www.newsru.com Open in urlscan Pro
217.160.242.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://newsru.com/
Effective URL:
https://www.newsru.com/
Submission Tags: falconsandbox
Submission: On November 16 via api (November 16th 2021, 4:00:05 am UTC) from US — Scanned from DE

Summary HTTP 225 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 31 domains to perform 225 HTTP transactions. The main IP is 217.160.242.25, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is www.newsru.com.
TLS certificate: Issued by R3 on November 14th 2021. Valid for: 3 months.

This is the only time www.newsru.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	217.160.242.25 217.160.242.25	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	195.201.108.196 195.201.108.196	24940 (HETZNER-AS) (HETZNER-AS)
3	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
1	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 33	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 5	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	159.69.36.219 159.69.36.219	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3 15	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
1	195.201.152.107 195.201.152.107	24940 (HETZNER-AS) (HETZNER-AS)
7	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
7	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
1 18	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
10	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
2	2a02:6b8::2:158 2a02:6b8::2:158	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3 10	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.87.177 18.197.87.177	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2 3	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
225	43

35 217.160.242.25 (Germany) 1 redirects

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

newsru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.newsru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.newsru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.newsru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.108.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.108.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.69.133.145 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 159.69.36.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.36.69.159.clients.your-server.de

fonts.w.tools	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.107 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.107.152.201.195.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 77.88.21.179 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::2:158 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

banners.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.87.177 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-87-177.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com 0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com	378 KB
35	newsru.com 1 redirects newsru.com www.newsru.com static.newsru.com image.newsru.com	814 KB
23	doubleclick.net 2 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	315 KB
15	google.com 3 redirects fundingchoicesmessages.google.com adservice.google.com www.google.com	13 KB
15	yandex.ru 1 redirects yandex.ru mc.yandex.ru matchid.adfox.yandex.ru an.yandex.ru ysa-static.passport.yandex.ru	282 KB
13	adfox.ru ads.adfox.ru banners.adfox.ru	11 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	254 KB
12	yandex.com 2 redirects mc.yandex.com	4 KB
10	yandex.net avatars.mds.yandex.net	57 KB
10	google.de adservice.google.de www.google.de	2 KB
7	yastatic.net yastatic.net	216 KB
7	w.tools fonts.w.tools	77 KB
6	mail.ru 1 redirects top-fwz1.mail.ru ad.mail.ru	16 KB
5	googletagservices.com www.googletagservices.com	162 KB
5	googleadservices.com 2 redirects partner.googleadservices.com www.googleadservices.com	16 KB
5	criteo.com 1 redirects gum.criteo.com bidder.criteo.com mug.criteo.com	7 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com	121 KB
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	rambler.ru kraken.rambler.ru	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	otm-r.com sync.dmp.otm-r.com yhb.p.otm-r.com	321 B
2	criteo.net static.criteo.net	76 KB
1	travelaudience.com 1 redirects ads.travelaudience.com	521 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	mathtag.com 1 redirects sync.mathtag.com	861 B
1	quantserve.com cms.quantserve.com	464 B
1	betweendigital.com ads.betweendigital.com	919 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	208 B
1	top100.ru st.top100.ru	63 KB
1	unblockia.com cdn.unblockia.com	22 KB
225	31

	Domain	Requested by
21	image.newsru.com	www.newsru.com
18	tpc.googlesyndication.com	1 redirects www.newsru.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
17	pagead2.googlesyndication.com	www.newsru.com pagead2.googlesyndication.com cdn.unblockia.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
12	mc.yandex.com	2 redirects www.newsru.com mc.yandex.ru
12	static.newsru.com	www.newsru.com static.newsru.com
11	ads.adfox.ru	yandex.ru www.newsru.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.googleadservices.com
10	www.google.com	3 redirects 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com tpc.googlesyndication.com
10	avatars.mds.yandex.net	www.newsru.com
7	an.yandex.ru	yandex.ru
7	yastatic.net	yandex.ru www.newsru.com yastatic.net
7	fonts.w.tools	static.newsru.com fonts.w.tools
6	www.google.de
6	cm.g.doubleclick.net	387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.newsru.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	googleads.g.doubleclick.net yandex.ru securepubads.g.doubleclick.net 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
5	top-fwz1.mail.ru	1 redirects www.newsru.com top-fwz1.mail.ru
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	www.googleadservices.com	2 redirects yastatic.net
3	encrypted-tbn0.gstatic.com
3	mc.yandex.ru	1 redirects www.newsru.com yastatic.net
3	yandex.ru	www.newsru.com yastatic.net
2	encrypted-tbn3.gstatic.com
2	tracking.m6r.eu	2 redirects
2	pm.w55c.net	2 redirects
2	387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	fonts.googleapis.com	tpc.googlesyndication.com 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
2	banners.adfox.ru	www.newsru.com
2	kraken.rambler.ru	st.top100.ru www.newsru.com
2	bidder.criteo.com	static.criteo.net
2	partner.googleadservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	www.google-analytics.com	www.newsru.com www.google-analytics.com
2	static.criteo.net	www.newsru.com
1	encrypted-tbn1.gstatic.com
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
1	www.gstatic.com	387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
1	ysa-static.passport.yandex.ru
1	0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mug.criteo.com	gum.criteo.com
1	yhb.p.otm-r.com	yandex.ru
1	ads.betweendigital.com	yandex.ru
1	adfox-c2s-ams.creativecdn.com	yandex.ru
1	ad.mail.ru	yandex.ru
1	matchid.adfox.yandex.ru	yandex.ru
1	st.top100.ru	www.newsru.com
1	fundingchoicesmessages.google.com	static.newsru.com
1	ajax.googleapis.com	www.newsru.com
1	cdn.unblockia.com	www.newsru.com
1	sync.dmp.otm-r.com	www.newsru.com
1	www.newsru.com
1	newsru.com	1 redirects
225	57

This site contains links to these domains. Also see Links.

Domain
txt.newsru.com
classic.newsru.com
www.facebook.com
www.inopressa.ru
www.meddaily.ru
ads.adfox.ru
top.mail.ru
top100.rambler.ru
creativecommons.org
palm.newsru.com

Subject Issuer	Validity	Valid
*.newsru.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
fonts.w.tools R3	`2021-09-03` - `2021-12-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-15` - `2022-02-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-06` - `2022-02-16`	2 years	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.adfox.ru Yandex CA	`2021-07-27` - `2022-01-06`	5 months	crt.sh
*.rambler.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-20` - `2022-05-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
s3.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.newsru.com/
Frame ID: D3D8CE2DDFBE931F3F703639BAC08930
Requests: 124 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsru.com
Frame ID: D33B591FFFD0B3AC92025004CFCEABD0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&h=120&slotname=newsru_new%2Fnewsru_new_1200x120_1-2020&adk=3007135905&adf=3028023672&pi=t.ma~as.newsru_new%2Fnewsru_n_&w=1200&lmt=1637035197&url=https%3A%2F%2Fwww.newsru.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035197202&bpp=21&bdt=213&idt=138&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&abxe=1&correlator=5374044276684&frm=20&pv=2&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1zTuk6epZf&p=https%3A//www.newsru.com&dtd=226
Frame ID: F8C2AD3FFD7D09F3671197188697C251
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html
Frame ID: F8E7A91A43EE85F92E6034A5AA6B0F54
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js
Frame ID: 47582C04975B9B6E6BF4FF0E77A66D6D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 814583F1326766958D1AAE366EE52340
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: C3C791D2C7450C87B0CEE3271AF3C338
Requests: 8 HTTP requests in this frame

Frame: https://0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: FD4C04BE44A77FD1E136CB7F273E70D1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B4D01B42E73653BA4005794F5EA834F0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 6CCF60DF973411107134A40C0AD18417
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&adk=1812271804&adf=3025194257&lmt=1637035198&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newsru.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035198602&bpp=1&bdt=1613&idt=1&shv=r20211111&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2df11298d19732ee-22af7fc6b7cb004d%3AT%3D1637035197%3ART%3D1637035197%3AS%3DALNI_MYMD8kJ4iAweU0-T1DSRjcrt44pCA&prev_slotnames=newsru_new%2Fnewsru_new_1200x120_1-2020&nras=1&correlator=5374044276684&frm=20&pv=1&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&tmod=1735686786&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=24
Frame ID: 9182A23B9419913F0F4FCDB9AFFD1265
Requests: 1 HTTP requests in this frame

Frame: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 49E3B54D1B87D923B7C3A7FAC6AF410C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXudTsP_h4NbIGcqia34Ty0kIfy0AGQjbsuYk8_mvVej44buPKslCRTB7ajZ1ILKsvm_kZ7WSZz4apRJg7LFpfUpyAVaYkMCFtnhKxrGn8SdUcQJMV0A9V5BPIsiM-k2dZA7RhwhQEcBOoqAiVeUr1T4_MjtCnazsy525H-yYGcAb4UQjp__nL_l1Nu0Yad3HX9uKz17f_aS57yyYAVnZhxNL1NtpKl6OvXc5PdLeykHTOg_lEqTaPWRQQlUwdhQnQaYCZfUcZwrdiCX41BNzW59lfuIRBlybXQ0j4BoHt94XhgQU_T_z6WkTYoce22ClfOKBHCmvQ0kx6KlodVKg&sig=Cg0ArKJSzAf6OTbigb_BEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6BAF8C53C27E75BF071941D14CC55362
Requests: 5 HTTP requests in this frame

Frame: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6BE4CD744421BD26B82036805558AADC
Requests: 20 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 8345D9EF72819727ADC6FE8877F4139E
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FDFD0A32021C84A74E60BBE840F564BC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EADE600E3A017E0EE23D3FB78BDD8C6E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 440726B3F51824E45742849E7168F145
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7CDA6CB74ACB60B65E30079DB6B3C67A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D828FA575D3317A7C4F0CA0C6250A12
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEWSru.com :: Самые быстрые новости. Фото и видео дня. Лента новостей в России и в мире

Page URL History Show full URLs

http://newsru.com/ HTTP 301
https://www.newsru.com/ Page URL

Page Statistics

225
Requests

92 %
HTTPS

60 %
IPv6

31
Domains

57
Subdomains

43
IPs

8
Countries

2924 kB
Transfer

6842 kB
Size

58
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://txt.newsru.com/
Title: Текстоваяверсия

Search URL Search Domain Scan URL

URL: http://classic.newsru.com/
Title: Классическаяверсия

Search URL Search Domain Scan URL

URL: https://www.facebook.com/newsrucom

Search URL Search Domain Scan URL

URL: http://www.inopressa.ru/
Title: ИНОПРЕССА

Search URL Search Domain Scan URL

URL: http://www.meddaily.ru/
Title: МЕДИЦИНА

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/242477/goLink?ad-session-id=3979701637035197501&hash=643567dab868d2ed&sj=3ukW7RrPd1BMOLRJLfG6AOCgcw9QrcnHi9vnuVN7-YREYb57trrRar24CzE3&rand=mscofrg&rqs=vhBAHNV5mwG-LJNhL4_7q_Pg9wTVSy4a&pr=ddhdpuo&p1=cpgpt&ytt=313910569863189&p5=kdham&ybv=0.48699&p2=gkow&ylv=0.48699

Search URL Search Domain Scan URL

URL: https://ads.adfox.ru/242477/clickURL?ad-session-id=3979701637035197501&hash=d4891af85ab8b01e&sj=uXHCgHsuGPIiTG5Kv6kgYyYF439e5MOIbZgfgh-IX8WedJacKPnDZ62FsbcvFg%3D%3D&rand=ndpjag&rqs=vrjPWvH38z2-LJNhaeXV05YeJYxHk80C&pr=ddhdpuo&p1=cextl&ytt=313910569863189&p5=jpmby&ybv=0.48699&p2=gkou&ylv=0.48699&pf=https%3A%2F%2Fwww.hospicefund.ru%2F

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=91013

Search URL Search Domain Scan URL

URL: https://top100.rambler.ru/home?id=395113

Search URL Search Domain Scan URL

URL: https://creativecommons.org/licenses/by/4.0/deed.ru
Title: Creative Commons Attribution 4.0 International

Search URL Search Domain Scan URL

URL: http://palm.newsru.com/
Title: Palm / PDA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://newsru.com/ HTTP 301
https://www.newsru.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://top-fwz1.mail.ru/counter?id=91013;t=418;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=91013;t=418;l=1

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsru.com&sn=ChromeSyncframe&so=0&topUrl=www.newsru.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=CQ3v73xkSkpzSVZoelRPTGRwbnp1VGZydUxZY3VyanpZV2pVMzJqZytSTVBnZjUyVGZybUl2bWpDRUJIYUJ4MGFrWmRnSSsycjBvS1hja2NmKzZSRVJzeFQ0MnYxVTlwM1JDb1pUZkhlQS9UZ3NGK08vQWVxMmJkSjVmMDFaTUdIT0xzeHZCUUlNS25sY0Q3WmRKUHJYaHcwSlNEYlpMNVdhT3RGMGdJa1NBczFuMTI1UDRTSVdTbFkzVUtWMjk5RzhrQmRXVG8rcStoelBjTzQwTVprczJ6VXoyNytJQkdtNHV0OWd6NlhTRFovckU4R2RqWmZuaUZLRFV6SmVlRitMQVl2QmNsR1F6aEdlNFpqWW9UWlVIanA3dz09fA&cppv=2

Request Chain 85

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9458.w7dquMt0OmKE1xTU-VoEFPcVO0KfK7xNRod6eC_X6LnCBDPoRIRDw4Wq4G_j-bPM.03ZwqAIY2hxIjUKvIq1WT3PGok4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9458.b988TOPOntvBGcqbb05zG6xRZtdgnrj42biuFKTYkrk6zCwOMjmxT3vWcpLHQeg9AvvD6I0rnxdX44zmvBOXgH9WI1Jenr3Afogi6fSgcPQ%2C.mRkQZuFcj4SwMDYRCDx0D-Xg3FM%2C

Request Chain 105

https://mc.yandex.com/watch/37289910?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A359928967292%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035958%3Aet%3A1637035198%3Ac%3A1%3Arn%3A995822800%3Arqn%3A1%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637035196761%3Ads%3A7%2C27%2C150%2C7%2C35%2C0%2C%2C301%2C5%2C%2C%2C%2C605%3Adsn%3A6%2C27%2C150%2C7%2C35%2C0%2C%2C302%2C5%2C%2C%2C%2C605%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035198%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/37289910/1?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A359928967292%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035958%3Aet%3A1637035198%3Ac%3A1%3Arn%3A995822800%3Arqn%3A1%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637035196761%3Ads%3A7%2C27%2C150%2C7%2C35%2C0%2C%2C301%2C5%2C%2C%2C%2C605%3Adsn%3A6%2C27%2C150%2C7%2C35%2C0%2C%2C302%2C5%2C%2C%2C%2C605%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035198%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr%2814%29ti%282%29

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 179

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma36Sw0z15opI-NCh99TnwlT4q6CJgHvH5E3ewkXvi_4lc2c3piBNGc HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma36Sw0z15opI-NCh99TnwlT4q6CJgHvH5E3ewkXvi_4lc2c3piBNGc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmJlRFZTMVQxTU1QRHg1&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma36Sw0z15opI-NCh99TnwlT4q6CJgHvH5E3ewkXvi_4lc2c3piBNGc

Request Chain 180

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJbBtzECabiJUEDiEF2F6PI&google_cver=1&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yjUGi_UrgMR2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yjUGi_UrgMR2w

Request Chain 181

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWrqwFbGZRHobDT6C2EpaE&google_cver=1&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECVw7MEZkvQhNLpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTAxMjY0MjExMzU4MzI0NQ%3D%3D&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECVw7MEZkvQhNLpw

Request Chain 182

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGG1WTSeHxLR4PVlTo4twnU&google_cver=1&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxbJFE7GSPRnNAE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fg3IVgRvQ36f24aCANT52w2&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxbJFE7GSPRnNAE

Request Chain 183

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEE-LBwcxzLrigWeEbsFnokE&google_cver=1&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLMG7fooTzMj7p4yMbYGo0 HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEE-LBwcxzLrigWeEbsFnokE&google_cver=1&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLMG7fooTzMj7p4yMbYGo0&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=VpHr-aomMrVP8-Y3ZjFdhQ&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLMG7fooTzMj7p4yMbYGo0

Request Chain 184

https://match.360yield.com/match/ebda?google_gid=CAESECPDhoduuJmW6kHgsjXAogA&google_cver=1&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECPDhoduuJmW6kHgsjXAogA&google_cver=1&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8

Request Chain 193

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
https://tpc.googlesyndication.com/simgad/14978601946328591918

Request Chain 212

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSyTYfm6I4aC-gbS34_IBg&random=1255246563&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928&ipr=y

Request Chain 213

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSyTYfC8I8yh-gbTn4WwCA&random=898128836&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871&ipr=y

225 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.newsru.com/
Redirect Chain

http://newsru.com/
https://www.newsru.com/

50 KB
11 KB

184ms
150ms

Document
text/html

217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.newsru.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx /

