8UTNAHtAKpscEGLq4Kvz72Ze0PdtgwNBfRstBsnlgp7a0tPXNt0YS85Vqh_cMzNoJeDU8XO6DiKGV8-PpQiMeahfT7ASV8CGhrV6G5YuHWHJnAtX9LOHeLlju-jLwLLO1vkdTf8JuVpm3lnyXGVc2uRDMZUCOfVxTpwhvUEZweKoFNM9tgnZxla7pjBZU3MMYWrT8HRQGfubyNzfh6iCDBrbU9drk_CSv3xXyINiRTQzCjZlXUQKc-gYxRiIwrqh1HaJT8yMAIme-PipMH3JeZ0OMpUeFbVOLhfWzA6jpM3GQBMw-W9yGad2Mj1sOH4xmRZAdDy3QLLNDjmvO8nEn8BvFYh5NTEE_8Ah_sbU_N1USeUf-wGEfTdj0Qrm_sAIpwYKqrxjustw6abA_ANeoMtoBCx1f4J4INkRbmb7bh1gORCFQNIHf1cAbrUhrVZqpN_nP_Lnv7ZhdeA_BPOrkN32fvO9eYvG7LuKGKL2czWdIwDXzJVnylSiBR0Ofs37226zpIY89a2c2kSZ5OcpcUl0K9Pwrhxh1_yzSIeVmYg7q9y6m97l1ksdOZJOJwEyh8CkiYdaOPeevcIVmuP8mZol-30M_yIyJqLrmgju2aNzjZ8ctBKFBR9EjAAbypN_y0ZzC8Ihq6-SCCtbcIX7BR_gEklhS_gCS_fCatLrKJDpPcpW398zuz_i1AYPS4Znq9-T5dTzAlR8Kzj7X-JscEihQX54ywB9_eRZRiycb1LlpgRkx-s9_Gi7VgMK9dT26siSSXoKJVzCo&cid=CAASBORoyyE&rfl=1%2Chttps%253A%252F%252Fhi-news.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:16 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 9E68 23 KB
9 KB 6ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:24:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9298
x-xss-protection: 0
server: cafe
etag: 5575107075035495308
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:24:17 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9CE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

43 B
894 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 08:33:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9CE6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YXPIyjiIOM0HudEFm7hGIgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1

43 B
894 B

22ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 23 Oct 2021 08:33:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJRXZqb0AlHlpj2lRgOFEng&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9CE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMfa8WcSd1L--NkFRVbMn9k&google_cver=1

43 B
1008 B

13ms
12ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMfa8WcSd1L--NkFRVbMn9k&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRDtw0gYv6G1tQEwAQ&v=APEucNUKDGyUxskArJR2JJTc1q0ezOUiE4aOIadiLHWR8HbfIhjwthCLE2XjIWOlfbqQV41fTf51eYEIDbLQsYIAZhLTCnJeHg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
X-Proxy-Origin: 216.131.114.199; 216.131.114.199; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 31ff579f-0ec5-48af-b82f-778473116c8c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMfa8WcSd1L--NkFRVbMn9k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CE6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 23 Oct 2021 08:33:14 GMT
X-Proxy-Origin: 216.131.114.199; 216.131.114.199; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c9a9e83d-76e4-4359-b5b1-4254c4f09c75
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU4ODkyNTE3Mzg4NTQ1NzUxNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C2B7 22 KB
8 KB 7ms
7ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 12:07:07 GMT
expires: Sat, 22 Oct 2022 12:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 index.html Show response
s0.2mdn.net/5846014/1632342222388/ Frame 1540 75 KB
19 KB 22ms
8ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5846014/1632342222388/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

3a070f724a5d3b9b5f73c6e9d719fa11b5e4c5233d5aa4c3fcd7cf2c108c7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /5846014/1632342222388/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 19324
date: Sat, 23 Oct 2021 04:24:24 GMT
expires: Sun, 24 Oct 2021 04:24:24 GMT
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 14930
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C70A 0
542 B 91ms
51ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAD2MU912MiKe8LfAWDtZnqb2EoY6uzwu7K9D8hMp2oatiieIyBkVCA6uhR2hvvaKDyQeELyjobvw6YJbIlmDNQbDTkXH89BVBgzQJwekEbI_Hw3Zalt5RIEQ1zX78AvnClgyV-kDrdK6JdvVbOMNdb6u3KvGergEiSYk27W2pCyApkBSJ8EkgpCejXZu5CkldOlv2DaQQ6uXCMk9TQ3rkuQOm1l9OXBVUQHLGScG6bnOEasQyzjeEXC707SZOSIB_nyvSBA4bPahMWGrXvBU-nvza36ErImq5qT8LYvJCtS80r1IOqpIlX6Ht9xQeOV7hBjOIVrdL4Sdx589rZ3QVFa_1Sfv2Z4JtOrcwBqmi2cFGRTgEKlSmR3sl4EH4PdtLHg-KOjTG1QuunY1WVlHDkptFsU57zjjZq2ih8cK3P4WCf1Syq3X_Y8dWmP1UU-xmzd2eEF-qGKqI6uTRh9aNibg8khcv9mdUFbo8ps2MKDgWtJSH0NZ93ZkY7R7JcBLcqsWLnrbyu1MTnATG8D2z-UC3MiLb4YO1RJBh_qLtRaP0PmPPtnzlIXCvsWHRr8OQ1IT41AbAdAqnCqvwHa2iA0-pGCEXMW8Gs_d-5CtmNsB7bqKJhcppg5QSt9-bV7ZV83ZpmRuriHW3gYNnEb_elZGXe97CPzeULOXi8ooND4NlNnx7rWNvgNsdcKyXzEdhTaM_uv5tDrzTZDa2zgdhCMUoaFVPVYqgvvXw4C7mMxAwRRRTEAFv8eN9eMVXDQLv_IrxRLY7lYCezrG16XuZO-olqXwsNNo7QIdLYlO4ShugLZPlD-2ES0qgWf_jApqOglzNXrQnODFBKIYD-fGklIW7FDgnAbbV72CdXLR0q5tw1SNkS8qhkt9bd-9LUBKGF4GFJk5jXIKtVKeeU_6mBssuOQaHkuicAv8NQFud6JqEi7pz0MMvOhiArRWtlXcM6qVOYM0GuVSqBt3S26fjVx0rsEBiOglmPUiUiwJvEypWn_oeNXaQH8HOrzpkfvMsltbXmXXwHsT70xcNXWT7OeMSXzQfKYS4GtEZhHmDLq-21E39YuCSO5Sz6e2IghiOJzxnPHQ&sai=AMfl-YQdsVgnHP43Wk4h9zx_7SyTggGGffCEx9ACFAmCDBOdRdr4y1jQ4vl9VUfNtj4vepODaE1zeeWigrEAyP0GIPuyrnSeZnk1Vb07hdXEx2jmCRXLyLoJaQFSz9_ZbbG92X-9&sig=Cg0ArKJSzITQHgZWMjduEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=178&cisv=r20211020.54624&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 23 Oct 2021 08:33:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 14986594665044086805
tpc.googlesyndication.com/daca_images/simgad/ Frame 29D2 125 KB
125 KB 9ms
8ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14986594665044086805