Resource Hash

98197447bcd8ffc1debcdb9f79dbaee594c977810c84d6c47dbbfe9a8caf53a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 16 Nov 2021 03:59:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 16 Nov 2021 03:59:56 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.newsru.com/

GET
H/1.1 200
OK desc.css
static.newsru.com/static/v3/css/ 82 KB
17 KB 61ms
14ms Stylesheet
text/css 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/css/desc.css?v=1
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 335904dd2766761950d0ef7b3a6f4df214ce63895b00f938b047c24ed14a5fdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 May 2021 17:04:14 GMT
Server: nginx
ETag: W/"60a3f38e-14632"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 66ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c

Request headers

Referer
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:26:01 GMT
server: nginx
etag: W/"6178c6c9-1d4e4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Nov 2021 03:59:57 GMT

GET
H2 204 aotm.js Show response
sync.dmp.otm-r.com/match/ 0
69 B 50ms
11ms Script
text/plain 195.201.108.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.108.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.108.201.195.clients.your-server.de
Software: nginx/1.15.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 16 Nov 2021 03:59:57 GMT
server: nginx/1.15.9

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 153 KB
39 KB 159ms
65ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7b2f026e4c5e9a5f0d7a55b24b621e2b21034474a72983a586f225c5d31476d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 2518535794
x-yandex-req-id: 1637035197281355-7561029639488913198-man1-8092-man-l7-balancer-8080-BAL-6082
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 16 Nov 2021 04:59:57 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 302 KB
81 KB 195ms
120ms Script
text/javascript 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

41d3f47283ac14c7d3ee7ea89e137ae84f688f4c336f4678650aa9e872914dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
etag: 1125393329
x-yandex-req-id: 1637035197281791-10687904691390376705-man1-8092-man-l7-balancer-8080-BAL-852
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 16 Nov 2021 04:59:57 GMT

GET
H/1.1 200
OK gogl_detector.js Show response
static.newsru.com/v2/js/ 9 KB
5 KB 55ms
10ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/v2/js/gogl_detector.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 59f53ebf6af9f60f8548541996f1729818ed5fd00c9ea408f2597b33ae8b419e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Aug 2020 13:28:40 GMT
Server: nginx
ETag: W/"5f451208-25ff"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK bowser.min.js Show response
static.newsru.com/static/v3/js/ 7 KB
3 KB 56ms
11ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/bowser.min.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 8d93d0dbfe10ef16d2fa89eb4fc32a6bfffaa583d974b77efd08c9a3d5ea0192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 11:15:42 GMT
Server: nginx
ETag: W/"5fb5025e-1d4b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK jquery.min.js Show response
static.newsru.com/static/v3/js/ 87 KB
32 KB 66ms
20ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/jquery.min.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Dec 2020 21:59:41 GMT
Server: nginx
ETag: W/"5fde77cd-15d84"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK lazyloadxt.js Show response
static.newsru.com/static/v3/js/lazy/ 9 KB
3 KB 58ms
11ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/lazy/lazyloadxt.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: ac193a8ad99066fbac8f33d943f167d822059b72653fa78a3dc7c28c77efe89a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 11:11:56 GMT
Server: nginx
ETag: W/"5fb5017c-254e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK selection.js Show response
static.newsru.com/static/v3/js/ 2 KB
1021 B 14ms
12ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/selection.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 4e2f223ada4cc02f25c26713c9ac6d273edbf7a6d1c96260cd9000a985d0cf10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Oct 2020 09:56:17 GMT
Server: nginx
ETag: W/"5f82d6c1-677"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK mistakes.js Show response
static.newsru.com/static/v3/js/ 4 KB
2 KB 13ms
9ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/mistakes.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: ce40412e953e9261742bc0f6b8aa2e6bb5c49ed67d1ac7e7fca943ba910497b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Oct 2020 09:56:42 GMT
Server: nginx
ETag: W/"5f82d6da-1058"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK gogl_detector.js Show response
static.newsru.com/static/v3/js/ 9 KB
5 KB 60ms
12ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/gogl_detector.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 59f53ebf6af9f60f8548541996f1729818ed5fd00c9ea408f2597b33ae8b419e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2020 11:13:27 GMT
Server: nginx
ETag: W/"5fb501d7-25ff"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2 200 h.js Show response
cdn.unblockia.com/ 120 KB
22 KB 81ms
27ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0a55f813f217cd31a84e2f5fa69bfb1e600c3270d789183fd56b61e4da30e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 16:18:32 GMT
server: cloudflare
age: 5741
etag: W/"426246f7c033204e8ccfe54388697e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOgr04dKfENxQjL4ApHYCPFzWzDJGOOWIuBn3gyxq8vfR5jLjy0ouaMaPNn7fClhjDEJlwTxoI%2FEvmXqTLvcmwhKh5KNdriBN12j0P8Xuh8p3t75X2%2FA7VWsSJ0TvmRO8GdVwjPzOlfC4g8QKPFv"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6aedcf3ec8475a19-MXP
x-amz-request-id: 4H3TBK57P31ZBJXV
x-amz-id-2: w6VIOmpVqPmP000+Tw2GhaH2Or+sITHYraO8HcAboHqfAcMyXakAHZkt2/v3akNaxUxoEYVn680=

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 112 KB
40 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421796b606a1de2413b4c712e20a430aeb1deb3a475f68c89a8a16021bf1ebb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40273
x-xss-protection: 0
server: cafe
etag: 2104942676023454666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK rucom_main.png
static.newsru.com/static/v3/img/misc/ 4 KB
4 KB 16ms
12ms Image
image/png 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.newsru.com/static/v3/img/misc/rucom_main.png
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: a7353c54f909300d55a6d3cc51dad2af6fc4cce0001481cdc306ae349153c27a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Wed, 18 Nov 2020 11:37:22 GMT
Server: nginx
ETag: "5fb50772-f14"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3860
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK dropdown.js Show response
static.newsru.com/static/v3/js/ 246 B
527 B 16ms
13ms Script
application/javascript 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.newsru.com/static/v3/js/dropdown.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 93a4470766ec0c83b26b14c2d0faba6f3b8fbe8fd630279acd669add74b9522d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2020 09:15:00 GMT
Server: nginx
ETag: W/"5fd33894-f6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK e919646cf6194779525fb6b212669e96.jpg
image.newsru.com/v2/98/2001/11/e/ 8 KB
8 KB 39ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2001/11/e/e919646cf6194779525fb6b212669e96.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: c9c5e65a20fe5636dcce34272fd333e9eb5dea78a3200b2fb413a48e8c4a54c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 08:11:42 GMT
Server: nginx
ETag: "59f8303e-1f47"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8007
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 88960bd36b272dc842192b9829d72cc1.jpg
image.newsru.com/v2/98/2002/11/8/ 13 KB
13 KB 45ms
17ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2002/11/8/88960bd36b272dc842192b9829d72cc1.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 3e59e504a78595e9beb50f39e664ba3ecc625c6a74c1d59a98af47db8502dbaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 08:21:19 GMT
Server: nginx
ETag: "59f8327f-32c1"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12993
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 20b34aca118e2921cdaa4f5523bd061a.jpg
image.newsru.com/v2/98/2003/11/2/ 7 KB
7 KB 32ms
10ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2003/11/2/20b34aca118e2921cdaa4f5523bd061a.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 48b4c9a1763e10d48bda0e907232402875cec788f19c8149acdb67661205621b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 08:30:23 GMT
Server: nginx
ETag: "59f8349f-1c09"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7177
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 36a37dbc4fb013bb8225a0dfa369f237.jpg
image.newsru.com/v2/98/2004/11/3/ 13 KB
13 KB 36ms
13ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2004/11/3/36a37dbc4fb013bb8225a0dfa369f237.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: b2e558bcfab549d25df285021ce7f148cc287fdd946e47d866e2ac5fe8e53a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 08:39:57 GMT
Server: nginx
ETag: "59f836dd-346d"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13421
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK a4f72418c3aae34dfeb09ce6af4265c0.jpg
image.newsru.com/v2/98/2005/11/a/ 50 KB
50 KB 37ms
15ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2005/11/a/a4f72418c3aae34dfeb09ce6af4265c0.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 66f0d7e75191d5127e9183db724715525918e63eceff43f13805de611d0e3bc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 08:49:56 GMT
Server: nginx
ETag: "59f83934-c644"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50756
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 2a1eaa39795265a66f07c2f7e3ce8e1d.jpg
image.newsru.com/v2/98/2006/11/2/ 11 KB
12 KB 33ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2006/11/2/2a1eaa39795265a66f07c2f7e3ce8e1d.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 0dcc43e44942bc047fed5ca6063c11ddeec9a20fa8692af37ea76c0f2e537c24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:00:04 GMT
Server: nginx
ETag: "59f83b94-2d96"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11670
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 55abb223831b06167d53fc82e3ada14d.jpg
image.newsru.com/v2/98/2007/11/5/ 11 KB
11 KB 16ms
13ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2007/11/5/55abb223831b06167d53fc82e3ada14d.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 41dc37fef20ba677e22abd21b320e5fd3386f0aef9bfde0d47bd30ba854c7d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:11:45 GMT
Server: nginx
ETag: "59f83e51-2c7b"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11387
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK e7d04879cf9359da0106ed476f1eac98.jpg
image.newsru.com/v2/98/2008/11/e/ 29 KB
29 KB 12ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2008/11/e/e7d04879cf9359da0106ed476f1eac98.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 93c3e40d417ed74b60d65d209ba8d32fcd8d049cfe4c1ca1171e7bd9f9cb6b07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:21:54 GMT
Server: nginx
ETag: "59f840b2-7206"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29190
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK b5534021aa8e02249b0824fe78260886.jpg
image.newsru.com/v2/98/2009/11/b/ 14 KB
14 KB 13ms
13ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2009/11/b/b5534021aa8e02249b0824fe78260886.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 63ad6ebd649aeb766f1089106e21d8bbc606b6a7b26303e758a4c6e3f2475b38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:33:26 GMT
Server: nginx
ETag: "59f84366-389e"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14494
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK ef3ab072b1648d869d2f0b30b161624f.jpg
image.newsru.com/v2/98/2010/11/e/ 12 KB
13 KB 12ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2010/11/e/ef3ab072b1648d869d2f0b30b161624f.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 8d8ec99e4aa749b8aefbbeee1c1432688074d13d004bd509a8ea8c3be8a3c9c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:44:01 GMT
Server: nginx
ETag: "59f845e1-30fc"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12540
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 2de950c0fbf236a2a3e3f61529e1bb42.jpg
image.newsru.com/v2/98/2011/11/2/ 21 KB
22 KB 11ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2011/11/2/2de950c0fbf236a2a3e3f61529e1bb42.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: e5055b0b855794db7f5d9a061d21d6fcbc9d48421fd33d81540d79baf522a7c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 09:54:54 GMT
Server: nginx
ETag: "59f8486e-54fc"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21756
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 6a3355d7fee09fe158b71d1c75207544.jpg
image.newsru.com/v2/98/2012/11/6/ 12 KB
12 KB 15ms
12ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2012/11/6/6a3355d7fee09fe158b71d1c75207544.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: ff312668f539bc638c88e9a2ef98c08c4e868217c9ba6e2a2e969631e08219aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 10:06:45 GMT
Server: nginx
ETag: "59f84b35-2e10"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11792
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 608b2c642ed82cef4db77d5a76fe9fbc.jpg
image.newsru.com/v2/98/2013/11/6/ 13 KB
13 KB 16ms
12ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2013/11/6/608b2c642ed82cef4db77d5a76fe9fbc.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 6950ecfeadc05f1f026d6b1f77ae5958538082bfa55061a4671757f62aec9b75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 10:18:28 GMT
Server: nginx
ETag: "59f84df4-3210"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12816
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK f23756bbd656469abcde6339a2e6ebfc.jpg
image.newsru.com/v2/98/2014/11/f/ 7 KB
7 KB 12ms
10ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2014/11/f/f23756bbd656469abcde6339a2e6ebfc.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 44e9c3b4343d0a2e4be10bde99c81dfeb30ea954b5dad157f26be7dd1945c1b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 10:31:04 GMT
Server: nginx
ETag: "59f850e8-1b8a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7050
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 3ea65e7ceb548e856b41775fb00ac680.jpg
image.newsru.com/v2/98/2015/11/3/ 24 KB
24 KB 13ms
12ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/98/2015/11/3/3ea65e7ceb548e856b41775fb00ac680.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 1e6531f2ac3b82aa0ac708b80bc8b9341b47e2d05967370db5f36e40706ee730

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Tue, 31 Oct 2017 10:42:01 GMT
Server: nginx
ETag: "59f85379-601c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24604
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 7a124eed5e9e8cce478f4baec86d4aa3.jpg
image.newsru.com/v2/99/2016/11/7/ 245 KB
245 KB 12ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/99/2016/11/7/7a124eed5e9e8cce478f4baec86d4aa3.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 1ba407465532ef504d9b345519d197320d91d450fd146c273c73d1ae331fef6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Wed, 16 Nov 2016 15:50:00 GMT
Server: nginx
ETag: "582c8028-3d409"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 250889
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 2b67fe32499e7877969c52bd7fe4b9f0.jpg
image.newsru.com/v2/99/2017/11/2/ 63 KB
64 KB 12ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/99/2017/11/2/2b67fe32499e7877969c52bd7fe4b9f0.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 66e4d99a41dfacc4d330782e70424d912233da06fa1dad1930c48dfef4ef839d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Thu, 16 Nov 2017 20:03:14 GMT
Server: nginx
ETag: "5a0def02-fd9c"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 64924
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 200
OK 60eef239be4d5539b61410133540a520.jpg
image.newsru.com/v2/99/2018/11/6/ 101 KB
102 KB 15ms
14ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/99/2018/11/6/60eef239be4d5539b61410133540a520.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: f4ffb8b1949b060bf5bd0ff48a853ee056f096fd92f9d03143122eedba88fe6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Thu, 10 Oct 2019 19:00:40 GMT
Server: nginx
ETag: "5d9f7fd8-194e4"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103652
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H/1.1 404
Not Found 994ba893b7571b2f8f79425a7c45ffa7.jpg
image.newsru.com/v2/99/2019/11/9/ 0
0 12ms
10ms Image
text/html 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/99/2019/11/9/994ba893b7571b2f8f79425a7c45ffa7.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK ef4a1cf32b57004254c3384468d1b5cb.jpg
image.newsru.com/v2/99/2020/11/e/ 53 KB
53 KB 13ms
11ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/99/2020/11/e/ef4a1cf32b57004254c3384468d1b5cb.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 8b8577d5b368641279ea781029572045be6ff7b7b167810ba709c4c9ba63cadd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Mon, 16 Nov 2020 17:33:31 GMT
Server: nginx
ETag: "5fb2b7eb-d2db"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53979
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=91013;t=418;l=1
https://top-fwz1.mail.ru/counter2?id=91013;t=418;l=1

1 KB
2 KB

47ms
47ms

Image
image/gif

217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=91013;t=418;l=1

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

53be8cda4f795c9e5cee704e099aba470f8bff79ee00db111f505fa550e6276e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1386
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Tue, 16 Nov 2021 03:59:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=91013;t=418;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 02:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Thu, 10 Nov 2022 02:31:03 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 70ms
29ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:26:01 GMT
server: nginx
etag: W/"6178c6c9-1d4e4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 17 Nov 2021 03:59:57 GMT

GET
H2 200 css
fonts.w.tools/ 6 KB
922 B 77ms
25ms Stylesheet
text/css 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Requested by: Host: static.newsru.com
URL: https://static.newsru.com/static/v3/css/desc.css?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: ab5595cfaeed7d39ee807a6bf26dc9c55a2e94f5c44062ac8fcb8a39096d3af4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 07:39:14 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 07:39:14 GMT
age: 1887642
vary: accept-encoding,user-agent,wsr-https
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 698 (239)
content-length: 628
expires: Tue, 25 Oct 2022 19:54:16 GMT

GET
H2 200 AGSKWxXAvrAgQHq91HB6-n7m9Ydzg1-xGSCHKsVhBtAa1-G_m4RIUYxbI6y_Ms7egHhWHXZjWKKBPP4XOsh5QOhwOVA= Show response
fundingchoicesmessages.google.com/f/ 21 KB
9 KB 55ms
25ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXAvrAgQHq91HB6-n7m9Ydzg1-xGSCHKsVhBtAa1-G_m4RIUYxbI6y_Ms7egHhWHXZjWKKBPP4XOsh5QOhwOVA=

Requested by

Host: static.newsru.com
URL: https://static.newsru.com/v2/js/gogl_detector.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbbfdffbd103aaee59dde01d8f48523c98b0896a459f96ea0ebbf686afd7989e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H4Q3tc/4Mr1LHgMDZw0HLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-H4Q3tc/4Mr1LHgMDZw0HLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H4Q3tc/4Mr1LHgMDZw0HLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-H4Q3tc/4Mr1LHgMDZw0HLA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 184ms
85ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: br
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-101bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65980
expires: Tue, 16 Nov 2021 04:59:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 7131
date: Tue, 16 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 16 Nov 2021 04:01:06 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 162ms
87ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 15 Jul 2021 18:35:46 GMT
server: nginx
etag: W/"60f08002-64db"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Tue, 16 Nov 2021 04:59:57 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/ 267 KB
96 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2861464200338808&plah=www.newsru.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc8ca689a6a09147cef09399738442d3375f1f4eb83b884b808ff80ff6ba803b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98319
x-xss-protection: 0
server: cafe
etag: 8040590763250775233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 03:59:57 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.w.tools/s/roboto/v27/ 15 KB
16 KB 39ms
17ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 00:43:45 GMT
last-modified: Tue, 16 Nov 2021 00:43:45 GMT
age: 11771
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 1 (235)
content-length: 15688
expires: Wed, 16 Nov 2022 02:45:21 GMT

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bebade447042fc47342aa32011abbbac142ef6f525a791a3f2c2048f8a9847d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 473 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bdac7059f976c5ae07237845b35407b7dfd7fc6ca3a63e17426b8b8a6973b12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 493fdc95a3d3027dbf75c9d1c5cb276797726bae63501b35fd65f1f339eed07e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 621 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00bfe3ef6a07fbe78df9b045b6f0be57843bcc2424c8f9aca5e4bb626fe2f329

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9629f65f4dcd409ad3eb59455fc6ebc6b312684f91717b5714af5340bc2e169d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK map_dots.png
static.newsru.com/v2/img/misc/ 4 KB
5 KB 12ms
11ms Image
image/png 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.newsru.com/v2/img/misc/map_dots.png
Requested by: Host: static.newsru.com
URL: https://static.newsru.com/static/v3/css/desc.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 2195f4a709f89f9119d6e8ec79a7b67779ad280e04b56a803aec10c6897fa7cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.newsru.com/static/v3/css/desc.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Thu, 10 Oct 2019 18:56:41 GMT
Server: nginx
ETag: "5d9f7ee9-113f"
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4415
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.w.tools/s/roboto/v27/ 16 KB
16 KB 30ms
14ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 00:43:45 GMT
last-modified: Tue, 16 Nov 2021 00:43:45 GMT
age: 11771
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 3 (230)
content-length: 15920
expires: Wed, 16 Nov 2022 01:52:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.w.tools/s/roboto/v27/ 9 KB
10 KB 36ms
21ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: 8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:10:28 GMT
last-modified: Sat, 23 Oct 2021 00:10:28 GMT
age: 2087368
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 40 (215)
content-length: 9688
expires: Tue, 15 Nov 2022 18:28:25 GMT

GET
H/1.1 200
OK arrow_right.gif
static.newsru.com/v2/img/misc/ 75 B
375 B 12ms
11ms Image
image/gif 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.newsru.com/v2/img/misc/arrow_right.gif
Requested by: Host: static.newsru.com
URL: https://static.newsru.com/static/v3/css/desc.css?v=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: 7462830597ada422407b3831aeff810640ec94450b49e86ec902a91302ec9209

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.newsru.com/static/v3/css/desc.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Thu, 10 Oct 2019 18:56:41 GMT
Server: nginx
ETag: "5d9f7ee9-4b"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.w.tools/s/roboto/v27/ 15 KB
16 KB 17ms
15ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 00:43:45 GMT
last-modified: Tue, 16 Nov 2021 00:43:45 GMT
age: 11771
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 1 (218)
content-length: 15828
expires: Wed, 16 Nov 2022 02:45:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.w.tools/s/roboto/v27/ 10 KB
10 KB 13ms
8ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: 2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 17:30:01 GMT
last-modified: Mon, 15 Nov 2021 17:30:01 GMT
age: 37795
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 28 (231)
content-length: 9776
expires: Tue, 15 Nov 2022 17:30:01 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.w.tools/s/roboto/v27/ 9 KB
10 KB 19ms
13ms Font
font/woff2 159.69.36.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.w.tools/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by: Host: fonts.w.tools
URL: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.36.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.36.69.159.clients.your-server.de
Software: /
Resource Hash: 053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Request headers

Referer: https://fonts.w.tools/css?family=Roboto:400,500,600,700&subset=cyrillic-ext,latin-ext
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 19:45:01 GMT
last-modified: Mon, 15 Nov 2021 19:45:01 GMT
age: 29695
vary: accept-encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=6307200
accept-ranges: bytes
wsr-cache: HIT 26 (203)
content-length: 9544
expires: Tue, 15 Nov 2022 19:45:01 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 189 KB
63 KB 166ms
51ms Script
application/javascript 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 5d0aea97b090054846223242f0be691ac828271b85469f4905bbb0a7edd40fc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:35:19 GMT
server: nginx/1.19.4
etag: W/"618e3557-2f440"
vary: Accept-Encoding
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: max-age=3600
content-type: application/javascript
expires: Tue, 16 Nov 2021 04:59:57 GMT

GET
H/1.1 200
OK 29c6b8b9f25bcdc61b06f48144511540.jpg
image.newsru.com/v2/01/2019/11/2/ 14 KB
15 KB 10ms
10ms Image
image/jpeg 217.160.242.25
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.newsru.com/v2/01/2019/11/2/29c6b8b9f25bcdc61b06f48144511540.jpg
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.160.242.25 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: nginx /
Resource Hash: bacdde6723dfc88ec7d64af0a3bf9f37f95bc1d4e512632c59008f74783115de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:57 GMT
Last-Modified: Sat, 16 Nov 2019 17:03:17 GMT
Server: nginx
ETag: "5dd02bd5-38dd"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14557
Expires: Tue, 23 Nov 2021 03:59:57 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D33B 11 KB
5 KB 68ms
23ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsru.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1584
date: Tue, 16 Nov 2021 03:59:57 GMT
content-length: 4683

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 15ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1874280386&t=pageview&_s=1&dl=https%3A%2F%2Fwww.newsru.com%2F&ul=en-us&de=UTF-8&dt=NEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=510887710&gjid=1085664098&cid=2128953353.1637035197&tid=UA-86394340-1&_gid=1893193004.1637035197&_r=1&_slc=1&z=1650214901

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.newsru.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
634 B 54ms
16ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.newsru.com&callback=_gfp_s_&client=ca-pub-2861464200338808

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2861464200338808&plah=www.newsru.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e51efc5d5c9cc06f166a6007aa09484cdabce61f6abe77b58241ffb56d51a623

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 79ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newsru.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 54ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsru.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8C2 107 KB
36 KB 212ms
211ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&h=120&slotname=newsru_new%2Fnewsru_new_1200x120_1-2020&adk=3007135905&adf=3028023672&pi=t.ma~as.newsru_new%2Fnewsru_n_&w=1200&lmt=1637035197&url=https%3A%2F%2Fwww.newsru.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035197202&bpp=21&bdt=213&idt=138&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&abxe=1&correlator=5374044276684&frm=20&pv=2&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1zTuk6epZf&p=https%3A//www.newsru.com&dtd=226

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e02fd678cf4516c95bb08a297e1db02d886761a9bb47edabea147402b15c0991

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2ctqv_m_QCFc0R4AodEjMMww&gqi=vSyTYfmPGs7l-gbu7q3QDg&layout=/sadbundle/%24csp%253Der3%24/10448485923385175383/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ2ctqv_m_QCFc0R4AodEjMMww&gqi=vSyTYfmPGs7l-gbu7q3QDg&layout=/sadbundle/%24csp%253Der3%24/10448485923385175383/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Nov 2021 03:59:57 GMT
server: cafe
content-length: 36349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Nov 2021 03:59:57 GMT
cache-control: private

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
373 B 634ms
64ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

84e4fe46c91b108fda3b8850eeea33c0cb308b8cfcc2ff0bba7153b988169733

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsru.com
date: Tue, 16 Nov 2021 03:59:58 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
807 B 71ms
30ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=115&profileId=184&cb=24382067622
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 7957d9078fdea4b9d26f8c0bb8eecddedad256040d5ce0cd3dfe7fd721fc0a3e

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 16 Nov 2021 03:59:57 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsru.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 567

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
337 B 597ms
46ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 16 Nov 2021 03:59:58 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.newsru.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
208 B 52ms
16ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsru.com
date: Tue, 16 Nov 2021 03:59:57 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
919 B 604ms
49ms XHR
application/json 188.42.29.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsru.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
252 B 45ms
12ms XHR
text/plain 195.201.152.107
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.107 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.107.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.newsru.com
date: Tue, 16 Nov 2021 03:59:57 GMT
access-control-allow-credentials: true
server: nginx/1.17.6
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 22825c03f8d8ead9b92b.js Show response
yastatic.net/partner-code-bundles/48699/ 13 KB
5 KB 580ms
42ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/48699/22825c03f8d8ead9b92b.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c735f002d5ca3a939fac95c54503c53600064db550470e8c6ef305264cf1c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4460
last-modified: Fri, 12 Nov 2021 15:15:08 GMT
server: nginx/1.17.9
etag: "5ce53c8f9e2c69bcb353be6596e88c5c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2051 10:31:46 GMT

GET
H2 200 1aa9ff101c26202e51e3.js Show response
yastatic.net/partner-code-bundles/48699/ 80 KB
17 KB 610ms
72ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/48699/1aa9ff101c26202e51e3.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b0e30220f4900b9a3b8b81f3864d8d24c16b4dd40e0a1fcff862a191586f66c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17037
last-modified: Fri, 12 Nov 2021 15:15:08 GMT
server: nginx/1.17.9
etag: "878161e052df9e4175f8551eab4fce6f"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2051 10:31:46 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 657ms
121ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2051 10:35:57 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 12 KB
4 KB 625ms
110ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?dl=https%3A%2F%2Fwww.newsru.com%2F&date=2021-11-16T03%3A59%3A57.490%2B00%3A00&pd=16&pdh=1200&pdw=1600&pr1=1473112463&pr=965653690&prr=&pv=3&pw=2&extid_loader=&extid_tag_loader=www.newsru.com&ylv=0.48699&ybv=0.48699&ytt=313910569863189&is-turbo=0&skip-token=&ad-session-id=3979701637035197501&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A310%2C%22h%22%3A0%2C%22width%22%3A310%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1105%2C%22top%22%3A262%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=48699&availableWidth=310&availableHeight=0&p1=cpgpt&p2=gkow&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&grab-orig-len=196&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0d4e2c02c528be9ba1114144f169dc6e18245187a421473c21f5d919bca1cce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1637035198040646-768695775596289485185957-production-app-host-man-pcode-70
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 2 KB
1 KB 627ms
116ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?dl=https%3A%2F%2Fwww.newsru.com%2F&date=2021-11-16T03%3A59%3A57.505%2B00%3A00&pd=16&pdh=1200&pdw=1600&pr1=251421464&pr=965653690&prr=&pv=3&pw=2&extid_loader=&extid_tag_loader=www.newsru.com&ylv=0.48699&ybv=0.48699&ytt=313910569863189&is-turbo=0&skip-token=&ad-session-id=3979701637035197501&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A310%2C%22h%22%3A0%2C%22width%22%3A310%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1105%2C%22top%22%3A326%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=48699&availableWidth=310&availableHeight=0&p1=cextl&p2=gkou&slotNumber=3&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&grab-orig-len=196&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7a6f098788b4cfbdff0457fa0fa8757b3e632d3a6e1e89ee43ea916252c1eb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1637035198046140-302457549870273517127373-production-app-host-man-pcode-152
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 12 KB
3 KB 848ms
341ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?dl=https%3A%2F%2Fwww.newsru.com%2F&date=2021-11-16T03%3A59%3A57.508%2B00%3A00&pd=16&pdh=1200&pdw=1600&pr1=3999160790&pr=965653690&prr=&pv=3&pw=2&extid_loader=&extid_tag_loader=www.newsru.com&ylv=0.48699&ybv=0.48699&ytt=313910569863189&is-turbo=0&skip-token=&ad-session-id=3979701637035197501&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1250%2C%22h%22%3A120%2C%22width%22%3A1250%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A175%2C%22top%22%3A1994%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=48699&availableWidth=1250&availableHeight=120&p1=cettc&p2=y&slotNumber=4&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&grab-orig-len=196&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a9344b5d5fb934d29bc90564495dfa0907ccd03b9a3cd8e0bd8fdc86da376463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1637035198106146-1429233763569819006317224-production-app-host-vla-pcode-190
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 4 KB
2 KB 698ms
192ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?dl=https%3A%2F%2Fwww.newsru.com%2F&date=2021-11-16T03%3A59%3A57.510%2B00%3A00&pd=16&pdh=1200&pdw=1600&pr1=3035623055&pr=965653690&prr=&pv=3&pw=2&extid_loader=&extid_tag_loader=www.newsru.com&ylv=0.48699&ybv=0.48699&ytt=313910569863189&is-turbo=0&skip-token=&ad-session-id=3979701637035197501&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A120%2C%22h%22%3A0%2C%22width%22%3A120%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A235%2C%22top%22%3A2198%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A3%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=48699&availableWidth=120&availableHeight=0&p1=cfmxa&p2=gkeu&slotNumber=5&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&grab-orig-len=196&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

27dc9541b17e19e1649bba14d2706f8acec74bd8220509c29103804139bbf724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1637035198078998-840129576565896970162583-production-app-host-man-pcode-154
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 74f0657cf6f01edfe064.js Show response
yastatic.net/partner-code-bundles/48699/ 626 KB
127 KB 592ms
88ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/48699/74f0657cf6f01edfe064.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e674ac3c45837ccd54a61a9b14b1765e9afecccc9e073fa7e5c5593f569d77c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://www.newsru.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 128849
last-modified: Fri, 12 Nov 2021 15:15:08 GMT
server: nginx/1.17.9
etag: "bcc2244b458350a6c40910434bfd5428"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Nov 2051 10:31:46 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D33B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsru.com&sn=ChromeSyncframe&so=0&topUrl=www.newsru.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=CQ3v73xkSkpzSVZoelRPTGRwbnp1VGZydUxZY3VyanpZV2pVMzJqZytSTVBnZjUyVGZybUl2bWpDRUJIYUJ4MGFrWmRnSSsycjBvS1hja2NmKzZSRVJzeFQ0MnYxVTlwM1JDb1pUZkhlQS9UZ3NGK08vQWVxMmJkSjVmMD...

417 B
614 B

46ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CQ3v73xkSkpzSVZoelRPTGRwbnp1VGZydUxZY3VyanpZV2pVMzJqZytSTVBnZjUyVGZybUl2bWpDRUJIYUJ4MGFrWmRnSSsycjBvS1hja2NmKzZSRVJzeFQ0MnYxVTlwM1JDb1pUZkhlQS9UZ3NGK08vQWVxMmJkSjVmMDFaTUdIT0xzeHZCUUlNS25sY0Q3WmRKUHJYaHcwSlNEYlpMNVdhT3RGMGdJa1NBczFuMTI1UDRTSVdTbFkzVUtWMjk5RzhrQmRXVG8rcStoelBjTzQwTVprczJ6VXoyNytJQkdtNHV0OWd6NlhTRFovckU4R2RqWmZuaUZLRFV6SmVlRitMQVl2QmNsR1F6aEdlNFpqWW9UWlVIanA3dz09fA&cppv=2

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.newsru.com

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

736c0b56ca8074eac58e1db6bb3c7ede68d9bc2895c638fe6590445ef9c9e8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 16 Nov 2021 03:59:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3556
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 16 Nov 2021 03:59:57 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=CQ3v73xkSkpzSVZoelRPTGRwbnp1VGZydUxZY3VyanpZV2pVMzJqZytSTVBnZjUyVGZybUl2bWpDRUJIYUJ4MGFrWmRnSSsycjBvS1hja2NmKzZSRVJzeFQ0MnYxVTlwM1JDb1pUZkhlQS9UZ3NGK08vQWVxMmJkSjVmMDFaTUdIT0xzeHZCUUlNS25sY0Q3WmRKUHJYaHcwSlNEYlpMNVdhT3RGMGdJa1NBczFuMTI1UDRTSVdTbFkzVUtWMjk5RzhrQmRXVG8rcStoelBjTzQwTVprczJ6VXoyNytJQkdtNHV0OWd6NlhTRFovckU4R2RqWmZuaUZLRFV6SmVlRitMQVl2QmNsR1F6aEdlNFpqWW9UWlVIanA3dz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1759
content-length: 541
expires: 0

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
923 B 47ms
47ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=91013;u=https%3A//www.newsru.com/;st=1637035197290;title=NEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=a73a2d4a6f25b927;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.9//4g/0/0/;lvid=1637035198020%3A1637035198037%3A1%3A55c85b524a4b4300d3d59758048c132a;visible=true;_=0.5088800407405785

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.newsru.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.newsru.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.newsru.com
access-control-allow-headers: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
187 B 13ms
13ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.newsru.com
date: Tue, 16 Nov 2021 03:59:57 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 hb Show response
ads.adfox.ru/ 222 B
541 B 177ms
57ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

04e7e640212a5fbe2bb7b2df20fce16df86367854457c3cd9fca510ca9c067db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

POST
H2 200 hb Show response
ads.adfox.ru/ 220 B
215 B 183ms
63ms XHR
application/json 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/hb