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

f85b1dd171a14f107500b801a8df8222811281cc5c59b78809a9b415a861f537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 10:39:10 GMT
x-content-type-options: nosniff
age: 251644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 128282
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:01:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Oct 2022 10:39:10 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 29D2 18 KB
8 KB 7ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:29:21 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 29D2 3 KB
1 KB 12ms
10ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:26:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29D2 120 KB
36 KB 37ms
21ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 29D2 14 KB
6 KB 8ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 29D2 27 KB
11 KB 14ms
12ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11249
x-xss-protection: 0
server: cafe
etag: 2407096445939648700
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 14:48:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29D2 0
0 48ms
46ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyPn-yshzYcjFD8iC3gP9mbGIB_78-OxlwL2_5vsOnOvqq-AgEAEgio68jgFgyQagAYbvq5UCyAECqAMByAPJBKoEugFP0IZvLbzVNIpFXMgyo3WQdaYAGgJI8AoHZH2U4azmJOILxr4byJTwkFxd-MvL7Ft5EX6ErjuyPNdVedpkXmrwOGlWd5GE95Ri46cq4ysvqvP6aGHN2vkaMvxkNWHOzI6DSe55roX2TshGn183tIZhI1dGFv5VIb5kQcA0FIjWvE_x_cfGH-rYk8yUpTUTY-3vdTXb4c_O00pA-2bGSFFhhLX2xI6LHh1KR5hO3nG_kjTD9Ay5C7LRZIDABMGq-cbKA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ5K4I0ggHCIBhEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTcwNjYxOTgxMjM5NTg1GAA&sigh=3ORrG3VqxHM&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 08:33:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/5846014/1632342222388/ Frame 1C95 75 KB
19 KB 9ms
8ms Document
text/html 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/5846014/1632342222388/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

3a070f724a5d3b9b5f73c6e9d719fa11b5e4c5233d5aa4c3fcd7cf2c108c7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /5846014/1632342222388/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 19324
date: Sat, 23 Oct 2021 04:24:24 GMT
expires: Sun, 24 Oct 2021 04:24:24 GMT
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 14930
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E68 0
61 B 51ms
50ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHvM6CnvnSquCzOXcpqWMcpJES4kHPJw5WNlDHK39WJKU8pghW38fSyu7_28L-tWJAKnrFNzDypkAIJAAXVF6SQOYvKUDuyf6WZ3GVxLLg2Ehn3udGFmlupGtHVoMFcq4H7bpRTvbUMMTywPn7omvJf23WkzlYGwf6jLc05wiRtq75jk4n4gCqiQApcFaoC1wQnXJYPcac8_kzTOPE3syAZn46YqWBdsblG_mzxRdpATcQj7zaC-iHeP8X-xNwHPNs0VpoJHkYMHn7OPWoa9HF6Iv_fG5OwYv221B266b2r4pBkFaxIcKrAeWzhYHjTWaDl-KhEQeZ2tVBt8rgflD89KXrDU80SNGUULgfMu55HERzk6A8uK2gbNmdH6V_95XWThbBjDo4jsSPevEjP3G3k-kQ7mjMuz02NcKAYmFZ8KC1arNzDaD0Ehd2dXoPifcFoqJ7mvqKq3lJSgRjWvgUodtJUXAD3B3j819uJ4-7oQtD9nxWzFGDPID_MLXz_6qG9mDYGuzlXNI1_Bw5b_x5No0ukADHk2h-UC4W8xKFv8Hy3YpZiNAceGMK5VZV9D2L-n_-rotM6ciVpg-rgxOnS58YEQQQflvMqwL_psCfC8H6MJVXyVeDp2SJxTYD_kfg89CWTnMH10z6peORDBgtHsWcIMEvTBLMXyGv4N7MNz-hwBlIQZXxCemAFcIT4zMir6xI1UvczYM85eeX41JyHkYwsjKRUkTaYH6Iz2AsZfWvpbgLeBN6X0c2z6xJTPJlG0kZic6knQrfmI7otc6YPkCYGSGpHUsD0pBsgmxsIxGpXcZZFKo2K9BYureiR9ChpQKDGjrzJyjJCMoaeEMtDEl2lxZu8Pqix7Mni2AZcsCvDHl56suEiTHSs3lknFzgXMI2y7AtBkQ_CCpwcXtZGcVjvUhfVSj3n2NyPc4Bc6cmCz_4vTd7CyfiqiERVlfIN5gNkY3pLxSG-E7ctc0JzKGF1s7zJ84hTvx1Q3STBp8KEuGFPyn4cbQXz_uYjJXs1W8To8p-VcJ8-syKj2pgf-0meOxyVws7dCfWOiMNhbLjC3ODvHbwibKSWnXEp91_pNGs87PL3L56TYFug2g&sai=AMfl-YSkVjt8kBLyRp4ApwlEhQa2uVdSD3aSq5X-vSeh8oQxiL3X6MmgX56gS_In1hc3BMt_i9o3QN3oTHXxduCvmDXaoidWySnZljOh1hwKxzWjBppOHBCUAFatPXPJEq3Io7jT&sig=Cg0ArKJSzH_t9YHqw-8bEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=89&cisv=r20211020.95763&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 23 Oct 2021 08:33:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 12133106685600310140
tpc.googlesyndication.com/daca_images/simgad/ Frame AC59 110 KB
110 KB 10ms
10ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/12133106685600310140