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

b60a329d999b4dd94b4ba3e7796eb2b3cd2d3dd4846682ecb2907670932f2610

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9458.w7dquMt0OmKE1xTU-VoEFPcVO0KfK7xNRod6eC_X6LnCBDPoRIRDw4Wq4G_j-bPM.03ZwqAIY2hxIjUKvIq1WT3PGok4%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9458.b988TOPOntvBGcqbb05zG6xRZtdgnrj42biuFKTYkrk6zCwOMjmxT3vWcpLHQeg9AvvD6I0rnxdX44zmvBOXgH9WI1Jenr3Afogi6fSgcPQ%2C.mRkQZuFcj4SwMDYRCDx0D-Xg3FM%2C

43 B
334 B

46ms
45ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9458.b988TOPOntvBGcqbb05zG6xRZtdgnrj42biuFKTYkrk6zCwOMjmxT3vWcpLHQeg9AvvD6I0rnxdX44zmvBOXgH9WI1Jenr3Afogi6fSgcPQ%2C.mRkQZuFcj4SwMDYRCDx0D-Xg3FM%2C

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9458.b988TOPOntvBGcqbb05zG6xRZtdgnrj42biuFKTYkrk6zCwOMjmxT3vWcpLHQeg9AvvD6I0rnxdX44zmvBOXgH9WI1Jenr3Afogi6fSgcPQ%2C.mRkQZuFcj4SwMDYRCDx0D-Xg3FM%2C
date: Tue, 16 Nov 2021 03:59:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 userip Show response
kraken.rambler.ru/ 13 B
416 B 210ms
66ms XHR
text/plain 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: a9f2c9c29481bb0e9fb4113f9b42dd5bf0e32188d03714b5d4bd45d2c9eeab24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.newsru.com
date: Tue, 16 Nov 2021 03:59:58 GMT
x-srv: 0node0010.top100.rambler.tech
content-type: application/octet-stream, text/plain
content-length: 13
server: nginx/1.19.4
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Nov 2021 04:59:58 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/ Frame F8E7 127 KB
22 KB 64ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09100f419d1747ec30b591c5c7f5220497644f113b6319eaeb1c0f6421746ee8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Mon, 15 Nov 2021 01:47:03 GMT
expires: Tue, 15 Nov 2022 01:47:03 GMT
last-modified: Thu, 28 Oct 2021 12:11:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 21335
age: 94375
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 4758 19 KB
8 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&h=120&slotname=newsru_new%2Fnewsru_new_1200x120_1-2020&adk=3007135905&adf=3028023672&pi=t.ma~as.newsru_new%2Fnewsru_n_&w=1200&lmt=1637035197&url=https%3A%2F%2Fwww.newsru.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035197202&bpp=21&bdt=213&idt=138&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&abxe=1&correlator=5374044276684&frm=20&pv=2&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1zTuk6epZf&p=https%3A//www.newsru.com&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5655
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 02:25:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4758 2 KB
1 KB 61ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 03:51:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4758 119 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 4758 15 KB
6 KB 58ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 03:37:25 GMT

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2462621/210602_adfox_1642241_7f67f93ea93e38f3b9c5e35f36c7daa3_pressa_fon.png/ 4 KB
4 KB 118ms
37ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2462621/210602_adfox_1642241_7f67f93ea93e38f3b9c5e35f36c7daa3_pressa_fon.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: d4371c9e0ed4f0ebf4c5968a8e5be80350e8b9eab8035d180e8476ac01ce1fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.newsru.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Wed, 02 Jun 2021 21:06:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3712
x-request-id: 10826067f3e26a0e

GET
H2 200 Inoplashka1.png
banners.adfox.ru/160902/adfox/599843/ 9 KB
9 KB 214ms
83ms Image
image/png 2a02:6b8::2:158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/160902/adfox/599843/Inoplashka1.png
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 51453bb7e5c8843ec8a8f0c99a5bdcfd8f04a078e6669f4f42e6121e59edd45e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Wed, 08 Nov 2017 19:24:53 GMT
server: nginx
x-amz-request-id: 30cd810238eeb634
etag: "ba399fa41a50c98dcf6abc14c1861b49"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/png
access-control-allow-origin: *
content-length: 8775
accept-ranges: bytes
x-amz-version-id: null
x-nginx-request-id: 30cd810238eeb634

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2914398/211115_adfox_1078827_4627232_3.e74b89c7940e2c06ebb494c067e1cbd1.png/ 5 KB
6 KB 147ms
71ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2914398/211115_adfox_1078827_4627232_3.e74b89c7940e2c06ebb494c067e1cbd1.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 4820505ef4c6928975a37c04449d5306b7d22986f22cb2b2e26710a51a08650e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Mon, 15 Nov 2021 08:27:57 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 5346
x-request-id: e5f43930c984f4bf

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2788782/211115_adfox_1078827_4627232_6.28f0228716d16f3be52bf2a66559763b.png/ 4 KB
4 KB 114ms
38ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2788782/211115_adfox_1078827_4627232_6.28f0228716d16f3be52bf2a66559763b.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 964f53a38d323a4c0f99e7abec7691cfe6a6385647183eca2dc4a8c771560be1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Mon, 15 Nov 2021 08:27:57 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3684
x-request-id: 16e3ae500c441b01

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2367573/211115_adfox_1078827_4627232_9.6facf8938b9032795495b97e3be3b6d9.png/ 4 KB
4 KB 146ms
70ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2367573/211115_adfox_1078827_4627232_9.6facf8938b9032795495b97e3be3b6d9.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 24cb571cf74ba0bc1ef6383578e81591eabf6966bd611a21070619d3042ff900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Mon, 15 Nov 2021 08:53:06 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3664
x-request-id: 7ef803c20e415fd3

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2462621/211115_adfox_1078827_4627232_12.0945307f23e669e8b52e62baab2503db.png/ 3 KB
4 KB 144ms
69ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2462621/211115_adfox_1078827_4627232_12.0945307f23e669e8b52e62baab2503db.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 513c27d3f428f614a106036d5837fb4e4c9a5656b5c2bbafca9f38f4d039b7bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Mon, 15 Nov 2021 12:48:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 3526
x-request-id: 4e4abb46ae6b3409

GET
H2 200 optimize.webp
avatars.mds.yandex.net/get-adfox-content/2788782/210602_adfox_1051067_4384586.4c153b0fbc68a38e0bd6443118fc08b1.png/ 9 KB
9 KB 143ms
68ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-adfox-content/2788782/210602_adfox_1051067_4384586.4c153b0fbc68a38e0bd6443118fc08b1.png/optimize.webp
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 9238490ff59eebf4283786d469dcbf3ae51743fe0caae3d2479b935e54103818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Wed, 02 Jun 2021 19:34:47 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 8942
x-request-id: 11a87d5b7a75d5e4

GET
H2 200 close.gif
banners.adfox.ru/160617/adfox/584396/ 93 B
514 B 197ms
96ms Image
image/gif 2a02:6b8::2:158
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banners.adfox.ru/160617/adfox/584396/close.gif
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::2:158 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: e7766d8ec3c369696ca136be22e294b0819dc06a6840c3434fcab95e49aa5e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Wed, 08 Nov 2017 19:03:15 GMT
server: nginx
x-amz-request-id: 2f51db100321bece
etag: "5436bae353f821e296469e95650879d8"
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/gif
access-control-allow-origin: *
content-length: 93
accept-ranges: bytes
x-amz-version-id: null
x-nginx-request-id: 2f51db100321bece

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 12 KB
4 KB 323ms
322ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?dl=https%3A%2F%2Fwww.newsru.com%2F&date=2021-11-16T03%3A59%3A58.236%2B00%3A00&pd=16&pdh=1200&pdw=1600&pr1=3621538143&pr=965653690&prr=&pv=3&pw=2&extid_loader=MTYzNzAzNTE5ODY2Nzc0ODg2OA%3D%3D&extid_tag_loader=www.newsru.com&ylv=0.48699&ybv=0.48699&ytt=313910569863189&is-turbo=0&skip-token=&ad-session-id=3979701637035197501&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A310%2C%22h%22%3A0%2C%22width%22%3A310%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A1105%2C%22top%22%3A796%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A4%2C%22ad_no%22%3A3%7D&enable-flat-highlight=1&pcode-version=48699&availableWidth=310&availableHeight=0&p1=cettx&p2=gkow&slotNumber=2&bids=W3siY2FtcGFpZ25faWQiOjg5NDAyMiwicmVzcG9uc2VfdGltZSI6NTg1LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMTEwMjI2MiJ9LHsiY2FtcGFpZ25faWQiOjc3MjM3OCwicmVzcG9uc2VfdGltZSI6NjU2LCJlcnJvciI6eyJjb2RlIjoxfSwicGxhY2VtZW50X2lkIjoiMzY3NTk1In0seyJjYW1wYWlnbl9pZCI6MTExOTYzMiwicmVzcG9uc2VfdGltZSI6NjcsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiJQbFR2YlA5Q1B6T1d0Q1F3MjAzcSJ9LHsiY2FtcGFpZ25faWQiOjEwNDg2MDUsInJlc3BvbnNlX3RpbWUiOjY1OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjI2ODk2NTgifSx7ImNhbXBhaWduX2lkIjoxNDE1OTE0LCJyZXNwb25zZV90aW1lIjo2NiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjExNTUifSx7ImNhbXBhaWduX2lkIjoxNTg2Mjk5LCJyZXNwb25zZV90aW1lIjo3ODAsImVycm9yIjp7ImNvZGUiOjF9fV0%3D&utf8=%E2%9C%93&duid=MTYzNzAzNTE5ODY2Nzc0ODg2OA%3D%3D&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&use-server-side-rendering=1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&grab-orig-len=196&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&tga-with-creatives=1

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

cb77b68402021d9987257b50ee02421537be5dfe657544600a5985f832e98eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1637035198264981-1173758640840433441128138-production-app-host-man-pcode-63
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8145 143 B
222 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&h=120&slotname=newsru_new%2Fnewsru_new_1200x120_1-2020&adk=3007135905&adf=3028023672&pi=t.ma~as.newsru_new%2Fnewsru_n_&w=1200&lmt=1637035197&url=https%3A%2F%2Fwww.newsru.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035197202&bpp=21&bdt=213&idt=138&shv=r20211111&mjsv=m202111080101&ptt=5&saldr=sa&abxe=1&correlator=5374044276684&frm=20&pv=2&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=16&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1zTuk6epZf&p=https%3A//www.newsru.com&dtd=226

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 16 Nov 2021 03:37:41 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4758 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c07cbad7c86ddabcec6cb50b2af8e1a5834b9f756da43caae7fdb448b69383e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
kraken.rambler.ru/cnt/ 595 B
1 KB 157ms
55ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=395113&rid=1637035198.097-1993421701&tid=t1.395113.120391052.1637035198098&v=1.25.4&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Ca&aduid=e773f690-d747-439a-b0aa-b6e0e881991f&aduidsc=newsru.com&rn=721140605&bs=1600x1200&ce=1&rf&en=1&pt=NEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&fv&sv&lv&le=0&url=https%3A%2F%2Fwww.newsru.com%2F&eid=3872351981058146&stid=457649676_1637035198099&sn=1&sen=1&fid=pA8AAN9Js1ckWfw%2FAe2HGQA%3D&fip=pA8AAN9Js1fd%2ByoMAcwc2wA%3D
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: c1013e4091787b437f52fb25124f9423b33dd3b4e64993dc61c48dd0149dcde0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
x-srv: 0node0010.top100.rambler.tech
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
access-control-allow-headers: content-type
content-length: 595
server: nginx/1.19.4

GET
H2

200

1 Show response
mc.yandex.com/watch/37289910/
Redirect Chain

https://mc.yandex.com/watch/37289910?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.com/watch/37289910/1?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala...

350 B
757 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37289910/1?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A359928967292%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035958%3Aet%3A1637035198%3Ac%3A1%3Arn%3A995822800%3Arqn%3A1%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637035196761%3Ads%3A7%2C27%2C150%2C7%2C35%2C0%2C%2C301%2C5%2C%2C%2C%2C605%3Adsn%3A6%2C27%2C150%2C7%2C35%2C0%2C%2C302%2C5%2C%2C%2C%2C605%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035198%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr%2814%29ti%282%29

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ad92f5c99197b9a2eb07b115d8dfac511e27d7f199d1f3148e42417a79639a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 16-Nov-2021 03:59:58 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:58 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Tue, 16-Nov-2021 03:59:58 GMT
location: /watch/37289910/1?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A359928967292%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035958%3Aet%3A1637035198%3Ac%3A1%3Arn%3A995822800%3Arqn%3A1%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1637035196761%3Ads%3A7%2C27%2C150%2C7%2C35%2C0%2C%2C301%2C5%2C%2C%2C%2C605%3Adsn%3A6%2C27%2C150%2C7%2C35%2C0%2C%2C302%2C5%2C%2C%2C%2C605%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035198%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:58 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F8E7 327 KB
90 KB 46ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,700,500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c52d7da0dd617b6d70fe80b73a7eed7fb7a6f3ae158d0f12ef90c29b2687f48e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 02:08:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Nov 2021 03:59:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F8E7 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 04:22:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 16 Nov 2021 04:22:53 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F8E7 26 KB
10 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 17 Nov 2021 00:06:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8145
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
363 B

32ms
31ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Nov 2021 03:59:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Nov 2021 03:59:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Nov 2021 03:59:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C3C7 77 KB
26 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32656544403a1d76f269ed08ac57a44ee26b974033217abcb70d4d3c17af4196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1045 / 22 of 1000 / last-modified: 1637017603"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26686
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
54 B 79ms
78ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?hash=79298a8ae4eba2b8&pm=bmo&pxo=gnHjb5oHmvaV8nqRhi9bwkQI5U2qSTwGNd0AOq4O1h77Xs0zJC22Ur-oVbHBAuVGHAzLa4m7cUBWwPfx4rAVmmmd7GdopjQC-6omtlBxNRoTa27LmkZcdp1NnVUGMIJE3BeOepQ83rM-FoC2vNXYnWz1vAZPcEcGNkirfYs4ql77Cmn-LZsg&p5=goypl&rand=gkbpekc&sj=zAsX_PHqrrT0a021aIZMr9L9_WKrqTCDf1bgxE7KYfrkw5V16AiJGKEPw--Pkw%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettc&rqs=vuDpjR1cR3G-LJNhupxIhIPWrJee5-h5&rtb-si=b&p2=y

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 46ms
23ms Fetch
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 3293963201506329314
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C3C7 343 KB
116 KB 41ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 -F6pfjtqLzI2JPCgQBnw7HFQaioq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2
fonts.gstatic.com/s/notosansjp/v36/ Frame F8E7 13 KB
14 KB 39ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v36/-F6pfjtqLzI2JPCgQBnw7HFQaioq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef98d7d71b5b885f0c8088c6d276dd96507c90534b2ccd69ffb0fa22fcca754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 03:41:11 GMT
x-content-type-options: nosniff
age: 433127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:36:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 03:41:11 GMT

GET
H2 200 -F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.117.woff2
fonts.gstatic.com/s/notosansjp/v36/ Frame F8E7 9 KB
9 KB 47ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v36/-F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44bc6d9bb709bd9135740c51484cb5d96f7eb81dfdc2dca05dfa2d5a646d1e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 05:10:26 GMT
x-content-type-options: nosniff
age: 341372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9452
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:12 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 05:10:26 GMT

GET
H2 200 -F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2
fonts.gstatic.com/s/notosansjp/v36/ Frame F8E7 13 KB
13 KB 45ms
17ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v36/-F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7911b2cc1a9816ea0d6187854b864b12bd9c52636cd50e2c2e012651d6cc1a09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 21:21:02 GMT
x-content-type-options: nosniff
age: 369536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13516
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 21:21:02 GMT

GET
H2 200 -F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.119.woff2
fonts.gstatic.com/s/notosansjp/v36/ Frame F8E7 51 KB
51 KB 42ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v36/-F6pfjtqLzI2JPCgQBnw7HFQMisq1xVxjfp_dakBof6Bs-tb3ab2FNISVac.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:300,700,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a0112753abfe6efecc5d5d6149929d75a90d75e1d3dd352cb3948d1f754c684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:15 GMT
x-content-type-options: nosniff
age: 599263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52028
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:37:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:15 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/37289910/ 43 B
124 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37289910/1?page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A1%3Als%3A359928967292%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035958%3Aet%3A1637035198%3Ac%3A1%3Arn%3A1018718244%3Arqn%3A2%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637035196761%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035198&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
last-modified: Tue, 16-Nov-2021 03:59:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b4d5faace185b6cc7c652f1231c79688fa94c7c0808d3807ba0be1edd68615d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51359
x-xss-protection: 0
server: cafe
etag: 5483838102162788524
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 22ms
21ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd18f3a7890e41636b1e9c6a17d2e06640df0409606e2e51b2a0eb24eef2db18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9249
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
922 B 47ms
47ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=91013;u=https%3A//www.newsru.com/;st=1637035197290;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=a73a2d4a6f25b927;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1637035196761/////35/36/43/43/70/49/70/220/227/228/529/605/610/1773/1773/;ni=9.9//4g/0/0/;lvid=1637035198020%3A1637035198536%3A2%3A55c85b524a4b4300d3d59758048c132a;visible=true;_=0.5011612869350552;e=RT/load;et=1637035198535

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.newsru.com
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.newsru.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.newsru.com
access-control-allow-headers: *

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C3C7 248 B
275 B 19ms
18ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.newsru.com&callback=_gfp_s_&client=176990977&gpid_exp=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

eca75636b8b8d01468a138bf0b2f7b7e816848b50c042f37b0e2c2b47be938de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C3C7 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newsru.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C3C7 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsru.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C3C7 18 KB
8 KB 270ms
254ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3408548623133116&correlator=1526866088393750&output=ldjh&impl=fifs&eid=44752540%2C44754276%2C31063138&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211116&iu_parts=176990977%2CNewsrucom%2CNewsru_in_1200x120_bottom&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1200x120&cust_params=rate%3Drate_038&cookie=ID%3D2df11298d19732ee-22af7fc6b7cb004d%3AT%3D1637035197%3ART%3D1637035197%3AS%3DALNI_MYMD8kJ4iAweU0-T1DSRjcrt44pCA&cdm=www.newsru.com&bc=31&abxe=1&lmt=1637035198&dt=1637035198550&dlt=1637035198367&idt=142&frm=23&biw=1600&bih=1200&isw=1200&ish=120&oid=2&adxs=200&adys=1994&adks=3757111509&ucis=owk422fumm1t&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.newsru.com%2F&top=https%3A%2F%2Fwww.newsru.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x120&msz=1200x-1&ga_vid=2128953353.1637035197&ga_sid=1637035199&ga_hid=635822319&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

360c66be03b98da4b91b36d08416e505aaa0d6ecadbd676150d2bb4d635c58c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8318
x-xss-protection: 0
google-lineitem-id: 4971985104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138261951793
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsru.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C3C7 12 KB
9 KB 22ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

696ddd66938b1266bff922379c393a8e36c12f5d09f183f59329dc2897af8806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9374
x-xss-protection: 0

GET
H2 200 container.html Show response
0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD4C 6 KB
4 KB 69ms
16ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 16 Nov 2021 03:59:58 GMT
expires: Wed, 16 Nov 2022 03:59:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1457ms
1457ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 16 Nov 2021 04:00:00 GMT

POST
H2 200 jstracer Show response
an.yandex.ru/ 2 B
262 B 174ms
74ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/jstracer

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B4D0 77 KB
26 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666556ad166a083e88cc14d5ddc1848023a3757f887d5711ccaee0835f8b9cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1045 / 166 of 1000 / last-modified: 1637017603"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26690
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
18 B 87ms
85ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?pm=bmo&hash=50376647921ad537&duid=1637035198667748868&pxo=kVRp_KYo22881NZxs5RNKb5lCoWtJiGC_1XT0B-VrMscadAXDKZAUpTrSn7zG_7vhOWGBM1tN9X9bCB77IyD3HqV4nXPFc_jt0Cd5fggtj37U7-fnPHTEZQ-LCY5ELsxVm3csJZ9ysqvd7oLgKc8s0A4kYYWG6S7V_vl2ZuLloZAjRynF1G9&p5=gptyk&rand=gzozjlv&sj=9GbEsLvXDUKZ6UlOpC5zVu95xIHMC-BKqrfK7OuRrrwzlrFHpc0dzq2WU5wqgA%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettx&rqs=vjw7RKzrBnu-LJNhBMRQv_D9VVoCl30b&rtb-si=b&p2=gkow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame F8E7 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 20:48:16 GMT

GET
H2 200 AnyDesk_logo.INV.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/ Frame F8E7 5 KB
5 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/AnyDesk_logo.INV.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95adc8ae1875bb2049556316935185be09932b757738ffbcd88f83ed81bb1ae2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 74949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5267
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 12:11:52 GMT
server: sffe
date: Mon, 15 Nov 2021 07:10:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 07:10:49 GMT

GET
H2 200 Support_Photo_970x90.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/ Frame F8E7 4 KB
5 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10448485923385175383/Support_Photo_970x90.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e6a1e7832e66e4e4eebaff3efbf87418d3b11b7eebbad3587893312ba338352

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 74949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4595
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 12:11:52 GMT
server: sffe
date: Mon, 15 Nov 2021 07:10:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Nov 2022 07:10:49 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame C3C7 0
0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 6CCF 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 15 Nov 2021 06:55:30 GMT
expires: Mon, 29 Nov 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 75868
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 242ms
24ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newsru.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 243ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsru.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9182 0
53 B 18ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2861464200338808&output=html&adk=1812271804&adf=3025194257&lmt=1637035198&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.newsru.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637035198602&bpp=1&bdt=1613&idt=1&shv=r20211111&mjsv=m202111080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2df11298d19732ee-22af7fc6b7cb004d%3AT%3D1637035197%3ART%3D1637035197%3AS%3DALNI_MYMD8kJ4iAweU0-T1DSRjcrt44pCA&prev_slotnames=newsru_new%2Fnewsru_new_1200x120_1-2020&nras=1&correlator=5374044276684&frm=20&pv=1&ga_vid=2128953353.1637035197&ga_sid=1637035197&ga_hid=1874280386&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938&oid=2&pvsid=2197966097109481&pem=176&tmod=1735686786&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=24

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 16 Nov 2021 03:59:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_2021111101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B4D0 343 KB
115 KB 33ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117937
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B4D0 107 B
165 B 34ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.newsru.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B4D0 107 B
165 B 35ms
17ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.newsru.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B4D0 100 KB
27 KB 316ms
316ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3721594446919801&correlator=4447005873580911&output=ldjh&impl=fifs&eid=31063246&vrg=2021111101&ptt=17&sc=1&sfv=1-0-38&ecs=20211116&iu_parts=176990977%2CNewsrucom%2CNewsru_in_300x600_right&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&cust_params=rate%3Drate_048&cookie=ID%3D2df11298d19732ee-22af7fc6b7cb004d%3AT%3D1637035197%3ART%3D1637035197%3AS%3DALNI_MYMD8kJ4iAweU0-T1DSRjcrt44pCA&cdm=www.newsru.com&bc=31&abxe=1&lmt=1637035198&dt=1637035198828&dlt=1637035198579&idt=240&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=2&adxs=1110&adys=796&adks=2583521203&ucis=pwe0ontbn4k&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.newsru.com%2F&top=https%3A%2F%2Fwww.newsru.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=2128953353.1637035197&ga_sid=1637035199&ga_hid=1455235402&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

638ab3e8773a00f8b68fc29164c90c20bdfe5e0cf0bcc69a29068e597feffe22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27721
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.newsru.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B4D0 12 KB
9 KB 18ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

716a57aa371b2b19309ac735e559f4436fcf0b919ee17724bc12549eab0edd25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9374
x-xss-protection: 0

GET
H2 200 container.html Show response
387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49E3 6 KB
3 KB 32ms
17ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 16 Nov 2021 03:59:58 GMT
expires: Wed, 16 Nov 2022 03:59:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BAF 0
0 21ms
21ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXudTsP_h4NbIGcqia34Ty0kIfy0AGQjbsuYk8_mvVej44buPKslCRTB7ajZ1ILKsvm_kZ7WSZz4apRJg7LFpfUpyAVaYkMCFtnhKxrGn8SdUcQJMV0A9V5BPIsiM-k2dZA7RhwhQEcBOoqAiVeUr1T4_MjtCnazsy525H-yYGcAb4UQjp__nL_l1Nu0Yad3HX9uKz17f_aS57yyYAVnZhxNL1NtpKl6OvXc5PdLeykHTOg_lEqTaPWRQQlUwdhQnQaYCZfUcZwrdiCX41BNzW59lfuIRBlybXQ0j4BoHt94XhgQU_T_z6WkTYoce22ClfOKBHCmvQ0kx6KlodVKg&sig=Cg0ArKJSzAf6OTbigb_BEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 adfox-adx-stub.js Show response
yastatic.net/pcode/adfox/ Frame 6BAF 60 KB
15 KB 120ms
38ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/pcode/adfox/adfox-adx-stub.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15032
last-modified: Wed, 17 Mar 2021 06:04:30 GMT
server: nginx/1.17.9
etag: "21008573aeaf1ce20fdc2d49c53e692c"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Nov 2021 04:55:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BAF 119 KB
36 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
18 B 69ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?hash=d94e8616123a3a73&pm=bmv&pxo=gnHjb5oHmvaV8nqRhi9bwkQI5U2qSTwGNd0AOq4O1h77Xs0zJC22Ur-oVbHBAuVGHAzLa4m7cUBWwPfx4rAVmmmd7GdopjQC-6omtlBxNRoTa27LmkZcdp1NnVUGMIJE3BeOepQ83rM-FoC2vNXYnWz1vAZPcEcGNkirfYs4ql77Cmn-LZsg&p5=goypl&rand=djgqltv&sj=zAsX_PHqrrT0a021aIZMr9L9_WKrqTCDf1bgxE7KYfrkw5V16AiJGKEPw--Pkw%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettc&rqs=vuDpjR1cR3G-LJNhupxIhIPWrJee5-h5&rtb-si=b&p2=y&resp-time=487&creative-id=138261951793&google-width=1200&google-height=120

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 03:59:58 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B4D0 17 KB
6 KB 1185ms
1185ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 16 Nov 2021 04:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6BAF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bd6c9fa8de2f78a585b7cce05ee8f4b466fa6384725d1fa2bcffb861c86a91d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 6BAF 0
0

GET
H2 200 v2 Show response
an.yandex.ru/adfox/242477/getBulk/ 127 KB
35 KB 172ms
171ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/242477/getBulk/v2?availableHeight=120&availableWidth=1250&bids=W10%3D&date=2021-11-16T03%3A59%3A57.508%2B00%3A00&dl=https%3A%2F%2Fwww.newsru.com%2F&enable-flat-highlight=1&extid_loader=&extid_tag_loader=www.newsru.com&grab=dE5FV1NydS5jb20gOjog0KHQsNC80YvQtSDQsdGL0YHRgtGA0YvQtSDQvdC-0LLQvtGB0YLQuC4g0KTQvtGC0L4g0Lgg0LLQuNC00LXQviDQtNC90Y8uINCb0LXQvdGC0LAg0L3QvtCy0L7RgdGC0LXQuSDQsiDQoNC-0YHRgdC40Lgg0Lgg0LIg0LzQuNGA0LUK&grab-orig-len=196&is-turbo=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1250%2C%22h%22%3A120%2C%22width%22%3A1250%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A175%2C%22top%22%3A1994%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A2%2C%22ad_no%22%3A0%7D&p1=cettc&p2=y&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22451336%22%2C%22testId%22%3A%22454300%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22445452%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445452%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22445452%22%7D%5D%2C%22RMP_SEND_BEACON%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22433605%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22COMPRESS_FLAGS_MAP%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22438661%22%7D%5D%2C%22FIX_IMAGES_PROTOCOL%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22440194%22%7D%5D%2C%22SSR_HEADER_FORCE_ANSWER%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22441777%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22452299%22%2C%22testId%22%3A%22452299%22%7D%5D%2C%22WIDGET_IN_PCODE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22453466%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452163%22%7D%5D%2C%22SMART_MOSAIC_GRID%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440957%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22451333%22%7D%5D%2C%22COMBO_BLOCK_PRELOAD_INPAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448309%22%7D%5D%2C%22MOTION_BG%22%3A%5B%7B%22value%22%3A%22static%22%2C%22testId%22%3A%22444579%22%7D%5D%2C%22GLOBAL_SIZE_INFO%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22400735%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22451371%22%7D%5D%2C%22UNIFORMAT_BLACKLIST_DATA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22443406%22%7D%5D%2C%22PCODEVER%22%3A%5B%7B%22value%22%3A%2248699%22%2C%22testId%22%3A%22454757%22%7D%5D%2C%22SMART_BANNER_HIDEABLE_BUTTONS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22440126%22%7D%5D%7D&pcode-icookie=rwZgbqsSJGDuHf5jv09rXJzNnntr%2FmSTrgTLP83AYiwvonKBp8y%2FBeWX2ALokQvc5d2SCDZSaOhYjARA0uRLI9dkBF4%3D&pcode-test-ids=452299%2C0%2C8%3B453466%2C0%2C30%3B437233%2C0%2C0%3B452163%2C0%2C95%3B440957%2C0%2C96%3B451333%2C0%2C87%3B448309%2C0%2C10%3B444579%2C0%2C89%3B400735%2C0%2C56%3B451371%2C0%2C44%3B443406%2C0%2C91%3B454757%2C0%2C24%3B440126%2C0%2C-1%3B203222%2C0%2C83&pcode-version=48699&pd=16&pdh=1200&pdw=1600&pr=965653690&pr1=3999160790&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AposterCarousel&prr=&pv=3&pw=2&raw-smart-content=1&route=ssr&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&skip-token=&slotNumber=4&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&ssr-request=true&tga-with-creatives=1&use-server-side-rendering=1&utf8=%E2%9C%93&ybv=0.48699&ylv=0.48699&ytt=313910569863189&lvlfrom=20&rqs=vuDpjR1cR3G-LJNhupxIhIPWrJee5-h5&rtb-si=1&dmv=2&csl=&ad-session-id=3979701637035197501&rtb-answer-hash=8821810166244568299&usgn=AQuiBwGcxfzuLaGG83PAMJdqMoYrAV3P53UCVmtAJ2GX&resp-time=661

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1e7cefb13e5b0cddf4b0bb7739cbc9a997b3990c7babd091e1f2ab0a1da71cfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1637035199051583-1686959260037085029700291-production-app-host-man-pcode-122
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 16 Nov 2021 03:59:59 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 16 Nov 2021 03:59:59 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
66 B 76ms
76ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?hash=00a5a139382b13dc&pm=bmt&pxo=gnHjb5oHmvaV8nqRhi9bwkQI5U2qSTwGNd0AOq4O1h77Xs0zJC22Ur-oVbHBAuVGHAzLa4m7cUBWwPfx4rAVmmmd7GdopjQC-6omtlBxNRoTa27LmkZcdp1NnVUGMIJE3BeOepQ83rM-FoC2vNXYnWz1vAZPcEcGNkirfYs4ql77Cmn-LZsg&p5=goypl&rand=nbfqnps&sj=zAsX_PHqrrT0a021aIZMr9L9_WKrqTCDf1bgxE7KYfrkw5V16AiJGKEPw--Pkw%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettc&rqs=vuDpjR1cR3G-LJNhupxIhIPWrJee5-h5&rtb-si=b&p2=y

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 03:59:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 container.html Show response
387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6BE4 6 KB
3 KB 309ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 16 Nov 2021 03:59:58 GMT
expires: Wed, 16 Nov 2022 03:59:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 event
ads.adfox.ru/242477/ 0
18 B 83ms
83ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?pm=bmu&hash=4ef564d104c5e2b4&duid=1637035198667748868&pxo=kVRp_KYo22881NZxs5RNKb5lCoWtJiGC_1XT0B-VrMscadAXDKZAUpTrSn7zG_7vhOWGBM1tN9X9bCB77IyD3HqV4nXPFc_jt0Cd5fggtj37U7-fnPHTEZQ-LCY5ELsxVm3csJZ9ysqvd7oLgKc8s0A4kYYWG6S7V_vl2ZuLloZAjRynF1G9&p5=gptyk&rand=lqegheo&sj=9GbEsLvXDUKZ6UlOpC5zVu95xIHMC-BKqrfK7OuRrrwzlrFHpc0dzq2WU5wqgA%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettx&rqs=vjw7RKzrBnu-LJNhBMRQv_D9VVoCl30b&rtb-si=b&p2=gkow&resp-time=590

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 03:59:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 282022 Show response
mc.yandex.com/watch/ 331 B
438 B 52ms
52ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/282022?wmode=7&page-url=https%3A%2F%2Fwww.newsru.com%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1273394670529%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035959%3Aet%3A1637035199%3Ac%3A1%3Arn%3A439330704%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637035196761%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035199%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a18b23bd2556c47f90ea55c744533d1b93eaf94b363bb04a595d911caf5762c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 16-Nov-2021 03:59:59 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:59 GMT

GET
H2 200 y129
avatars.mds.yandex.net/get-direct/4576471/DjlvSzuimUl3t8gmvEsPUA/ 5 KB
5 KB 38ms
37ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4576471/DjlvSzuimUl3t8gmvEsPUA/y129
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0d082cfc76d9bf4f782281f3eb5b9dc17d6ce8f863418f83b2887b4343dca5f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Wed, 11 Aug 2021 14:14:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 5148
x-request-id: 34a012866ff679e1

GET
H2 200 x160
avatars.mds.yandex.net/get-direct/5313224/PGRBwB_XfkIsRXtF6xKLLQ/ 4 KB
5 KB 38ms
37ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5313224/PGRBwB_XfkIsRXtF6xKLLQ/x160
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 59c2214e3aceb8b44f55625332fda4155d68428d670a04d69a3e76505d3c0fef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Wed, 22 Sep 2021 10:44:24 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 4562
x-request-id: c63af91252108147