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

4e7d8a3a8848936103d5a30f4851b0a78fa085018c0e4c6635317e6d8301ab55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:00:19 GMT
x-content-type-options: nosniff
age: 160375
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 112691
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 15:29:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 12:00:19 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame AC59 18 KB
8 KB 9ms
9ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:29:21 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC59 3 KB
1 KB 11ms
8ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:26:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC59 120 KB
37 KB 23ms
23ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:33:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC59 14 KB
6 KB 10ms
9ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:31:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:31:04 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AC59 27 KB
11 KB 12ms
8ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 14:48:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11249
x-xss-protection: 0
server: cafe
etag: 2407096445939648700
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Nov 2021 14:48:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC59 0
0 44ms
40ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFpIjyshzYZKJEIXl3wPWpbLABv78-Oxl-_Gz2d0OnOvqq-AgEAEgio68jgFgyQagAYbvq5UCyAECqAMByAPJBKoEvQFP0IuJcywRf_lR2XjNHfbnTp6aNCPpCQVuv5_eVyMiy-ut3oxTaUVg-qcP95RmTCmi030__bvkncJZlT2nERb0d7p9rlISrOSEeC2nLj-45oLzq6dlMw6rLcOZGg7iIRiOith3x_daDyzMT8iHik-_vBT-AeVOgZNet0rC7TjgDAgh2pM2ncz5ikUMIBi52SKuGSIpIB-4uivQZgRxDL0Quxz-JBFtamUfY-iUZOzztYpvoD9mDWKOFfVwECbABMGq-cbKA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfikNTqAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQr7wB0ggHCIBhEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTcwNjYxOTgxMjM5NTg1GAA&sigh=DCJae2EM1_4&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 23 Oct 2021 08:33:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 132C 143 B
163 B 16ms
16ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2825249238&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993743&bpp=19&bdt=258&idt=255&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&correlator=6250429855297&frm=20&pv=2&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1555&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=VNbl3JkTWN&p=https%3A//hi-news.ru&dtd=275

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 07:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E68 41 KB
15 KB 7ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=600&slotname=1643887687&adk=3048368196&adf=247167191&pi=t.ma~as.1643887687&w=300&lmt=1634976853&psa=0&format=300x600&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993766&bpp=1&bdt=281&idt=306&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280%2C750x280%2C300x600&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1255&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=yNPxP6fAmq&p=https%3A//hi-news.ru&dtd=312

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 12:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73567
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 22 Oct 2022 12:07:07 GMT

GET
DATA 200
OK truncated
/ Frame 9E68 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb9aef5a0b9b9dd1457fa6b18a23c599abf1b88e8010bee7bff24b07ae17e6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8809 143 B
163 B 16ms
16ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 23 Oct 2021 07:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 29D2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c3fb2fb8db60ec77fbb580e20136ad62e4ae84bda97287bb1f763e882785eb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 1540 28 KB
10 KB 8ms
8ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 23:50:57 GMT

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame C2B7 35 KB
35 KB 7ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 28888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
DATA 200
OK truncated
/ Frame AC59 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebb6c50992019ed0e29188c85492a31dbed2c4421a9a7b5da720a6d03b88ddd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 1C95 28 KB
10 KB 7ms
7ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 23:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 23:50:57 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2D18 22 KB
8 KB 7ms
7ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 12:07:07 GMT
expires: Sat, 22 Oct 2022 12:07:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 73568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C70A 0
23 B 59ms
45ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAD2MU912MiKe8LfAWDtZnqb2EoY6uzwu7K9D8hMp2oatiieIyBkVCA6uhR2hvvaKDyQeELyjobvw6YJbIlmDNQbDTkXH89BVBgzQJwekEbI_Hw3Zalt5RIEQ1zX78AvnClgyV-kDrdK6JdvVbOMNdb6u3KvGergEiSYk27W2pCyApkBSJ8EkgpCejXZu5CkldOlv2DaQQ6uXCMk9TQ3rkuQOm1l9OXBVUQHLGScG6bnOEasQyzjeEXC707SZOSIB_nyvSBA4bPahMWGrXvBU-nvza36ErImq5qT8LYvJCtS80r1IOqpIlX6Ht9xQeOV7hBjOIVrdL4Sdx589rZ3QVFa_1Sfv2Z4JtOrcwBqmi2cFGRTgEKlSmR3sl4EH4PdtLHg-KOjTG1QuunY1WVlHDkptFsU57zjjZq2ih8cK3P4WCf1Syq3X_Y8dWmP1UU-xmzd2eEF-qGKqI6uTRh9aNibg8khcv9mdUFbo8ps2MKDgWtJSH0NZ93ZkY7R7JcBLcqsWLnrbyu1MTnATG8D2z-UC3MiLb4YO1RJBh_qLtRaP0PmPPtnzlIXCvsWHRr8OQ1IT41AbAdAqnCqvwHa2iA0-pGCEXMW8Gs_d-5CtmNsB7bqKJhcppg5QSt9-bV7ZV83ZpmRuriHW3gYNnEb_elZGXe97CPzeULOXi8ooND4NlNnx7rWNvgNsdcKyXzEdhTaM_uv5tDrzTZDa2zgdhCMUoaFVPVYqgvvXw4C7mMxAwRRRTEAFv8eN9eMVXDQLv_IrxRLY7lYCezrG16XuZO-olqXwsNNo7QIdLYlO4ShugLZPlD-2ES0qgWf_jApqOglzNXrQnODFBKIYD-fGklIW7FDgnAbbV72CdXLR0q5tw1SNkS8qhkt9bd-9LUBKGF4GFJk5jXIKtVKeeU_6mBssuOQaHkuicAv8NQFud6JqEi7pz0MMvOhiArRWtlXcM6qVOYM0GuVSqBt3S26fjVx0rsEBiOglmPUiUiwJvEypWn_oeNXaQH8HOrzpkfvMsltbXmXXwHsT70xcNXWT7OeMSXzQfKYS4GtEZhHmDLq-21E39YuCSO5Sz6e2IghiOJzxnPHQ&sai=AMfl-YQdsVgnHP43Wk4h9zx_7SyTggGGffCEx9ACFAmCDBOdRdr4y1jQ4vl9VUfNtj4vepODaE1zeeWigrEAyP0GIPuyrnSeZnk1Vb07hdXEx2jmCRXLyLoJaQFSz9_ZbbG92X-9&sig=Cg0ArKJSzITQHgZWMjduEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=432&vt=11&dtpt=250&dett=3&cstd=178&cisv=r20211020.54624&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E68 0
23 B 44ms
43ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHvM6CnvnSquCzOXcpqWMcpJES4kHPJw5WNlDHK39WJKU8pghW38fSyu7_28L-tWJAKnrFNzDypkAIJAAXVF6SQOYvKUDuyf6WZ3GVxLLg2Ehn3udGFmlupGtHVoMFcq4H7bpRTvbUMMTywPn7omvJf23WkzlYGwf6jLc05wiRtq75jk4n4gCqiQApcFaoC1wQnXJYPcac8_kzTOPE3syAZn46YqWBdsblG_mzxRdpATcQj7zaC-iHeP8X-xNwHPNs0VpoJHkYMHn7OPWoa9HF6Iv_fG5OwYv221B266b2r4pBkFaxIcKrAeWzhYHjTWaDl-KhEQeZ2tVBt8rgflD89KXrDU80SNGUULgfMu55HERzk6A8uK2gbNmdH6V_95XWThbBjDo4jsSPevEjP3G3k-kQ7mjMuz02NcKAYmFZ8KC1arNzDaD0Ehd2dXoPifcFoqJ7mvqKq3lJSgRjWvgUodtJUXAD3B3j819uJ4-7oQtD9nxWzFGDPID_MLXz_6qG9mDYGuzlXNI1_Bw5b_x5No0ukADHk2h-UC4W8xKFv8Hy3YpZiNAceGMK5VZV9D2L-n_-rotM6ciVpg-rgxOnS58YEQQQflvMqwL_psCfC8H6MJVXyVeDp2SJxTYD_kfg89CWTnMH10z6peORDBgtHsWcIMEvTBLMXyGv4N7MNz-hwBlIQZXxCemAFcIT4zMir6xI1UvczYM85eeX41JyHkYwsjKRUkTaYH6Iz2AsZfWvpbgLeBN6X0c2z6xJTPJlG0kZic6knQrfmI7otc6YPkCYGSGpHUsD0pBsgmxsIxGpXcZZFKo2K9BYureiR9ChpQKDGjrzJyjJCMoaeEMtDEl2lxZu8Pqix7Mni2AZcsCvDHl56suEiTHSs3lknFzgXMI2y7AtBkQ_CCpwcXtZGcVjvUhfVSj3n2NyPc4Bc6cmCz_4vTd7CyfiqiERVlfIN5gNkY3pLxSG-E7ctc0JzKGF1s7zJ84hTvx1Q3STBp8KEuGFPyn4cbQXz_uYjJXs1W8To8p-VcJ8-syKj2pgf-0meOxyVws7dCfWOiMNhbLjC3ODvHbwibKSWnXEp91_pNGs87PL3L56TYFug2g&sai=AMfl-YSkVjt8kBLyRp4ApwlEhQa2uVdSD3aSq5X-vSeh8oQxiL3X6MmgX56gS_In1hc3BMt_i9o3QN3oTHXxduCvmDXaoidWySnZljOh1hwKxzWjBppOHBCUAFatPXPJEq3Io7jT&sig=Cg0ArKJSzH_t9YHqw-8bEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=312&vt=11&dtpt=221&dett=3&cstd=89&cisv=r20211020.95763&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 132C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

92ms
91ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:33:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 23-Oct-2021 09:33:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:33:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 635B 35 KB
35 KB 15ms
13ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 28888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 200 headline_UP_300x600.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1540 8 KB
2 KB 16ms
14ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/headline_UP_300x600.svg

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

b90c7ccdd3bb883f54f00b6e136ecb1e9217fa2fbb693dec9eb5eaa00ceba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 09:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2294
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 09:56:21 GMT

GET
H3 200 cell_synthetic_purple.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1540 663 B
424 B 15ms
14ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/cell_synthetic_purple.svg

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

7f616d19ad4fa5f228a2455d0ab62f9124f125cda747bc2145a23bdaa36e9812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 04:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 04:10:41 GMT

GET
H3 200 300x600_MSIG.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1540 7 KB
3 KB 16ms
14ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/300x600_MSIG.svg

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

1fa295e07559d8bbf4c0433b57e0d4db174168c8a5698ebdac0a2811215470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 06:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2686
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 06:58:52 GMT

GET
H3 200 CellCulture-127-copy_LB_FLAT_large.jpg
s0.2mdn.net/5846014/1632342222388/ Frame 1540 58 KB
58 KB 16ms
15ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/CellCulture-127-copy_LB_FLAT_large.jpg

Requested by

Host: hi-news.ru
URL: https://hi-news.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

6f801ee724cfcd5e399db054623dd4119f8c281a06efac62f8d10231416fe208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 04:32:11 GMT
x-content-type-options: nosniff
age: 14464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59229
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 04:32:11 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8809
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