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/4384279/4Ir303V9_kFCmB1xdj6Y5Q/ 6 KB
7 KB 38ms
37ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4384279/4Ir303V9_kFCmB1xdj6Y5Q/wy150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 5f93e1c93295727e19455519835fe866723bc7e0a996206f8e7ca543686e32f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Wed, 03 Mar 2021 21:34:26 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 6450
x-request-id: f090ba727f3590e5

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/4733431/YiCre93Z5jXJ-CBKg2gadQ/ 9 KB
9 KB 38ms
38ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4733431/YiCre93Z5jXJ-CBKg2gadQ/wy150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 0c542296028ede8535d15bdb8a0ad8e276ca2183b9e40fd258a29445cbfa1e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Thu, 21 Oct 2021 15:08:00 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 9298
x-request-id: ebd3336e670b4c29

POST
H2 200 1 Show response
mc.yandex.com/watch/282022/ 43 B
85 B 47ms
46ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/282022/1?page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A476%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1273394670529%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035959%3Aet%3A1637035199%3Ac%3A1%3Arn%3A169719679%3Arqn%3A1%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637035196761%3Ads%3A7%2C27%2C150%2C7%2C35%2C0%2C%2C301%2C5%2C1773%2C1773%2C2%2C605%3Adsn%3A6%2C27%2C150%2C7%2C35%2C0%2C%2C302%2C5%2C1773%2C1773%2C2%2C605%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035199&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Tue, 16-Nov-2021 03:59:59 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:59 GMT

GET
H2 200 282022 Show response
mc.yandex.com/watch/ 43 B
73 B 47ms
47ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/282022?page-url=https%3A%2F%2Fwww.newsru.com%2F&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A1273394670529%3Ahid%3A491141834%3Az%3A0%3Ai%3A20211116035959%3Aet%3A1637035199%3Ac%3A1%3Arn%3A896371494%3Arqn%3A2%3Au%3A1637035198667748868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1637035196761%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1637035199%3At%3ANEWSru.com%20%3A%3A%20%D0%A1%D0%B0%D0%BC%D1%8B%D0%B5%20%D0%B1%D1%8B%D1%81%D1%82%D1%80%D1%8B%D0%B5%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8.%20%D0%A4%D0%BE%D1%82%D0%BE%20%D0%B8%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%B4%D0%BD%D1%8F.%20%D0%9B%D0%B5%D0%BD%D1%82%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B5%D0%B9%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B8%20%D0%B2%20%D0%BC%D0%B8%D1%80%D0%B5&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
last-modified: Tue, 16-Nov-2021 03:59:59 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.newsru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 03:59:59 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 8345 24 KB
7 KB 43ms
43ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.17.9
date: Tue, 16 Nov 2021 03:59:59 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 16 Nov 2051 10:33:55 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4758 42 B
108 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst82-vMR86DtaYegHp2r4zrwNsNGMqNsrJL_yoeXph7P2NjmHqlloi0RJ05PjQD9zs0mjgfmKQdXzkGpX0gjbieKCo5O0griS3s_3CZF9Wi-z25tXpuzA&sai=AMfl-YQl0mngp8VcillweXygqmiRqMM0byOIKb-Ib_bEPGf27blL0q_L5SCNU4xmPqcOssmZdN2USmHmBHws&sig=Cg0ArKJSzPIrHmKFQZd4EAE&id=lidar2&mcvt=1099&p=0,0,90,970&mtos=1099,1099,1099,1099,1099&tos=1099,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3007135905&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637035198124&rpt=174&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 8345 95 B
400 B 122ms
36ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 03:59:59 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Wed, 17 Nov 2021 03:59:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6BE4 2 KB
628 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 02:02:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 16 Nov 2021 03:59:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Nov 2021 03:59:59 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6BE4 1 KB
960 B 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 02:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 02:37:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6BE4 0
0 34ms
34ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChEqhviyTYbOjNLGO7_UPsciB2AakwJabZtWD3KLNDpOkstHrARABINSfuSdglfrwgYwHoAGMoYnxAsgBCakCm6xQUHOsej7gAgCoAwHIA5sEqgTXAU_Q3j4f64msKoMibKeUp6hzqXiZq9fnDw2SknnlwTKvev1ZiD5H8JA8wHe6CrRHHQerJuSYp6Z8vFc50HzVqgB0wCPUA_fgHNMPTGl7-Pk5MnratNmNOdXqCk3brBJI8S4Zy7r6BkenTP7r5cMStaQYwgGd-pB05abqAga899wBWEtzbDP_Cp8-ir8-pkXdfM_Eidp2_ghHqH9dbmppeNTn9BteKTwdpq8KFZHBfMLrIkem75f3i6pHhAiWyGac9NIf--QObnfXK6hwDqoLRYvhAANOjeNzwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBKAGLoAHq5ThpQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQxN9s0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQC0BUBgBcBshceChwIABIUcHViLTI4NjE0NjQyMDAzMzg4MDgY2cgc&sigh=GhFUmaqZ6Rw&uach_m=[UACH]&template_id=494
Requested by: Host: www.newsru.com
URL: https://www.newsru.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 6BE4 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 02:25:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 02:25:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6BE4 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:51:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 03:51:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 6BE4 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 03:37:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BE4 0
0 16ms
15ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSlF74I8HFsTmv37qndnd7cVmhNLZIUoWaVxCPRgCyKLcaj_Ov1ANazRl2AHzi8A3l8X7n_OyiMNioh_oTKgLcR1vUIaw
Requested by: Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BE4 119 KB
36 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Nov 2021 03:59:59 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 6BE4 27 KB
12 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FDFD 1 KB
845 B 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 15 Nov 2021 18:26:41 GMT
expires: Tue, 16 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 34398
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6BE4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cb77da5acdf1b74f6936e813297662b998a6222e417226a7777fed98aca2ca4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame FDFD 35 B
464 B 30ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECioi54EaoZiCu277h0piWU&google_cver=1&google_push=AYg5qPJcq4FnWPNl9lCB-QC3nGGxxVJcuAUeyIBzqEQoL3QZFdWr6ppOULt4DEy-CDAHjtwjnRbeLrWg6pBHTKHlbbKMYvFVA5Zl

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmJlRFZTMVQxTU1QRHg1&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma3...

170 B
232 B

18ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmJlRFZTMVQxTU1QRHg1&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma36Sw0z15opI-NCh99TnwlT4q6CJgHvH5E3ewkXvi_4lc2c3piBNGc

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Nov 2021 03:59:59 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TmJlRFZTMVQxTU1QRHg1&google_gid=CAESEHOpRyyRwiqPTMTJdQZpJ68&google_cver=1&google_push=AYg5qPIbn4ss7VaRjzy_XpdYcCXsRD56Ls9Z5JW_STTDma36Sw0z15opI-NCh99TnwlT4q6CJgHvH5E3ewkXvi_4lc2c3piBNGc
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJbBtzECabiJUEDiEF2F6PI&google_cver=1&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yj...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yjUGi_UrgMR2w

170 B
188 B

33ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yjUGi_UrgMR2w

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 16 Nov 2021 03:59:59 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKmtps-2MIYjuypIpVEZ8XgCgPKkaFVPYhmI6MMgr4zBWo9xbRQdg-EuCKTJ0xMzhTJKooXtNdW-aqIR5yjUGi_UrgMR2w
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 16 Nov 2021 03:59:58 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDWrqwFbGZRHobDT6C2EpaE&google_cver=1&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECV...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTAxMjY0MjExMzU4MzI0NQ%3D%3D&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECVw7ME...

170 B
232 B

26ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTAxMjY0MjExMzU4MzI0NQ%3D%3D&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECVw7MEZkvQhNLpw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAzMTAxMjY0MjExMzU4MzI0NQ%3D%3D&google_push=AYg5qPJWIQsSNVqpX8ZMAvh3AA7RjMHtH1H06fVY62DiZXIBBTMEkqcVG6nwHxbGuG9HbfSPsY2ZFLPKJyvECVw7MEZkvQhNLpw
Date: Tue, 16 Nov 2021 03:59:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGG1WTSeHxLR4PVlTo4twnU&google_cver=1&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxb...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fg3IVgRvQ36f24aCANT52w2&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxbJFE7GSPRnNAE

170 B
329 B

28ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fg3IVgRvQ36f24aCANT52w2&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxbJFE7GSPRnNAE

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 Nov 2021 03:59:59 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=fg3IVgRvQ36f24aCANT52w2&google_push=AYg5qPKT7LFKa2ds-A-TDsd83KXHFrHFRv_vi_e2cYxtY6L4tHOzCqCMu_lM5LORMkc5FIh07kyspcX0-tUHKbxbJFE7GSPRnNAE
x-host: tde-deliveryengine-production-55f754bb97-g4lnc
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEE-LBwcxzLrigWeEbsFnokE&google_cver=1&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJ...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEE-LBwcxzLrigWeEbsFnokE&google_cver=1&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJ...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=VpHr-aomMrVP8-Y3ZjFdhQ&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLM...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=VpHr-aomMrVP8-Y3ZjFdhQ&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLMG7fooTzMj7p4yMbYGo0

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 16 Nov 2021 03:59:59 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=VpHr-aomMrVP8-Y3ZjFdhQ&google_push=AYg5qPJINXQOo6O0MFpcTvS7T7J7Zb21pVeCRld6AUzlQKbcMyFe0YE5bdIaJo5CnWM17rfyU1uLD9LLMG7fooTzMj7p4yMbYGo0
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET

pixel
cm.g.doubleclick.net/ Frame FDFD
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESECPDhoduuJmW6kHgsjXAogA&google_cver=1&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkz...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESECPDhoduuJmW6kHgsjXAogA&google_cver=1&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJne...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJn...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FDFD 0
232 B 66ms
15ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KVoA60-iuQNJDbD8Za4n_Rh5-ptnT5rllyzNf5A3PpdCKRYKXVWb-Dex2UALpCUW9n01Ns

Requested by

Host: 387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
URL: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 03:59:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 6BE4 20 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 00:10:26 GMT
x-content-type-options: nosniff
age: 359373
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 00:10:26 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6BE4 30 KB
30 KB 60ms
19ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRScCpV-K-P100lNdPpPUBZebGl83bVyDkKLIBt44J8zrrKZx8xGEiFNA6iNw&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e9c054e74b15ca6d6a7635a1edb5b7d820619d436856097a9e607d20178ed73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 12:21:04 GMT
x-content-type-options: nosniff
age: 401935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30871
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 02:24:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Nov 2022 12:21:04 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6BE4 30 KB
31 KB 50ms
10ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQpGSxQl0_ik_SrEs4K18GAdGS0JfUP2UrxdJB3C6ObEdo8fmY&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65d7e90b1b37443d78bb14263449fbf740f195a51ecfb70463a5153af827a025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 21:24:09 GMT
x-content-type-options: nosniff
age: 23750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30650
x-xss-protection: 0
last-modified: Sun, 26 Sep 2021 01:54:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 15 Nov 2022 21:24:09 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 6BE4 23 KB
23 KB 64ms
10ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRepQs2K2TYtW-EciY7QTxfNspdK66l4GwZKye6lo27i_Bon_8RgFNSNKV4LgQ&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

314ec1711f78a5fbb521c821d27106a4557b52045b4a7defb80c53380b988738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 14:29:51 GMT
x-content-type-options: nosniff
age: 307808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23227
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 07:31:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Nov 2022 14:29:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6BE4 19 KB
19 KB 52ms
12ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS1BdVfyDz6kdt7PtiV-hyC_523kQJBJuvxxPB6PaF__EKqs2nMCkt4ia4Wpg&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d655745fa3e50320b98546aa037e7c69f342ebefa7714a0c0b3e1226de03df02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:28:07 GMT
x-content-type-options: nosniff
age: 343912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19127
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 01:38:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Nov 2022 04:28:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 6BE4 13 KB
14 KB 48ms
8ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQXcRB43LHkhMqylvttbuqw9-FiL8QHLBi5YuswQ2T0JK7ekbFMHjiKSHntY1M&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10ac0428458b986ac95d46e08d5feb25facecac8ff08a58f1ba44010b7cdb839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 11:02:09 GMT
x-content-type-options: nosniff
age: 147470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13673
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 10:28:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 14 Nov 2022 11:02:09 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 6BE4 18 KB
18 KB 64ms
24ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTduMiJ6NVokGTYmOtHhZJPi1IcrPC1XIC9vBqHrnCEip1fV0p8IOJXFM0dHJY&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ab45287c22d1394efab075e54f50ca15836299191b4272becb9ab535cecbc92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 16:10:17 GMT
x-content-type-options: nosniff
age: 128982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17945
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 08:18:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 14 Nov 2022 16:10:17 GMT

GET
H2

200

14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 6BE4
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
https://tpc.googlesyndication.com/simgad/14978601946328591918

9 KB
9 KB

8ms
7ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14978601946328591918

Protocol

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:19:00 GMT
x-content-type-options: nosniff
age: 312059
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9527
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:51:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 13:19:00 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 11:57:20 GMT
x-content-type-options: nosniff
server: cafe
age: 57759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Dec 2021 11:57:20 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EADE 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 16 Nov 2021 02:57:56 GMT
expires: Wed, 16 Nov 2022 02:57:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4407 783 B
1001 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

75f73046e22c40e841d897e16354f5e26fd988e0698bbaa1b9d6a146dd9c463c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1MPU00OTUdz6xwfjOuaEmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 16 Nov 2021 04:00:00 GMT
date: Tue, 16 Nov 2021 04:00:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1MPU00OTUdz6xwfjOuaEmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7CDA 12 KB
5 KB 11ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 16 Nov 2021 02:57:56 GMT
expires: Wed, 16 Nov 2022 02:57:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D82 783 B
742 B 18ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

871cf51d13c57ea9df3fb5612cf663f2189ef317bd70d3cdd184d56af4ea8e70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8hk4+bPWFMguyZLgmdd++g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 16 Nov 2021 04:00:00 GMT
date: Tue, 16 Nov 2021 04:00:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8hk4+bPWFMguyZLgmdd++g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4407 0
0 19ms
19ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=2197966097109481&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D82 0
0 19ms
18ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111101&jk=3721594446919801&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame EADE 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 20:48:16 GMT