170ms
170ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:33:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 23-Oct-2021 09:33:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:33:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:33:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame E126 35 KB
35 KB 13ms
12ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4970661981239585&output=html&h=280&slotname=3348562032&adk=2729210907&adf=2973540727&pi=t.ma~as.3348562032&w=750&fwrn=4&fwrnh=100&lmt=1634976853&rafmt=5&psa=0&format=750x280&url=https%3A%2F%2Fhi-news.ru%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634977993762&bpp=1&bdt=277&idt=278&shv=r20211020&mjsv=m202110190101&ptt=9&saldr=aa&abxe=1&prev_fmts=750x280&correlator=6250429855297&frm=20&pv=1&ga_vid=1055965363.1634977994&ga_sid=1634977994&ga_hid=2027055196&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=4180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062945%2C31063230%2C31062524%2C31063140&oid=2&pvsid=777522290726696&pem=67&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=2k9Z8TCyW1&p=https%3A//hi-news.ru&dtd=284

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 28888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 200 headline_UP_300x600.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1C95 8 KB
2 KB 11ms
6ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/headline_UP_300x600.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

b90c7ccdd3bb883f54f00b6e136ecb1e9217fa2fbb693dec9eb5eaa00ceba2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 09:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2294
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Oct 2021 09:56:21 GMT

GET
H3 200 cell_synthetic_purple.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1C95 663 B
424 B 9ms
7ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/cell_synthetic_purple.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

7f616d19ad4fa5f228a2455d0ab62f9124f125cda747bc2145a23bdaa36e9812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 04:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 04:10:41 GMT

GET
H3 200 300x600_MSIG.svg
s0.2mdn.net/5846014/1632342222388/ Frame 1C95 7 KB
3 KB 10ms
8ms Image
image/svg+xml 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/300x600_MSIG.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

1fa295e07559d8bbf4c0433b57e0d4db174168c8a5698ebdac0a2811215470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 06:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2686
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 06:58:52 GMT

GET
H3 200 CellCulture-127-copy_LB_FLAT_large.jpg
s0.2mdn.net/5846014/1632342222388/ Frame 1C95 58 KB
58 KB 11ms
9ms Image
image/jpeg 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5846014/1632342222388/CellCulture-127-copy_LB_FLAT_large.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/5846014/1632342222388/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

sffe /

Resource Hash

6f801ee724cfcd5e399db054623dd4119f8c281a06efac62f8d10231416fe208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/5846014/1632342222388/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 04:32:11 GMT
x-content-type-options: nosniff
age: 14464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59229
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 20:23:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 24 Oct 2021 04:32:11 GMT

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2D18 35 KB
35 KB 10ms
7ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 28888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
909 B 47ms
47ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=1055180;u=https%3A//hi-news.ru/;st=1634977993660;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=0f58c4d9856593d8;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1634977993270/////109/109/109/109/151/127/151/212/215/215/390/512/534/2223/2223/;ni=9.5//4g/0/0/;lvid=1634977993905%3A1634977995494%3A2%3A7df7ff9a37edf1be0907a228db88843d;opts=dl;visible=true;_=0.8621196066358539;e=RT/load;et=1634977995494

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi-news.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://hi-news.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://hi-news.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://hi-news.ru
access-control-allow-headers: *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 45ms
31ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

233ab2aa8832cdb0b32f6716bfb942f79b52e99fc093e459ccc32f4d7d4cf4c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8676
x-xss-protection: 0

POST
H3 200 rum Show response
hi-news.ru/cdn-cgi/ 0
162 B 21ms
20ms XHR
text/plain 104.26.12.91
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hi-news.ru/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.12.91 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://hi-news.ru
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _ga_FRMSPF0MRW=GS1.1.1634977993.1.0.1634977993.60; _ga=GA1.1.1055965363.1634977994; tmr_lvid=7df7ff9a37edf1be0907a228db88843d; tmr_lvidTS=1634977993905; _ym_uid=1634977994647009972; _ym_d=1634977994; __gads=ID=559e333e74e13479-2287ed90fcca00c2:T=1634977994:RT=1634977994:S=ALNI_MY-N7L5y_8EV5ay-Keff-VvZlkJBg; _ym_isad=2; tmr_reqNum=2
content-length: 18374
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: hi-news.ru
referer: https://hi-news.ru/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://hi-news.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Sat, 23 Oct 2021 08:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://hi-news.ru
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6a299e991a1127b8-PRG
vary: Origin

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2B7 0
20 B 43ms
43ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1p0ryshzYe-4JYPH3gPf64p4AAAAADgB4AQC&bg=!5uWl5aHNAAbUs_yW1LM7ACkAdvg8WkkaWb5hio6DVw90p1WlwmSbmcRcajN6gSYPE31ByP4z5xy59gIAAAHrUgAAACBoAQcKAICktTNOf4u1g8cJlV-tWbgpE-5_h_dxykUG6lSGxUNZgaRiXtXV3zD2UAvbSsXokqsAJJVvcuACtFuEOiKtgm1Ua5H7AyNlzUJ0T7mbX3xd07sWu71jIUaPqYdkIZ-N_MmkuzC8VuMjyLU0nWursnTP4gmweJk5rLrbT-S3E9x4o5kC8pwjZ1BpK5uMFHTnF_KXTZmKJCzKOpiXa8EyPVM5RTACilvYtQLhVHsa6SUgxIopqebFhjKAWNRM1Zw0wzT6_YZF7bYrYGSTMsTB-Ihpt90qaNmuSDetHHpAntPg5P0LziP2Fy-p5pOeQOSuKDiK4-4rhKKONTjoTyQVn9uqmMSl_7A97M2Pu5kcyEm1bAaPM3kIYcWo_vAarv37DXabWPCGyF-5hL3mz-YCaU_vy4y0GffBelSYy2kc9ZE93TNHFSjkysbUh79vf-zjP_xXtnxaxunk48PIYKFQaow1MyxDzRo5QT6Ln24OGoM5prdiEIguQ6IlwKZ5KOq7S6uxnB9tXeuYuQJirJ1joOW9xwOgQ03o24i_-u-n5Blo1R8XfhBLXQjOB4KVYqslcFSL39HD8FRdUGwhEwU49UVvf5G8oXA-hF2M5good-RaJXTE-IZRyujLG3osj8sw1zJp6_TSFDjTq0v-fvtRPnCACt0efW3kppYtOJJfed1ORfOuPBRaIzG5SFjNmXlZha0Ug3cHJ15zMLFXap6ZhYwqwfEMfPR6LipE1NQfnais-dMo81JP2DUpE0odLBMmhX5ZdRkpkXR91SySpsOLSvWuRZ0zwxsqxa7EOLGPbPdZRqahHVawf3zXu_VZrzBeq6JojlnPoF2-uQ_RBqlW-9DsLBp3eShWveAqUjxtivnRCvOCaW0nKHcpclrUFTvMvrobWelEdJ9Aw1c-Mne-aJIXeW6VZynx-0zX_cwVsBNf15R9E_dtq1HFWhtWT91CrDILEKbTEuxaP7-S5qUECAqNniRC0vQI49MtbKG1BQ1ggKEkbfe8ol7nLkGfzq_YK0N9XIhWymf6WA3Uf7sNVXCBgHxdg_L--4mfmqPMwav9JNtSzuRqLq5n4TPOHO_KCFn54n7TIULCwMcK6DQVgYlLS1z0MZ2Y0X9-pMssefwum0n7GEdSu8wFqHJybRVMvJ80IHSWWGpBe0-Zitdp4HziC3yVS3A

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110190101/show_ads_impl_fy2019.js?bust=31063230

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 23 Oct 2021 08:33:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D18 0
20 B 44ms
44ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq8mxyshzYe2QKc-NrATi5KaQAgAAAAA4AeAEAg&bg=!VValVhLNAAbUs_yW1LM7ACkAdvg8Wu3djgUldn_qU7cGEgY1OLYEXeVoXyjNuapbKPugg1sveItKBQIAAADbUgAAAAxoAQeZAtDYn4OjZIbMwyq_DP6kOR-0N8sFLlyiHtcN-glpXlu3M4z7G8p2Ib7kWJ4ebgLQWkGciZrtRrlkg7Wr3Ef5B4-vCa2b4cKc5M_8fcZ-mHIRoqD2bJuSO07TcB6JtMeRN1JHMq6YExvN4BDc-l6l6c8mJnYleWt3fiYmxDi6d7hsEvYuRYSWFtpwKqdQUiqfbbagvpYedFpgbf0wMtbiJMQMLdCXOGHFKqXVL20_hEjBJKTqH9hX7FvLXykubJvrVL8Rk2x0VEUa-xOSWJBObWuX5AEM2C-Qryd-0oJ9RMsgxGfRGexoV58TQNaO_xVJ6RTqhTt3LUk1JV7Rgvm2BAMqZe7sj4iXB3PF2oDcAQ2kP1j9B1iKmErSsttdCkYep2-0cFFlorJWmxLZOnAzj8G51hE6ZMqmHt7sxtYPxBATby307r5R1XcvY3FhrUqelHfp23jASkowKiuAzSvT0Ji1AxtAQpas9LbC9l9quLsVQH71PHPxa3ANAZck0ma-SMfVZP-8Pr8yHr7EekJ7mUP0KtKPDze10vL2qupRtx8ZT00bxS6-ghPfOqW9R32Y_ey5DhBhNSf6SrZ6YpgpD-UdUrgBLGBEU40tNTabW_OEOPp2cpRAy3wbVjw8Ny8mAMzAvN6UZyQMsQ6FpxgkLYr73fnnxkRSB4lhTbcO1XQi6FuC674blWW_pOGo30VQnuLastb_aNJQ-pgXqoERg6ch96luZTY9Cuqen6fLEgvWKkmvwGCWI451JENVQJ_tvbo4P7aljy1p3FuTa3-fFjztS8hjrQyO23d7HB3oUxxvgUOa2BhgPe0cMbntTOkIbrbgqcAKkxzhS5pD1z3XtOIB8LqW10lm8oNs95TieDLXixz5APvyEeGCqtVNuGa1F_UbFlHQY_tvjnrxu98Ut7Rwt0XMtQN6YYW_zcGHsiZRQ_WjaYMmpk0C1aXpEJ-TIn0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 63AD 12 KB
5 KB 7ms
6ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 22 Oct 2021 14:42:02 GMT
expires: Sat, 22 Oct 2022 14:42:02 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 64273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DB1 783 B
535 B 59ms
27ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