GET
H2 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CDA 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 20:48:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 20:48:16 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4D0 0
122 B 43ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111101&jk=3721594446919801&bg=!urmluf3NAAZQLpa_UC47ACkAdvg8WoYEUwuEJp6hNpHPvMhKB5xZfFBWxm6zaoaWfvc3iySnEdmEPAIAAADAUgAAAAtoAQcKACIccluzd4LA-Wp0Z_fWW0k57cBW-7F-h9gVhvbICtw3tLrdmQK-Y5Q1LUm-MAIibnaXvD1nmVD_C2rMiNC2gJjrkq8rR78Ld4xdNrD_mq6N3pFGKQqaKJe7pRBTL9BH6OAjf12EKi-_KRGxMtdhtt5fe0WW8Blq5a5t12tofdoCD0Lo4S_0pHDpLI1Ph8OO38X2-nUr6rPw0JTBbsw3H6wULpL3UZYR3tL4RrAAGI_6NDz_LxiNA49ZFqnvsHlyguok9Q3PtO3elrXLDlQHcx4uvWvr3a9imCNVNy0KO8fJDziElR2AVYkCkuW9ATGa4NHBM4AtxUFo3ZRwqIpyK3DhrDZ0pmBF42IDhc-bvU4zc4rLg7zdjTcyOduA9NADvi39Ntbvhq8nNNpaKZJdmDeMxbwtwOP0APiitoYgEcA7BVbZUdL_gpInNgXbn1JwI0zlcZYYgF88jHon8XzQbeb4-1WfiRV1VATZxP1GmYr1edQgEcQWNmUh-ZZFIuxyKRox1wrKJ4THj9Nt4r155KHtN729gNwpRQ3o0ykwuhJAkJMxYsXTnV88RrmRlCWZf68Mz4Q5gFKYP2EKWZzh21hRUd_s_F1dIuc1MSSNkaNEnfwKLvFeQHLtU9BNrOPCgZRmoMVVUz5AF-SSCtyMWxEBJObMLCmFPmPkemVxi39FxECPGVMqoCQeKucqA3PoF__aovCubp6aLAf9E-6WgygiGHFxIpIg4rxfGdm681O_42d2e37GGBT4iSHLMKZ4S9q__C2XQJTPNGPX5RG2q1SZ0JsgXEVeG6dg3nL9qDbCtwk93EKIOiV37Y6b1kh-uPduFJolb1bVeEKE7nxk12AAWulqTI9mieKcArQEv1nTavhfAHIjtJkLnnHtvnN-8hzrJqPz6aE52omU7G4kugFKvTqWp9zkbxU2H_VphKZzg96cUft4RuHT3sd_OKNeSJ9wgnaBydxNeNbtlLlpSPs_hyRG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
66 B 70ms
69ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?hash=1b43a7a787a728e8&pm=bmn&p5=kdham&rand=fngyojp&sj=3ukW7RrPd1BMOLRJLfG6AOCgcw9QrcnHi9vnuVN7-YREYb57trrRar24CzE3&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cpgpt&rqs=vhBAHNV5mwG-LJNhL4_7q_Pg9wTVSy4a&rtb-si=b&p2=gkow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 04:00:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
18 B 64ms
63ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?pm=bmp&hash=0c47904ce08a7100&duid=1637035198667748868&pxo=kVRp_KYo22881NZxs5RNKb5lCoWtJiGC_1XT0B-VrMscadAXDKZAUpTrSn7zG_7vhOWGBM1tN9X9bCB77IyD3HqV4nXPFc_jt0Cd5fggtj37U7-fnPHTEZQ-LCY5ELsxVm3csJZ9ysqvd7oLgKc8s0A4kYYWG6S7V_vl2ZuLloZAjRynF1G9&p5=gptyk&rand=rqceoz&sj=9GbEsLvXDUKZ6UlOpC5zVu95xIHMC-BKqrfK7OuRrrwzlrFHpc0dzq2WU5wqgA%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettx&rqs=vjw7RKzrBnu-LJNhBMRQv_D9VVoCl30b&rtb-si=b&p2=gkow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 04:00:00 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BE4 42 B
108 B 48ms
47ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9CEbDt2XsWKayaLAU0Q6mN_hunKIYuLx85ilvQK5kP_CRzv95Mgjs9ZRxKe6vkgeXQCSrFDrAuJUjCwUGl84IEiv3Xeto8M8SlciDs8hAwc6c28_zdg&sai=AMfl-YThQkO5NPv5go_lBg17hsarKwA-kkvvPgz7VQxVBIFvXzcndp9TPB8F7Fx9Z1UcD7limf1iM83d0umonKy1RNqY06-Pt2u1e4P5X15BQA6lmEYZCvDRNxYEfF0&sig=Cg0ArKJSzFl7Utt3LIfSEAE&cid=CAASF-RoPVH8oX3x_pIGNL9bV_v5p9MA-p0X&id=lidar2&mcvt=1003&p=796,1110,1396,1410&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&app=0&itpl=22&adk=2583521203&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637035199166&rpt=411&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
59 B 43ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=2197966097109481&bg=!s7ClsPTNAAZQLpa_UC47ACkAdvg8WkoWXH8r-rsPKKxu-AEumnDYQWUGQqyEVWJGOpc8SDeYcICoXwIAAADHUgAAABVoAQcKAGHdHwXLMQsHLdMepyQzPJrT0Je9Yw8PChgyCkCQT5N7z3-F6eqcUpXFjmCEuBn2P6kznjOxJhOLLxeA2TK98iHzJLodWJE27ywQrSpZtzqD-cWoZXJOcRAzIlt3Wfwt6IJomQK-8zNlqIaNfx81jG1SB7fSwt-z8MFpBPTkn26_ZR83tURHro8NDmFzjfkoaRQmkzsC-Gb-_LZZ4_DwI-Gt5VnGzPiPJBQVYmu-go2XmhkKY2YJ3ER1faveu9WyZTQKcqZ8DrZCQcJUvCHp31ymTpUJPKcuYQUzLI6ff2KaBsH-N_rFf-Lli_5HF5iVyYWSzpAp2u4Zs_QKv5_-nT_aXSNrga7FPloaj9PdEtiouxeoFCct0uBecMhN92xST6s5rqOCBPejnWfqmnuVfTVuQ5R78Gb2FEZqAsMtq3fk7kKKCPMWxKb9Ai63x__ztvV0GuKB2eckhF_ZrdzaCO3xq78_zcmIGQ6N2arS2ZRWByP2O6Wia1wCWD0oOd8I22smy6FqVs2Ad6wnQhsqgeIUCY_tilhIdo0-l9EpDkJSK-_Ra84T80kh09Lt6DdHnOttoISex0FNcubUucUIIX4iRhEoeKmE0JjTTwzrIJdKPkdAFzfssXi-1Vg3asRpX0ufSpRABCOIJS-XIYKu4DL6-XbpiyQFttzGZsfxr8L7Uv3Uy1dYglRi3e8eRtzu741xw4cxllk63x0Jm405Hj8UdlpXAR5jRv6qlOhKgn-OQA__Jz5mROwnqVOSHa0iDwCXGa0Ntr7heuJICSQes9HFDtkH9dsYW105q3C1Ew3IJA6x-lNVjqhMTA9xtzh3YJwTscJTxyZC-sZcvJbaQkZenYW7_AvYd5Z5_vjaOAZECmzqa4_RjI7OJMCk2Mt-8yWvGuNhYgjwKYGPgJReSmuxygJOOl_sVOzP_ZydySIj1TIRQfwtWly8qjAlNGhm6bP0KjfblZLc6F4qZXW53Z_NS7lfzyzlJCOixopBAEFOHt7z6SYzwhTc4DyBWTsXGJ2z1zTsk6ynYHu1oRhjs58Bn4QWEH9i_tu29wafwLuHpn_9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 8345 105 KB
37 KB 52ms
51ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: www.newsru.com
URL: https://www.newsru.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 18 Nov 2021 15:59:28 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: fa341c6f5c1cb70e

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 8345 130 KB
46 KB 86ms
85ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: br
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-b7ad"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 47021
expires: Tue, 16 Nov 2021 05:00:01 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 8345 403 B
845 B 102ms
102ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f2811ae003f8c055d1b3dcf3e60b5710d308a63fbd3fb4c4aba5db11523acf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 204 event
ads.adfox.ru/242477/ 0
66 B 75ms
74ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?pm=bmn&hash=2a54489b6a41b9a9&duid=1637035198667748868&pxo=kVRp_KYo22881NZxs5RNKb5lCoWtJiGC_1XT0B-VrMscadAXDKZAUpTrSn7zG_7vhOWGBM1tN9X9bCB77IyD3HqV4nXPFc_jt0Cd5fggtj37U7-fnPHTEZQ-LCY5ELsxVm3csJZ9ysqvd7oLgKc8s0A4kYYWG6S7V_vl2ZuLloZAjRynF1G9&p5=gptyk&rand=gsttljf&sj=9GbEsLvXDUKZ6UlOpC5zVu95xIHMC-BKqrfK7OuRrrwzlrFHpc0dzq2WU5wqgA%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettx&rqs=vjw7RKzrBnu-LJNhBMRQv_D9VVoCl30b&rtb-si=b&p2=gkow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 04:00:01 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 8345 37 KB
14 KB 50ms
21ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Nov 2021 04:00:01 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 8345
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSyTYfm6I4aC-gbS34_IBg...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928&ipr=y

42 B
108 B

44ms
20ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928&ipr=y

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1255246563&crd=&is_vtc=1&random=851671928&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 8345
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wSyTYfC8I8yh-gbTn4WwCA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871&ipr=y

42 B
108 B

45ms
20ms

Image
image/gif

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871&ipr=y

Protocol

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=898128836&crd=&is_vtc=1&random=2499902871&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 8345 167 B
266 B 47ms
46ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A9ezyymqkmizds872r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1277996509054%3Ahid%3A252724090%3Az%3A0%3Ai%3A20211116040001%3Aet%3A1637035202%3Ac%3A1%3Arn%3A347203541%3Arqn%3A1%3Au%3A1637035202662848376%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637035199408%3Ads%3A0%2C0%2C42%2C1%2C0%2C0%2C%2C15%2C0%2C60%2C60%2C0%2C60%3Adsn%3A0%2C0%2C43%2C0%2C0%2C0%2C%2C16%2C0%2C60%2C60%2C0%2C60%3Aco%3A0%3Ast%3A1637035202&t=gdpr()ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6165ed288b98b864dc7902bb74c4328035863b2c2e8ffd30a70bf12a03f2e814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 16-Nov-2021 04:00:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 04:00:01 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 8345 43 B
100 B 46ms
46ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 16 Nov 2021 04:00:01 GMT
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 16 Nov 2021 05:00:01 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 8345 2 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637035201645&cv=9&fst=1637035201645&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb6771de86115b370ff64a77ca1d6dde77b5e26f9fb01a506521ce8361d3f1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 8345 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637035201654&cv=9&fst=1637035201654&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6d758695db9de058c566b05d207de3f335503641cb297330f503527e0e3fa48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 8345 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1637035201660&cv=9&fst=1637035201660&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ad25efcb76bb06250e7e538f6a8d34c89968538d410079831967eb3ef570eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 8345 2 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1637035201662&cv=9&fst=1637035201662&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f2cce24dcc028f072ebe81a1c27565ebed0662f5c5fdce860f60b205e9efdfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1095
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 8345 350 B
381 B 52ms
48ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A9ezyymqkmizds872r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A2%3Adp%3A1%3Als%3A378104399107%3Ahid%3A252724090%3Az%3A0%3Ai%3A20211116040001%3Aet%3A1637035202%3Ac%3A1%3Arn%3A131045961%3Arqn%3A1%3Au%3A1637035202662848376%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1637035199408%3Ads%3A0%2C0%2C42%2C1%2C0%2C0%2C%2C15%2C0%2C60%2C60%2C0%2C60%3Adsn%3A0%2C0%2C43%2C0%2C0%2C0%2C%2C16%2C0%2C60%2C60%2C0%2C60%3Aco%3A0%3Arqnl%3A1%3Ast%3A1637035202%3At%3A&t=gdpr(6)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a56df98335055ad812600c1ef9e34f0b06e9296ca889dbe5ba009510f4712e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 16-Nov-2021 04:00:01 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 16-Nov-2021 04:00:01 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 8345 42 B
108 B 41ms
41ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1637035201645&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=3395642514&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 8345 42 B
108 B 45ms
28ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1637035201645&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=3395642514&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 8345 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1637035201654&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=2828684915&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 8345 42 B
108 B 38ms
21ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1637035201654&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=2828684915&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 8345 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1637035201660&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=2026617210&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 8345 42 B
108 B 36ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1637035201660&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=2026617210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 8345 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1637035201662&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=3255597900&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 8345 42 B
548 B 34ms
19ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1637035201662&cv=9&fst=1637035200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&async=1&fmt=3&is_vtc=1&random=3255597900&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event
ads.adfox.ru/242477/ 0
66 B 66ms
66ms Image
text/plain 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.adfox.ru/242477/event?pm=bmq&hash=e417eb77fd1b730f&duid=1637035198667748868&pxo=kVRp_KYo22881NZxs5RNKb5lCoWtJiGC_1XT0B-VrMscadAXDKZAUpTrSn7zG_7vhOWGBM1tN9X9bCB77IyD3HqV4nXPFc_jt0Cd5fggtj37U7-fnPHTEZQ-LCY5ELsxVm3csJZ9ysqvd7oLgKc8s0A4kYYWG6S7V_vl2ZuLloZAjRynF1G9&p5=gptyk&rand=fsnykri&sj=9GbEsLvXDUKZ6UlOpC5zVu95xIHMC-BKqrfK7OuRrrwzlrFHpc0dzq2WU5wqgA%3D%3D&ad-session-id=3979701637035197501&lts=fhuijsg&ytt=313910569863189&ybv=0.48699&ylv=0.48699&dl=https%3A%2F%2Fwww.newsru.com%2F&pr=ddhdpuo&p1=cettx&rqs=vjw7RKzrBnu-LJNhBMRQv_D9VVoCl30b&rtb-si=b&p2=gkow