ae797875e4ec6592e08cea7c258c1d64839430c47082a26aea02d2fd893ff889

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3iBPfhWkvVALyjjDiFLcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hi-news.ru/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Oct 2021 08:33:15 GMT
date: Sat, 23 Oct 2021 08:33:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3iBPfhWkvVALyjjDiFLcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 63AD 35 KB
35 KB 7ms
6ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 28888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DB1 0
0 23ms
23ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=777522290726696&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C70A 42 B
64 B 19ms
18ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYqLOpY62pA8jZnmoHqVSgGSCbgw1mmye6v5i1peHM3zk4GXlB6w5GDqcQGsazMw7X1mYiMnmMJvQ4T6Hfq-hFdQMjLSzFTcpvwcLdQxZk9GtixqQ&sai=AMfl-YTTQRAb8G5qsjjZY2QdCLi5AvtatJcufuR1JjJM3XI8YQM9tSvWRKy66OHXpsOZbnGFOt8HzonmRzF_&sig=Cg0ArKJSzJwExdYnDAKnEAE&cid=CAASBORorSo&id=lidar2&mcvt=1007&p=0,0,600,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2534352483&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634977994069&rpt=621&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=777522290726696&bg=!eHulez_NAAbUs_yW1LM7ACkAdvg8WiO6QyUUPk1CQ-jhESeeq_VxBHcUUVuHDMo7IzZk-QrkYFWOYAIAAADSUgAAAAloAQeZArFl6FMwT_s4vJKnx-0zDlPlwQ9c0fPgQIS2aP0NtmVEo7pb8xzfwc9hAzLfi6HQYZgutjp5gya4Q4JzFthTU8g-uP9vGh0DAg6BjZ6n17SWOwt7aAnsYLlVDoAQkICEXwveBcWbqVIIY3GS7kwQM8t_0G2sAFiHulUa0njt1jmvFcRU9COdCjQ6ERQahSrYUchlASZFs9q_cxltRzgviJxu7IhUygY7LbX0AAZp2NtAzr7meQxLnjOnuvDiHH0traIvSR_HAabq5V1KWSlwbYSNMobY8goKbG_lNMNI7vpiUgc5JCY0XpjU7A-uHyuZu19b7VIMavIHgOyplliL5U2v79bJPsxBrh0PVRnesN1ynCOWU5JuxPl-opiFHKa-BRE98pxK0-fjhIYbRtD9iCamH4cqh5h45A4THw2D4z5F9P4eh3bzg4H1PbPiZ1bGXTgJ8cMbktyeYeg0bR3rE2xUBfkYZCIM97J8BKkP2CErlJluG2D5WO0B2PSHPTjHoiuo3dqP6FLl605Km-gTxS-HvPk6wGmXnT-wEbmYFXnI6i8rPTELhE4y8PtlMGFUyu2zTT4glgyN0zMwdwv8pKBwgfpTPVisqgRl8N4bA8DzFknWA3ZN1e2K_rkAE8k7c8z5cxTd4WuP2tFLOwM-catVfqUiTa4gBY4F2qn2tBMEux2TeVeDs4RBy3D8-iyzBHMjFNWwXA2ZnGBO1qMPCzDdgOx7sCGRtNT8BEOvi346_ZEuBEcKmi2e-TNJNGQdQnlglkkUDnriU-Hi4yTeXM3vcI5JY_scDjrswk5cj-YIHB9dLImNnFkhpBX2RdVOA_sWdd0MxY-f1M4ReUlRSGGBuVV3eKB3EI0jWQx7uXncoh3OtBnveO1GRiq4_9H_9bGoQMcpIjwOUN2jDA5PsTPjOg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hi-news.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:33:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 06:54:32	Name: FTID Value: 1XSyZJ2omXeB1XSyZJ002LIQ
.yadro.ru/	1970-01-20 06:54:32	Name: VID Value: 1YbKd42KWN8B1XSyZJ002LOr
.hi-news.ru/	1970-01-20 15:40:49	Name: _ga_FRMSPF0MRW Value: GS1.1.1634977993.1.0.1634977993.60
.hi-news.ru/	1970-01-20 15:40:49	Name: _ga Value: GA1.1.1055965363.1634977994
.hi-news.ru/	1970-01-20 06:09:09	Name: tmr_lvid Value: 7df7ff9a37edf1be0907a228db88843d
.hi-news.ru/	1970-01-20 06:09:09	Name: tmr_lvidTS Value: 1634977993905
.hi-news.ru/	1970-01-20 06:55:13	Name: _ym_uid Value: 1634977994647009972
.hi-news.ru/	1970-01-20 06:55:13	Name: _ym_d Value: 1634977994
.mc.yandex.com/	1970-01-19 22:09:38	Name: sync_cookie_csrf Value: 1639931126fake
.mc.yandex.ru/	1970-01-19 22:09:38	Name: sync_cookie_csrf Value: 3402981262fake
.hi-news.ru/	1970-01-20 07:31:13	Name: __gads Value: ID=559e333e74e13479-2287ed90fcca00c2:T=1634977994:RT=1634977994:S=ALNI_MY-N7L5y_8EV5ay-Keff-VvZlkJBg
.hi-news.ru/	1970-01-19 22:10:49	Name: _ym_isad Value: 2
.yandex.com/	1970-01-20 06:55:13	Name: yandexuid Value: 5203543861634977994
.yandex.com/	1970-01-20 06:55:13	Name: yuidss Value: 5203543861634977994
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 157003911634977994
.yandex.com/	1970-01-23 13:45:37	Name: i Value: D58stifYNNgEUMeh2oQQgWHgCZu7XoYnZJ5XZfXLfRMLSjUmezcWMs6Rgea+ZHExJdtLIna9MyJlOmfWmULZaeZD4PE=
.yandex.com/	1970-01-20 06:55:13	Name: ymex Value: 1666513994.yrts.1634977994#1666513994.yrtsi.1634977994
.doubleclick.net/	1970-01-20 15:40:49	Name: IDE Value: AHWqTUm8Eg5Q-FSIexV3Xzzyx2-ABPAnltGLyfYC3lifiWYFgboMiZW9ah1WHP-EH6w
.casalemedia.com/	1970-01-20 00:19:13	Name: CMPS Value: 3210
.casalemedia.com/	1970-01-20 06:55:13	Name: CMID Value: YXPIyjiIOM0HudEFm7hGIgAA
.casalemedia.com/	1970-01-20 00:19:13	Name: CMPRO Value: 1189
.casalemedia.com/	1970-01-19 22:11:04	Name: CMST Value: YXPIymFzyMoA
.adnxs.com/	1970-01-20 00:19:13	Name: uuid2 Value: 2588925173885457517
.casalemedia.com/	1970-01-20 06:55:13	Name: CMRUM3 Value: 2d6173c8ca2760CAESEJRXZqb0AlHlpj2lRgOFEng
.adnxs.com/	1970-01-20 00:19:13	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Ksa#-O!]tbPl1M>e)ZlrFUfJ+tGXxo]B/#L4IhCt3S38[r`XhV4T(Lv)`dWq!pMbGrbpRzqF1`*bf4W)[4u5
.doubleclick.net/	1970-01-19 22:09:41	Name: DSID Value: NO_DATA
.hi-news.ru/	1970-01-20 06:09:09	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 06:56:40	Name: VID Value: 3-yEi00Ep_o500000W10H425:::0-0-0-68e218a:CAASEDfbAGRKmtP6bIBSvBxxXLEaYGxW8CoFf_7Xyh8iDmKxglYVdSnKOrk6q_gNxcRKvQlVdNwiL09yHbFuMoWk0xvU8GdWh7K3tO5JQoSA41dsFGWoT9GfU-_6H9qb92JqNmZ1fiUU3T-Awt3uICyZvic2oA
hi-news.ru/	1970-01-19 22:11:04	Name: tmr_detect Value: 0%7C1634977996505

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9435.7YRvpjNy5Vg5ehmbbbFkgaacodGSY0Zedij-9Qt4A61d98Tg410BM1jNKwHPU5ORuXic-cwSpQJ748fOV-E9aw%2C%2C.genRJlwv_T2LzKs6jVspOkTLACA%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
analytics.google.com
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hi-news.ru
ib.adnxs.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
static.cloudflareinsights.com
stats.g.doubleclick.net
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.16.95.65
104.26.12.91
142.250.181.228
142.250.184.226
142.250.185.104
142.250.185.134
142.250.185.98
142.250.186.34
142.250.186.46
142.250.186.66
142.250.74.193
172.217.16.130
185.33.221.14
2.18.234.21
217.69.133.145
74.125.133.155
88.212.201.204
93.158.134.119
06333bd28b3b3ea3c6a4ddc2f38256a830793d9692a6862733b09472e5483bfc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0f9fdf7b191bf7a812f991dce06d93db5067cd9b565bb201a8316ef9e88f7984
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c43f4a7a14cd83b55df02c237ce4647ffa3fb54663221483cd8e45f72d52f1
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dfb9684c99b662ecb4df0def9e07a3f61535e2ff3996c40ef53ff00d94db8ec
1f15dc13ebdca8972b7eeb648108b804feb40f890ae25cc14cf5a3b1379726a3
1fa295e07559d8bbf4c0433b57e0d4db174168c8a5698ebdac0a2811215470d3
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
233ab2aa8832cdb0b32f6716bfb942f79b52e99fc093e459ccc32f4d7d4cf4c3
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2841f5750e49f074b3159b062d5bfa50947050037f8f96b99caff1f6f8aeaadb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7c9352bd8e553ba535a3797580da3e2e5871f8d292785a234db26a5b85a7e5
38e8d703d9fea369c9d723cde9d0ad87c1c69456df97c889f37c043b46ec7118
3a070f724a5d3b9b5f73c6e9d719fa11b5e4c5233d5aa4c3fcd7cf2c108c7e23
4268d3ecfbb7fd48a4261b47fe37a1970d2eed81843c7281580c88379a8e41dd
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e7d8a3a8848936103d5a30f4851b0a78fa085018c0e4c6635317e6d8301ab55
4f4ad3f0c519dc7701f2a5d01dd33e2e40519092c514fee6325fd20b1093f526
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5177f8038e6aa6e1bc4cc67e2866a785d4ef76c371b4ef938da48272589e9c39
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
53a1a376ec0f481d043f4451c9ef6e2ecb3870e4c083c61179faab483431cd59
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ac4b10695e881023cd2af22d16152ef046ea3b1916c2cc8c5e39e6995a92978
5c3fb2fb8db60ec77fbb580e20136ad62e4ae84bda97287bb1f763e882785eb7
62a3a5c3522634ec70946cfb765afa4e42d172fdcfd1915f8054a6743eab48f6
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
6694c4d07b11186cf40aa50f059900cff02807f5a22c84bccbdee7df936d88e7
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6ba48aad9be64a883bb5e2ef85c0f3514e7446b5d24722b9157d9fe310c81e82
6f801ee724cfcd5e399db054623dd4119f8c281a06efac62f8d10231416fe208
7542d82a1aae6f4db94576e65bc6283df7b5ecabb130d8c5c476eafb52168bbf
7f616d19ad4fa5f228a2455d0ab62f9124f125cda747bc2145a23bdaa36e9812
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a17006736daeaf7556e18e32f05e395ac0119d36f9747fbe09ea95a35956a8f
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
98767c2fa30917a87f1b3dcca23c1ea709c6e1395eb423a696567003c6e631dd
9aee4518f7e22707e0b75a222dd64ecab927663e03cac069380e979b41791ccd
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab4e6fe5a2bba3578b41867f75799ad20ab9318248ee60ea4bc1b5fb729659e7
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ae797875e4ec6592e08cea7c258c1d64839430c47082a26aea02d2fd893ff889
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5621a58bce3a4bb2dc6c2ea34a8e97041906af21ae226c2d2cec126eb311a8e
b90c7ccdd3bb883f54f00b6e136ecb1e9217fa2fbb693dec9eb5eaa00ceba2cc
c58a536449e605e0eab411523d7123cf868146534c40d7f106161146e83a6cc1
c6a4d8f73399e915b1c7631f266760918f2a72d155f6611b9539d08ff6a1559b
cb1514958fedd7a980065957f42bf6bbfe2e0c634f4d7b01ee57aa6053ae8b39
d9cf74bf535bfcf4c63700fffd55cdfa82a473655250405fa941db9ac5aacf0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aabcd06c7848ed5f498db0a0aa7d397a24d9fc2b39fece1d611979cb897b77
eb9aef5a0b9b9dd1457fa6b18a23c599abf1b88e8010bee7bff24b07ae17e6dd
ebb6c50992019ed0e29188c85492a31dbed2c4421a9a7b5da720a6d03b88ddd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f85b1dd171a14f107500b801a8df8222811281cc5c59b78809a9b415a861f537

hi-news.ru Open in urlscan Pro 104.26.12.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

100 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

19 IPs

4 Countries

1537 kBTransfer

3279 kBSize

29 Cookies

6 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hi-news.ru Open in urlscan Pro
104.26.12.91 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

19
IPs

4
Countries

1537 kB
Transfer

3279 kB
Size

29
Cookies

119 HTTP transactions
4 data transactions