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Nov 2021 04:00:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 04:00:03 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdfJSzMPh2Jd9GDSqnRl8De19llCK1DBPZtNKKzn9_inGZXh9KgoiT9Zjd2rj35eQc6UZm0rmZqG9TU-17qbya8tgvZTULL4zaL3XAgmoYJXxZfnrH&sig=Cg0ArKJSzCeEICQ9EsV_EAE&id=lidar2&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20211110&bin=7&avms=ns&bs=0,0&mc=0&app=0&itpl=19&adk=3757111509&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=2&r=u&rst=1637035198844&wmsd=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 22:45:21	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 22:45:21	Name: pcs3 Value: 1
.newsru.com/	1970-01-25 20:05:16	Name: NewsruID Value: 2aDyGWGTLLysXcnwIhHhAg==
.newsru.com/	1970-01-20 16:15:07	Name: _ga Value: GA1.2.2128953353.1637035197
.newsru.com/	1970-01-19 22:45:21	Name: _gid Value: GA1.2.1893193004.1637035197
.newsru.com/	1970-01-19 22:43:55	Name: _gat Value: 1
.www.newsru.com/	1970-01-19 22:44:38	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1637035197406],null,null,null,[]]
.criteo.com/	1970-01-20 08:05:31	Name: uid Value: 34453373-0ced-4f6a-9790-564ce31f84ab
.otm-r.com/	1970-01-20 07:29:31	Name: mpid Value: NjE5MzJjYmQwMzc2ZDE2Mg==
.newsru.com/	1970-01-20 06:43:26	Name: tmr_lvid Value: 55c85b524a4b4300d3d59758048c132a
.newsru.com/	1970-01-20 06:43:26	Name: tmr_lvidTS Value: 1637035198020
.betweendigital.com/	1970-01-20 07:29:31	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:29:31	Name: tuuid Value: 537383e9-328e-5140-b400-205ad5930ce4
.betweendigital.com/	1970-01-20 07:29:31	Name: ut Value: YZMsvgAAkIgVfA_zcJhMCJxqLKHv-dClDvTUjA==
.betweendigital.com/	1970-01-20 07:29:31	Name: ss Value: 1
.betweendigital.com/	1970-01-20 07:29:31	Name: unm Value: 1
.newsru.com/	1970-01-20 07:29:31	Name: _ym_uid Value: 1637035198667748868
.newsru.com/	1970-01-20 07:29:31	Name: _ym_d Value: 1637035198
.newsru.com/	1970-01-20 07:29:31	Name: top100_id Value: t1.395113.120391052.1637035198098
.newsru.com/	1970-01-20 22:43:55	Name: last_visit Value: 1637035198101::1637035198101
.newsru.com/	1970-01-20 07:29:31	Name: adtech_uid Value: e773f690-d747-439a-b0aa-b6e0e881991f%3Anewsru.com
.newsru.com/	1970-01-20 07:29:31	Name: t1_sid_395113 Value: s1.457649676.1637035198099.1637035198105.1.1.1
.newsru.com/	1970-01-19 23:27:07	Name: user-id_1.0.5_lr_lruid Value: pQ8AAL4sk2HcbR%2B4ARZicgA%3D
.mc.yandex.com/	1970-01-19 22:43:55	Name: sync_cookie_csrf Value: 557433527fake
.newsru.com/	1970-01-20 08:05:31	Name: cto_bundle Value: saNJ819mb3JkcThtcTVxdDgyVnRqaXZXS3RzUDZzNVVrNnBBNERKeFJzeGg5Z2p0RW56dllkN2ZuanZBWXM5ZlRHTHlWbW41bjRrcGZqMnBtZWRuTWVnR3c0cll5dE1DNEZsb1F5dUlzcEtZd1ZvdG1tM1dPeVJrRnM0UXNEdmVCdW5PQnFQRDZTa1JtVk5YYlU0a0VYd2o2MHclM0QlM0Q
.newsru.com/	1970-01-19 22:45:07	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 22:43:55	Name: sync_cookie_csrf Value: 3716682840fake
.yandex.com/	1970-01-20 07:29:31	Name: yandexuid Value: 4464184271637035198
.yandex.com/	1970-01-20 07:29:31	Name: yuidss Value: 4464184271637035198
.mc.yandex.com/	1970-01-19 22:45:21	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1397867081637035198
.yandex.com/	1970-01-23 14:19:55	Name: i Value: L/6r9kVNbPvjLK61AtXmYhebFawnclqLKYRXzgGS9POly7StW/EEr65s6wF9JC1H109R3NTKwgTCaKHqb02If6kEoD8=
.yandex.com/	1970-01-20 07:29:31	Name: ymex Value: 1668571198.yrts.1637035198#1668571198.yrtsi.1637035198
.doubleclick.net/	1970-01-19 22:43:58	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 08:05:31	Name: IDE Value: AHWqTUl_pK3-JT1zaWGLvVYdVHIu4iGiTs-wtbLb2CKYHaEIsD1uHKSNo6_sGN-4
.rambler.ru/	1970-01-25 20:05:16	Name: ruid Value: 1CIAAL4sk2EagvYZAbn6kAB=
.newsru.com/	1970-01-20 06:43:26	Name: tmr_reqNum Value: 2
.yandex.ru/	1970-01-23 14:19:55	Name: yandexuid Value: 8865032041637035198
.mail.ru/	1970-01-20 07:30:57	Name: VID Value: 332Xu90JyYY600000X12H426:::0-0-0-6ad857d:CAASEOofMPSpn-kGhhwkPHN-Uu0aYM72ANp51yWrT9JTB6W85UeINycKeMGqWOATmRm2hdKNqLoG-BZdbGgAFHkcQ6wcr2OUli42nTNBW7_vhtXr_QnZD_XStDe8VwT6_YqofU0q7fo8fhOQSEKHwjnYl-6tUQ
.newsru.com/	1970-01-20 08:05:31	Name: __gpi Value: 00000000-0000-0000-0000-000000000000
.newsru.com/	1970-01-20 08:05:31	Name: __gads Value: ID=2df11298d19732ee:T=1637035197:S=ALNI_MYirCFJVfq44h1TBZ_5sNWysDrnFw
.quantserve.com/	1970-01-20 00:53:31	Name: d Value: EGIBCQHeJIEA
.quantserve.com/	1970-01-20 08:14:09	Name: mc Value: 61932cbf-884c3-6fb5f-91b0e
.travelaudience.com/	1970-01-20 08:12:43	Name: _tracker Value: %7B%22UUID%22%3A%227E0DC856-046F-437E-9FDB-868200D4F9DB%22%7D
.adfarm1.adition.com/	1970-01-20 00:53:31	Name: UserID1 Value: 7031012642113583245
.w55c.net/	1970-01-20 08:12:43	Name: wfivefivec Value: NbeDVS1T1MMPDx5
.w55c.net/	1970-01-19 23:27:07	Name: matchgoogle Value: 5
.m6r.eu/	1970-01-19 22:43:58	Name: test Value: true
.mathtag.com/	1970-01-20 08:09:50	Name: uuid Value: 09356193-2cbf-4400-b5f8-a79610886681
.mathtag.com/	1970-01-19 23:27:07	Name: mt_mop Value: 4:1637035199
.360yield.com/	1970-01-20 00:53:31	Name: tuuid Value: 41cc3110-7138-4a73-b867-486c7f26238e
.360yield.com/	1970-01-20 00:53:31	Name: tuuid_lu Value: 1637035199
.m6r.eu/	1970-01-20 00:53:31	Name: cct Value: 1637035199648
.m6r.eu/	1970-01-20 00:53:31	Name: id Value: 5691ebf9aa2632b54ff3e63766315d85
www.newsru.com/	1970-01-19 22:45:21	Name: tmr_detect Value: 0%7C1637035200617
.yandex.ru/	1970-01-20 16:15:07	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:15:07	Name: is_gdpr_b Value: CObxWhCfURgB
.yandex.ru/	1970-01-20 16:15:07	Name: i Value: 3ZBuLT7V4sDsozy+r6h3QNblRpmMO3tw+PdwKkaDDfKQCnc2sO+nuoLnPT3X8cMpLLmpERBlpN4l2c5JJ8PMxgFOzfc=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.newsru.com/ Message: A preload for 'https://static.criteo.net/js/ld/publishertag.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://image.newsru.com/v2/99/2019/11/9/994ba893b7571b2f8f79425a7c45ffa7.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=QcwxEHE4SnO4Z0hsfyYjjg&google_push=AYg5qPKROrV_7FvUVLM_FVTAXV5xCe8S3fdjZERLHgCMevdQe96UTWyROiNaX9PthuSOcXxEwm9IpbV5BjT9FJneeL0tkzTEWr8 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://www.newsru.com/ Message: The resource https://static.criteo.net/js/ld/publishertag.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cdc499ea97cbdfaeb4ca7dacce13cf3.safeframe.googlesyndication.com
387e7d282a65cd4ebe0025e4bc49ee17.safeframe.googlesyndication.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.adfox.ru
ads.betweendigital.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
an.yandex.ru
avatars.mds.yandex.net
banners.adfox.ru
bidder.criteo.com
cdn.unblockia.com
cm.g.doubleclick.net
cms.quantserve.com
dsp.adfarm1.adition.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fonts.w.tools
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
image.newsru.com
kraken.rambler.ru
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
newsru.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
securepubads.g.doubleclick.net
st.top100.ru
static.criteo.net
static.newsru.com
sync.dmp.otm-r.com
sync.mathtag.com
top-fwz1.mail.ru
tpc.googlesyndication.com
tracking.m6r.eu
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.newsru.com
yandex.ru
yastatic.net
yhb.p.otm-r.com
ysa-static.passport.yandex.ru
cm.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
142.250.184.194
142.250.185.162
142.250.186.66
159.69.36.219
178.250.2.131
178.250.2.146
18.197.87.177
185.184.8.65
185.29.134.248
188.42.29.196
195.201.108.196
195.201.152.107
217.160.242.25
217.69.133.145
2606:4700:20::681a:786
2620:116:800d:21:f916:5049:f87f:108e
2a00:1148:db00::17
2a00:1450:4001:802::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a02:2638:1::13
2a02:2638:1::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::2:158
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
35.190.0.66
72.251.244.142
77.88.21.179
81.19.89.17
85.114.159.93
00bfe3ef6a07fbe78df9b045b6f0be57843bcc2424c8f9aca5e4bb626fe2f329
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
04e7e640212a5fbe2bb7b2df20fce16df86367854457c3cd9fca510ca9c067db
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
09100f419d1747ec30b591c5c7f5220497644f113b6319eaeb1c0f6421746ee8
0ab45287c22d1394efab075e54f50ca15836299191b4272becb9ab535cecbc92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c542296028ede8535d15bdb8a0ad8e276ca2183b9e40fd258a29445cbfa1e3d
0d082cfc76d9bf4f782281f3eb5b9dc17d6ce8f863418f83b2887b4343dca5f4
0d4e2c02c528be9ba1114144f169dc6e18245187a421473c21f5d919bca1cce9
0dcc43e44942bc047fed5ca6063c11ddeec9a20fa8692af37ea76c0f2e537c24
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10ac0428458b986ac95d46e08d5feb25facecac8ff08a58f1ba44010b7cdb839
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1ba407465532ef504d9b345519d197320d91d450fd146c273c73d1ae331fef6b
1cb77da5acdf1b74f6936e813297662b998a6222e417226a7777fed98aca2ca4
1e6531f2ac3b82aa0ac708b80bc8b9341b47e2d05967370db5f36e40706ee730
1e7cefb13e5b0cddf4b0bb7739cbc9a997b3990c7babd091e1f2ab0a1da71cfc
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2195f4a709f89f9119d6e8ec79a7b67779ad280e04b56a803aec10c6897fa7cf
24cb571cf74ba0bc1ef6383578e81591eabf6966bd611a21070619d3042ff900
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27dc9541b17e19e1649bba14d2706f8acec74bd8220509c29103804139bbf724
2b4d5faace185b6cc7c652f1231c79688fa94c7c0808d3807ba0be1edd68615d
2bdac7059f976c5ae07237845b35407b7dfd7fc6ca3a63e17426b8b8a6973b12
2d2ad11e3c1a0fd81bb085050d4b3170beab2964b5b848a5309a6343322e3898
2d8618e3d2de4948e82bbce7cd6e1cefb6d720a09adb2cae9ea3886785493a0e
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
314ec1711f78a5fbb521c821d27106a4557b52045b4a7defb80c53380b988738
32656544403a1d76f269ed08ac57a44ee26b974033217abcb70d4d3c17af4196
335904dd2766761950d0ef7b3a6f4df214ce63895b00f938b047c24ed14a5fdd
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
360c66be03b98da4b91b36d08416e505aaa0d6ecadbd676150d2bb4d635c58c7
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3e59e504a78595e9beb50f39e664ba3ecc625c6a74c1d59a98af47db8502dbaa
41d3f47283ac14c7d3ee7ea89e137ae84f688f4c336f4678650aa9e872914dd1
41dc37fef20ba677e22abd21b320e5fd3386f0aef9bfde0d47bd30ba854c7d02
421796b606a1de2413b4c712e20a430aeb1deb3a475f68c89a8a16021bf1ebb9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bc6d9bb709bd9135740c51484cb5d96f7eb81dfdc2dca05dfa2d5a646d1e0d
44e9c3b4343d0a2e4be10bde99c81dfeb30ea954b5dad157f26be7dd1945c1b0
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4820505ef4c6928975a37c04449d5306b7d22986f22cb2b2e26710a51a08650e
48b4c9a1763e10d48bda0e907232402875cec788f19c8149acdb67661205621b
493fdc95a3d3027dbf75c9d1c5cb276797726bae63501b35fd65f1f339eed07e
4a0112753abfe6efecc5d5d6149929d75a90d75e1d3dd352cb3948d1f754c684
4c735f002d5ca3a939fac95c54503c53600064db550470e8c6ef305264cf1c68
4c9f9038ef0cca8daea160666fcf23b0cc4fd3ba853dcd4494e8ec35e3a0c039
4e2f223ada4cc02f25c26713c9ac6d273edbf7a6d1c96260cd9000a985d0cf10
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
513c27d3f428f614a106036d5837fb4e4c9a5656b5c2bbafca9f38f4d039b7bb
51453bb7e5c8843ec8a8f0c99a5bdcfd8f04a078e6669f4f42e6121e59edd45e
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
53be8cda4f795c9e5cee704e099aba470f8bff79ee00db111f505fa550e6276e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
59c2214e3aceb8b44f55625332fda4155d68428d670a04d69a3e76505d3c0fef
59f53ebf6af9f60f8548541996f1729818ed5fd00c9ea408f2597b33ae8b419e
5bd6c9fa8de2f78a585b7cce05ee8f4b466fa6384725d1fa2bcffb861c86a91d
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d0aea97b090054846223242f0be691ac828271b85469f4905bbb0a7edd40fc4
5e9c054e74b15ca6d6a7635a1edb5b7d820619d436856097a9e607d20178ed73
5ef98d7d71b5b885f0c8088c6d276dd96507c90534b2ccd69ffb0fa22fcca754
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f93e1c93295727e19455519835fe866723bc7e0a996206f8e7ca543686e32f8
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
6165ed288b98b864dc7902bb74c4328035863b2c2e8ffd30a70bf12a03f2e814
638ab3e8773a00f8b68fc29164c90c20bdfe5e0cf0bcc69a29068e597feffe22
63ad6ebd649aeb766f1089106e21d8bbc606b6a7b26303e758a4c6e3f2475b38
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65d7e90b1b37443d78bb14263449fbf740f195a51ecfb70463a5153af827a025
666556ad166a083e88cc14d5ddc1848023a3757f887d5711ccaee0835f8b9cba
66a8f22977a88effa3d50b4af9e8f1ad9e763b3c8ed4dd0e79301d9839362b9c
66e4d99a41dfacc4d330782e70424d912233da06fa1dad1930c48dfef4ef839d
66f0d7e75191d5127e9183db724715525918e63eceff43f13805de611d0e3bc9
6950ecfeadc05f1f026d6b1f77ae5958538082bfa55061a4671757f62aec9b75
696ddd66938b1266bff922379c393a8e36c12f5d09f183f59329dc2897af8806
6e6a1e7832e66e4e4eebaff3efbf87418d3b11b7eebbad3587893312ba338352
716a57aa371b2b19309ac735e559f4436fcf0b919ee17724bc12549eab0edd25
736c0b56ca8074eac58e1db6bb3c7ede68d9bc2895c638fe6590445ef9c9e8eb
7462830597ada422407b3831aeff810640ec94450b49e86ec902a91302ec9209
75f73046e22c40e841d897e16354f5e26fd988e0698bbaa1b9d6a146dd9c463c
7911b2cc1a9816ea0d6187854b864b12bd9c52636cd50e2c2e012651d6cc1a09
7957d9078fdea4b9d26f8c0bb8eecddedad256040d5ce0cd3dfe7fd721fc0a3e
7a6f098788b4cfbdff0457fa0fa8757b3e632d3a6e1e89ee43ea916252c1eb57
7b2f026e4c5e9a5f0d7a55b24b621e2b21034474a72983a586f225c5d31476d6
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e4fe46c91b108fda3b8850eeea33c0cb308b8cfcc2ff0bba7153b988169733
871cf51d13c57ea9df3fb5612cf663f2189ef317bd70d3cdd184d56af4ea8e70
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b8577d5b368641279ea781029572045be6ff7b7b167810ba709c4c9ba63cadd
8d8ec99e4aa749b8aefbbeee1c1432688074d13d004bd509a8ea8c3be8a3c9c2
8d93d0dbfe10ef16d2fa89eb4fc32a6bfffaa583d974b77efd08c9a3d5ea0192
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
9238490ff59eebf4283786d469dcbf3ae51743fe0caae3d2479b935e54103818
93a4470766ec0c83b26b14c2d0faba6f3b8fbe8fd630279acd669add74b9522d
93ad25efcb76bb06250e7e538f6a8d34c89968538d410079831967eb3ef570eb
93c3e40d417ed74b60d65d209ba8d32fcd8d049cfe4c1ca1171e7bd9f9cb6b07
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
95adc8ae1875bb2049556316935185be09932b757738ffbcd88f83ed81bb1ae2
9629f65f4dcd409ad3eb59455fc6ebc6b312684f91717b5714af5340bc2e169d
964f53a38d323a4c0f99e7abec7691cfe6a6385647183eca2dc4a8c771560be1
98197447bcd8ffc1debcdb9f79dbaee594c977810c84d6c47dbbfe9a8caf53a9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c07cbad7c86ddabcec6cb50b2af8e1a5834b9f756da43caae7fdb448b69383e
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9f2cce24dcc028f072ebe81a1c27565ebed0662f5c5fdce860f60b205e9efdfe
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a18b23bd2556c47f90ea55c744533d1b93eaf94b363bb04a595d911caf5762c8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56df98335055ad812600c1ef9e34f0b06e9296ca889dbe5ba009510f4712e12
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7353c54f909300d55a6d3cc51dad2af6fc4cce0001481cdc306ae349153c27a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9344b5d5fb934d29bc90564495dfa0907ccd03b9a3cd8e0bd8fdc86da376463
a9f2c9c29481bb0e9fb4113f9b42dd5bf0e32188d03714b5d4bd45d2c9eeab24
ab5595cfaeed7d39ee807a6bf26dc9c55a2e94f5c44062ac8fcb8a39096d3af4
ac193a8ad99066fbac8f33d943f167d822059b72653fa78a3dc7c28c77efe89a
ad92f5c99197b9a2eb07b115d8dfac511e27d7f199d1f3148e42417a79639a66
b0e30220f4900b9a3b8b81f3864d8d24c16b4dd40e0a1fcff862a191586f66c9
b2e558bcfab549d25df285021ce7f148cc287fdd946e47d866e2ac5fe8e53a13
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b60a329d999b4dd94b4ba3e7796eb2b3cd2d3dd4846682ecb2907670932f2610
bacdde6723dfc88ec7d64af0a3bf9f37f95bc1d4e512632c59008f74783115de
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd18f3a7890e41636b1e9c6a17d2e06640df0409606e2e51b2a0eb24eef2db18
bebade447042fc47342aa32011abbbac142ef6f525a791a3f2c2048f8a9847d4
c1013e4091787b437f52fb25124f9423b33dd3b4e64993dc61c48dd0149dcde0
c52d7da0dd617b6d70fe80b73a7eed7fb7a6f3ae158d0f12ef90c29b2687f48e
c9c5e65a20fe5636dcce34272fd333e9eb5dea78a3200b2fb413a48e8c4a54c3
cb77b68402021d9987257b50ee02421537be5dfe657544600a5985f832e98eb1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8ca689a6a09147cef09399738442d3375f1f4eb83b884b808ff80ff6ba803b
ce40412e953e9261742bc0f6b8aa2e6bb5c49ed67d1ac7e7fca943ba910497b1
d0a55f813f217cd31a84e2f5fa69bfb1e600c3270d789183fd56b61e4da30e8e
d4371c9e0ed4f0ebf4c5968a8e5be80350e8b9eab8035d180e8476ac01ce1fa3
d655745fa3e50320b98546aa037e7c69f342ebefa7714a0c0b3e1226de03df02
e02fd678cf4516c95bb08a297e1db02d886761a9bb47edabea147402b15c0991
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5055b0b855794db7f5d9a061d21d6fcbc9d48421fd33d81540d79baf522a7c6
e51efc5d5c9cc06f166a6007aa09484cdabce61f6abe77b58241ffb56d51a623
e674ac3c45837ccd54a61a9b14b1765e9afecccc9e073fa7e5c5593f569d77c4
e6d758695db9de058c566b05d207de3f335503641cb297330f503527e0e3fa48
e7766d8ec3c369696ca136be22e294b0819dc06a6840c3434fcab95e49aa5e48
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
eca75636b8b8d01468a138bf0b2f7b7e816848b50c042f37b0e2c2b47be938de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2811ae003f8c055d1b3dcf3e60b5710d308a63fbd3fb4c4aba5db11523acf56
f4ffb8b1949b060bf5bd0ff48a853ee056f096fd92f9d03143122eedba88fe6d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb6771de86115b370ff64a77ca1d6dde77b5e26f9fb01a506521ce8361d3f1ee
fbbfdffbd103aaee59dde01d8f48523c98b0896a459f96ea0ebbf686afd7989e
ff312668f539bc638c88e9a2ef98c08c4e868217c9ba6e2a2e969631e08219aa

www.newsru.com Open in urlscan Pro 217.160.242.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

225 Requests

92 %HTTPS

60 %IPv6

31 Domains

57 Subdomains

43 IPs

8 Countries

2924 kBTransfer

6842 kBSize

58 Cookies

15 Outgoing links

Page URL History

Redirected requests

225 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.newsru.com Open in urlscan Pro
217.160.242.25 Public Scan

Screenshot
Live screenshot

Full Image

225
Requests

92 %
HTTPS

60 %
IPv6

31
Domains

57
Subdomains

43
IPs

8
Countries

2924 kB
Transfer

6842 kB
Size

58
Cookies

225 HTTP transactions
6 data transactions